public ActionResult ChangePassword()
{
PasswordChanger pass = new PasswordChanger();
pass.userId = (Session["user"] as user).id;
return(View(pass));
}
public void ConfirmPassDoesntMatchNewPass()
{
PasswordChanger Pass1 = new PasswordChanger();
String ConfirmPassword = "******";
String NewPassword = "******";
Pass1.ConfirmPass(NewPassword, ConfirmPassword);
Assert.AreEqual(0, Pass1.flag);
}
public void OldPassWrong()
{
PasswordChanger Pass1 = new PasswordChanger();
String OldPassword = "******";
String Password = "******";
String NewPassword = "******";
String ConfirmPassword = "******";
Pass1.ChangePassword(NewPassword, OldPassword, Password, ConfirmPassword);
}
public void OldPassEmpty()
{
PasswordChanger Pass1 = new PasswordChanger();
String OldPassword = "";
String Password = "******";
String NewPassword = "******";
String ConfirmPassword = "******";
Pass1.ChangePassword(NewPassword, OldPassword, Password, ConfirmPassword);
Assert.IsNull(Pass1.oldPassword);
}
public ActionResult ChangePassword(PasswordChanger obj)
{
try
{
user user = db.users.Where((x) => x.id == obj.userId).First();
string dbHash = user.password_hash;
user.password_hash = obj.oldPass;
AccountChecker check = new AccountChecker(user);
if (dbHash.Equals(check.CreateMD5Hash()))
{
if (obj.NewPass.Equals(obj.confirm))
{
user.password_hash = obj.NewPass;
check = new AccountChecker(user);
if (dbHash.Equals(check.CreateMD5Hash()))
{
ViewBag.Error = "Cтарый и новый пароль совпадают";
return(View(obj));
}
else
{
user.salt = check.GenerateSalt();
check = new AccountChecker(user);
user.password_hash = check.CreateMD5Hash();
db.SaveChanges();
ViewBag.Error = "Пароль изменен";
return(View(obj));
}
}
else
{
ViewBag.Error = "Новый пароль и подтверждение не совпадают";
return(View(obj));
}
}
else
{
ViewBag.Error = "Cтарые пароли не совпадают";
return(View(obj));
}
}
catch (Exception)
{
ViewBag.Error = "Случилась ошибка при обработке запроса";
return(View(obj));
}
}
static void Main(string[] args)
{
if (args.Length != 2)
{
PrintUsage();
return;
}
var username = args[0];
var password = args[1];
var credentialStore = new CredentialStore();
var passwordChanger = new PasswordChanger(credentialStore);
passwordChanger.ChangePasswordForUsername(username, password);
}
public void ChangePassword_ForUsernameMatchingStoredCredential_ShouldRequestsPasswordChangeForMatchingCredential()
{
var credentialStore = A.Fake <ICredentialStore>();
var testCredential = new TestCredential("username");
A.CallTo(() => credentialