private static void HashAllPasswords(UsersRepository usersRepository, HashService hash)
{
foreach (var user in usersRepository.Users.Where(u => u.Temp == false))
{
if (string.IsNullOrEmpty(user.PasswordHash))
{
var passwordHash = hash.CreateMD5Hash(user.Password);
user.PasswordHash = passwordHash;
usersRepository.SaveUser(user);
Console.WriteLine(string.Format("Hashed password for {0}", user.Email));
}
}
}
static void Main(string[] args)
{
Console.WriteLine("Trackyt.net - upgrade for v.1.0.1.\nHash all user passwords.\n");
try
{
// repositories
var usersRepository = new UsersRepository();
// services
var hash = new HashService();
HashAllPasswords(usersRepository, hash);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
}
}
public void Should_Return_BadRequest_When_Update_And_Exception_Is_Thrown()
{
// Arrange
var userId = 1;
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(true).Object;
var fakeRepository = fakes.FakeUserRepositoryException().Object;
var hashService = new HashService();
var request = new UpdateUserRequest();
var expected = Responses.BadRequestResponse("Test Exception");
// Act
var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
var actual = service.Update(userId, request).Result;
// Assert
Assert.ThrowsAnyAsync <Exception>(() => service.Update(userId, request));
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
private void buttonSave_Click(object sender, EventArgs e)
{
var oldPassword = textBoxPassword.Text;
var newPassword = textBoxNew.Text;
var repeatPassword = textBoxRepeat.Text;
if (string.IsNullOrEmpty(oldPassword) || string.IsNullOrEmpty(newPassword) || string.IsNullOrEmpty(repeatPassword))
{
ErrorMessage("Не все поля заполнены");
return;
}
if (!_user.Password.Equals(HashService.Md4Hash(oldPassword)))
{
ErrorMessage("Неверно введен текущий пароль");
return;
}
if (!newPassword.Equals(repeatPassword))
{
ErrorMessage("Пароли не совпадают");
return;
}
if (_user.PasswordRestriction)
{
const string reg = @"^[^\s\d]*$";
if (!Regex.IsMatch(newPassword, reg))
{
ErrorMessage("Пароль не соответствует ограничению");
return;
}
}
//_user.Password = HashService.Md4Hash(newPassword);
_service.UpdatePassword(_user.Name, newPassword);
DialogResult = DialogResult.OK;
}
public void Should_Return_BadRequest_When_Register_And_Exception_Is_Thrown()
{
// Arrange
var fakes = new Fakes();
var fakeConfig = fakes.FakeConfiguration().Object;
var fakeUserRepository = fakes.FakeUserRepositoryException().Object;
var tokenService = new TokenService(fakeConfig);
var hashService = new HashService();
var request = fakes.Get <RegisterUserRequest>().First();
var expected = Responses.BadRequestResponse("Test Exception");
// Act
var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService);
var actual = service.Register(request).Result;
// Assert
Assert.ThrowsAnyAsync <Exception>(() => service.Register(request));
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public async Task <ActionResult <int> > Post([FromBody] UserRequest request)
{
var user = await _context
.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.Username.ToLower() == request.Username.ToLower());
if (user != null)
{
return(new BadRequestResult());
}
var salt = SaltGenerator.MakeSalty();
var hash = await HashService.HashPassword(request.Password, salt);
var result = _context.Users.Add(new User
{
Username = request.Username,
Firstname = request.Firstname,
Lastname = request.Lastname,
Password = hash,
Salt = salt,
Created = DateTime.UtcNow,
});
await _context.SaveChangesAsync();
var roles = await _context.Roles.Where(role => request.Roles.Contains(role.Name)).ToListAsync();
var userRoles = _context.UserRoles.AddRangeAsync(roles.Select(role => new UserRole
{
UserId = result.Entity.UserId,
RoleId = role.RoleId,
}).ToArray());
await _context.SaveChangesAsync();
return(result.Entity.UserId);
}
public void Setup()
{
_settings = new PlagiarismSettings()
{
Threshold = 0.6,
Configurations = new List <ComparisonConfig>
{
new() { SamplingWindow = 6, KGramLength = 3 },
new() { SamplingWindow = 8, KGramLength = 5 }
}
};
_hashService = new HashService();
_plagiarismService = new PlagiarismService(_settings, _hashService);
_functionsToCompare = new List <FunctionAggregate>(new[]
{
GetFunctionAggregate(
"var serviceProvider = new ServiceCollection().AddLogging().BuildServiceProvider();var factory = serviceProvider.GetService<ILoggerFactory>();"
)
});
_suspectedFunction = GetFunctionAggregate(
"var serviceProvider = new ServiceCollection().AddLogging().BuildServiceProvider();");
}
public void CheckUserPasswordTest()
{
var email = "*****@*****.**";
var userPass = "******";
var fakeUserVm = GetFakeUser(email);
var fakeUser = GetFakeUserViewModel(email);
var expected = new UserLoginResult()
{
Auth = true,
User = fakeUserVm
};
var fakeConn = new SqlConnection();
var connFactory = Substitute.For <IConnectionFactory>();
connFactory.GetConnection().Returns(fakeConn);
var sut = new MemberService(connFactory);
var userRepo = Substitute.For <IUserRepository>();
userRepo.GetUserByMail(fakeConn, fakeUserVm.Mail).Returns(fakeUser);
sut.SetUserRepository(userRepo);
var passRepo = Substitute.For <IPasswordRepository>();
passRepo.FindPasswordByUserId(fakeConn, fakeUserVm.Id).Returns(GetFakePassword());
sut.SetPasswordRepository(passRepo);
var hashTool = new HashService();
hashTool.SetAlgList("SHA512,SHA256");
hashTool.SetHashKey("i_am_security_key");
sut.SetHashTool(hashTool);
var actual = sut.CheckUserPassword(email, userPass);
expected.ToExpectedObject().ShouldEqual(actual);
}
public void Should_Return_User_When_GetUserById_With_Owner(int userId)
{
// Arrange
var fakes = new Fakes();
var loggedUserId = userId;
var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object;
var fakeRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var user = fakeRepository.GetById(userId).Result;
var response = fakes.Mapper.Map <UserResponse>(user);
var expected = Responses.OkResponse(null, response);
// Act
var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
var actual = service.GetUserById(userId).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new UserResponseComparer());
}
public async Task <IActionResult> Autenticar(AuthDTO auth)
{
// Criptografa a senha do DTO
var hashSenha = HashService.GerarHash(auth.Senha);
// Autentica o usuário
var usuario = await _context
.Usuarios
.FirstOrDefaultAsync(u => u.Email == auth.Email && u.Senha == hashSenha);
if (usuario == null)
{
return(NotFound());
}
// Gera as claims, token de autenticação e refresh token
var claims = GerarClaims(usuario);
var token = _geradorDeToken.GerarToken(claims);
var refresh = _geradorDeToken.GerarRefreshToken();
// Atualiza a tabela de usuários com o novo refresh token + data de expiração
await AtualizarUsuario(
usuario,
refresh,
DateTime.Now.AddDays(_config.DaysToRefresh));
// Determina a data de criação e expiração do token e ...
var dataCriacao = DateTime.Now;
var dataExpiracao = dataCriacao.AddMinutes(_config.MinutesToExpire);
// ... retorna o DTO com tudo OK
var resultado = GerarTokenDTO(
token,
refresh,
dataCriacao,
dataExpiracao);
return(Ok(resultado));
}
public void Should_Return_Forbidden_When_Update_Without_Authorization(int userId)
{
// Arrange
var fakes = new Fakes();
var loggedUserId = userId - 1;
var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object;
var fakeRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var request = fakes.Get <UpdateUserRequest>().First();
var expected = Responses.ForbiddenResponse(
"Não é possível atualizar informações de outro usuário");
// Act
var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
var actual = service.Update(userId, request).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public void Should_Return_NotFound_When_Delete_With_An_Incorrect_Id()
{
// Arrange
var logId = 9999;
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(true).Object;
var fakeRepository = fakes.FakeLogRepository().Object;
var fakeUserRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepository, hashService);
var expected = Responses.NotFoundResponse("Log não encontrado");
// Act
var service = new LogService(fakes.Mapper, fakeRepository, userService);
var actual = service.Delete(logId).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
protected string GetHashString(object value)
{
if (EnableCaching)
{
if (!_cache4Object2Hash.ContainsKey(value))
{
var hash = HashService.GetHashCode(value);
TraceService.VerboseFormat(0,
"GetHashString() - cold hit, adding value to cache:[{0}] -> [{1}]",
new object[] { value, hash },
null);
_cache4Object2Hash.Add(value, hash);
}
else
{
var hash = _cache4Object2Hash[value];
TraceService.VerboseFormat(0,
"GetHashString() - hot hit, returning value from cache:[{0}] -> [{1}]",
new object[] { value, hash },
null);
}
return(_cache4Object2Hash[value]);
}
else
{
var hash = HashService.GetHashCode(value);
TraceService.VerboseFormat(0,
"GetHashString() - hot hit, returning value from cache:[{0}] -> [{1}]",
new object[] { value, hash },
null);
return(hash);
}
}
public void CreateNewUser_ApiToken_Created()
{
// arrange
var usersRepository = new Mock <IUsersRepository>();
var forms = new Mock <IFormsAuthentication>();
var hash = new HashService();
var service = new AuthenticationService(usersRepository.Object, forms.Object, hash);
var users = new List <User>();
usersRepository.Setup(u => u.Users).Returns(users.AsQueryable());
usersRepository.Setup(u => u.Save(It.IsAny <User>())).Callback((User u) => users.Add(u));
// act
service.RegisterNewUser("*****@*****.**", "mypass");
// assert
Assert.That(users.Count, Is.GreaterThan(0));
var found = users.Find((u) => u.Email == "*****@*****.**");
Assert.That(found.ApiToken.Length, Is.EqualTo(32));
}
public void Should_Return_Forbidden_When_Delete_Without_Authorization(int logId)
{
// Arrange
var fakes = new Fakes();
var loggedUserId = 0; // Doesn't exist user with id 0
var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object;
var fakeRepository = fakes.FakeLogRepository().Object;
var fakeUserRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepository, hashService);
var expected = Responses.ForbiddenResponse(
"Não é possível deletar um log de outro usuário");
// Act
var service = new LogService(fakes.Mapper, fakeRepository, userService);
var actual = service.Delete(logId).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public void Should_Return_Log_When_GetLogById_With_Manager(int logId)
{
// Arrange
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(true).Object;
var fakeRepository = fakes.FakeLogRepository().Object;
var fakeUserRepo = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepo, hashService);
var log = fakeRepository.GetById(logId).Result;
var response = fakes.Mapper.Map <LogResponse>(log);
var expected = Responses.OkResponse(null, response);
// Act
var service = new LogService(fakes.Mapper, fakeRepository, userService);
var actual = service.GetLogById(logId).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new LogResponseComparer());
}
public void Should_Return_Forbidden_When_GetArchivedLogsByUserId_Without_Authorization(int userId)
{
// Arrange
var loggedUserId = userId - 1;
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object;
var fakeRepository = fakes.FakeLogRepository().Object;
var fakeUserRepo = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepo, hashService);
var expected = Responses.ForbiddenResponse(
"Não é possível obter logs de outro usuário");
// Act
var service = new LogService(fakes.Mapper, fakeRepository, userService);
var actual = service.GetArchivedLogsByUserId(userId).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public void Should_Return_Forbidden_When_Authenticate_With_Incorrect_Password()
{
// Arrange
var fakes = new Fakes();
var fakeConfig = fakes.FakeConfiguration().Object;
var fakeUserRepository = fakes.FakeUserRepository().Object;
var tokenService = new TokenService(fakeConfig);
var hashService = new HashService();
var request = fakes.Get <LoginUserRequest>().First();
request.Password = "******"; // Incorrect password
var expected = Responses.ForbiddenResponse("Email ou senha incorretos");
// Act
var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService);
var actual = service.Authenticate(request).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public void Should_Return_NotFound_When_Authenticate_With_Incorrect_Email()
{
// Arrange
var fakes = new Fakes();
var fakeConfig = fakes.FakeConfiguration().Object;
var fakeUserRepository = fakes.FakeUserRepository().Object;
var tokenService = new TokenService(fakeConfig);
var hashService = new HashService();
var request = fakes.Get <LoginUserRequest>().First();
request.Email = "*****@*****.**"; // Email that doesn't exists in test data
var expected = Responses.NotFoundResponse("Usuário não encontrado");
// Act
var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService);
var actual = service.Authenticate(request).Result;
// Assert
Assert.IsType <Response>(actual);
Assert.NotNull(actual);
Assert.Equal(expected, actual, new ResponseComparer());
}
public IHttpResponse PostLogin(IHttpRequest request)
{
var username = request.FormData["username"].ToString();
var password = request.FormData["password"].ToString();
var hashService = new HashService();
var cookieService = new UserCookieService();
var hashedPassword = hashService.Hash(password);
var user = this.Context.Users.FirstOrDefault(u => u.Username == username && u.HashedPassword == hashedPassword);
if (user == null)
{
return(new RedirectResult("/login"));
}
request.Session.AddParameter("username", username);
var userCookieValue = cookieService.GetUserCookie(username);
request.Cookies.Add(new HttpCookie("IRunes_auth", userCookieValue));
return(new RedirectResult("home/index"));
}
protected void Page_Load(object sender, EventArgs e)
{
var usuario = Session["UsuarioLogueado"] as Usuario;
if (usuario.Tipo != UsuarioTipo.WebMaster.ToString())
{
Response.Redirect("Login.aspx");
}
var logsServices = new LogServices();
var logs = logsServices.Get();
var hashServices = new HashService();
foreach (var log in logs)
{
var hash = hashServices.Hash(log.Tipo + log.Fecha + log.Email + log.Descripcion);
if (hash != log.Digito)
{
log.Corrompido = true;
}
}
GridView.DataSource = logs;
GridView.DataBind();
}
public async Task Validate <TEntity>(DigitoVerificadorTablasEnum tabla) where TEntity : Verificable, IEntityToDb, new()
{
(await new GenericRepository <TEntity>().GetAsync())
.Success(async x =>
{
var hasService = new HashService();
var codigoVerificador = hasService.Hash(string.Join("", x.Select(s => hasService.Hash(s.Hash))));
var digitoVerificadorRepository = new GenericRepository <DigitoVerificadorVertical>();
(await digitoVerificadorRepository.GetAsync(
new Parameters().Add(nameof(tabla), tabla.ToString())))
.Success(async verificadorVertical =>
{
var valid = verificadorVertical.First();
valid.Digito = codigoVerificador;
await digitoVerificadorRepository.UpdateDataAsync(valid);
})
.Error(async erros =>
{
await digitoVerificadorRepository.InsertDataAsync(new DigitoVerificadorVertical(codigoVerificador,
DigitoVerificadorTablasEnum.Concursos));
});
});
}
public void Should_Return_BadRequest_When_Get_And_An_Error_Happens()
{
// Arrange
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(true).Object;
var fakeRepository = fakes.FakeUserRepositoryException().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
// Act
var controller = new UserController(fakes.Mapper, userService);
var actual = controller.Get();
// Assert
Assert.NotNull(actual);
Assert.IsType <ObjectResult>(actual.Result);
var result = actual.Result as ObjectResult;
Assert.NotNull(result.Value);
Assert.Equal(400, result.StatusCode); // Bad Request
Assert.IsType <Response>(result.Value);
}
public void Should_Return_Forbidden_When_Get_Without_Manager()
{
// Arrange
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor().Object;
var fakeRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
// Act
var controller = new UserController(fakes.Mapper, userService);
var actual = controller.Get();
// Assert
Assert.NotNull(actual);
Assert.IsType <ObjectResult>(actual.Result);
var result = actual.Result as ObjectResult;
Assert.NotNull(result.Value);
Assert.Equal(403, result.StatusCode); // Forbidden
Assert.IsType <Response>(result.Value);
}
public static IServiceCollection AddDefaultModelsToStorage(this IServiceCollection services, IConfiguration config)
{
var hashService = new HashService();
var storage = new Storage(config.GetConnectionString("DbConnection"));
var roleRepository = storage.GetRepository <IRoleRepository>();
var userRepository = storage.GetRepository <IUserRepository>();
if (!roleRepository.Any())
{
roleRepository.CreateAsync(new Role()
{
Name = roleRepository.DefaultUserRole
});
roleRepository.CreateAsync(new Role()
{
Name = roleRepository.DefaultAdminRole
});
storage.Save();
}
var adminData = config.GetSection("Admin");
if (!userRepository.Any())
{
userRepository.CreateAsync(new User()
{
Nickname = adminData.GetValue <string>("Nickname"),
Email = adminData.GetValue <string>("Email"),
Password = Encoding.UTF8.GetString(hashService.GetHash(adminData.GetValue <string>("Password"))),
Role = roleRepository.GetAsync(roleRepository.DefaultAdminRole).Result
}).Wait();
storage.Save();
}
return(services);
}
public ActionResult CreateUser([Bind(Include = "IdEmployee,LoginUser,PasswordUser")] Employee employee)
{
Employee emp = db.Employee.Find(employee.IdEmployee);
int idUser = (int)Session["idUser"];
int idCompany = (int)Session["idCompany"];
using (var trans = db.Database.BeginTransaction())
{
try
{
Log log = new Log
{
Who = idUser,
EmployeeId = employee.IdEmployee,
New = "[CL]", //CREATE LOGIN,
CompanyId = emp.CompanyId
};
emp.LoginUser = employee.LoginUser;
emp.PasswordUser = HashService.HashPassword(employee.PasswordUser);
db.SaveChanges();
db.Log.Add(log);
db.SaveChanges();
trans.Commit();
TempData["confirm"] = "USER CREATED SUCCESSFU";
return(RedirectToAction("Index"));
}
catch
{
trans.Rollback();
ViewBag.error = "ERROR 500, TRAY AGAIN, IF THE ERROR PERSIST CONTACT THE SYSTEM SUPPLIER";
return(View(employee));
}
}
}
private async Task <Response <bool> > CallVarificables <TEntity>(DigitoVerificadorTablasEnum tabla,
Func <DigitoVerificadorVertical, string, Task <Response <bool> > > successCall,
Func <List <string>, Task <Response <bool> > > errorCall
) where TEntity : Verificable, IEntityToDb, new()
{
var returnValue = Response <bool> .Ok(true);
(await new GenericRepository <TEntity>().GetAsync())
.Success2(async x =>
{
var hasService = new HashService();
var codigoVerificador = hasService.Hash(string.Join("", x.Select(s => hasService.Hash(s.Hash))));
var digitoVerificadorRepository = new GenericRepository <DigitoVerificadorVertical>();
returnValue = (await digitoVerificadorRepository.GetAsync(
new Parameters().Add(nameof(tabla), tabla.ToString())))
.Success(async verificadorVertical =>
{
return(await successCall(verificadorVertical.First(), codigoVerificador));
})
.Error(async errors => { await errorCall(errors); });
return(returnValue);
});
return(returnValue);
}
public void Should_Return_Ok_When_GetUserById_With_Owner()
{
// Arrange
var userId = 1;
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(false, userId).Object;
var fakeRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
// Act
var controller = new UserController(fakes.Mapper, userService);
var actual = controller.GetUserById(userId);
// Assert
Assert.NotNull(actual);
Assert.IsType <ObjectResult>(actual.Result);
var result = actual.Result as ObjectResult;
Assert.NotNull(result.Value);
Assert.Equal(200, result.StatusCode); // Ok
Assert.IsType <Response>(result.Value);
}
public void Should_Return_NotFound_When_Delete_With_An_Incorrect_Id()
{
// Arrange
var userId = 999;
var fakes = new Fakes();
var fakeHttp = fakes.FakeHttpContextAccessor(true).Object;
var fakeRepository = fakes.FakeUserRepository().Object;
var hashService = new HashService();
var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService);
// Act
var controller = new UserController(fakes.Mapper, userService);
var actual = controller.Delete(userId);
// Assert
Assert.NotNull(actual);
Assert.IsType <ObjectResult>(actual.Result);
var result = actual.Result as ObjectResult;
Assert.NotNull(result.Value);
Assert.Equal(404, result.StatusCode); // Not Found
Assert.IsType <Response>(result.Value);
}
string ComputeHash(IDictionary <string, Tuple <PropertyInfo, object> > properties)
{
StringBuilder hashSet = new StringBuilder();
IHashService service = HashService.GetInstance();
foreach (KeyValuePair <string, Tuple <PropertyInfo, object> > kvp in properties)
{
object value = kvp.Value.Item2;
if (value == null)
{
continue;
}
string hashValue = Convert.ToString(value);
hashSet.AppendLine(service.ComputeHashValue(hashValue));
}
//Merkel tree???
string accumulatedHash = service.ComputeHashValue(hashSet.ToString());
return(accumulatedHash);
}
public async Task <ActionResult <int> > ResetPassword(int id, [FromBody] UserResetPasswordRequest request)
{
var user = await _context
.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.UserId == id);
if (user != null)
{
var salt = SaltGenerator.MakeSalty();
var newHash = await HashService.HashPassword(request.Password, salt);
var newUser = user with {
Password = newHash, Salt = salt
};
_context.Users.Update(newUser);
await _context.SaveChangesAsync();
return(new OkResult());
}
return(new BadRequestResult());
}
public void CreateNewStudent_NewStudent_NewStudentCreated()
{
//Arrange
PersonVM modelTest = new PersonVM()
{
LastName = "Green",
FirstMidName = "Harry",
Login = "******",
Password = "******",
ConfirmPassword = "******",
Role = "student"
};
//Ceci rend le test dependant de la methode GenerateSHA256String(string inputString) de la Classe HashService
string passwordTest = HashService.GenerateSHA256String(modelTest.Password);
//Act
authenticationBusinessToTest.CreateNewStudent(modelTest);
Student student = DBUtils.db.Students.SingleOrDefault(s => s.LastName == "Green" && s.FirstMidName == "Harry" && s.Login == "login1" && s.Password == passwordTest);
//Assert
Assert.IsNotNull(student);
}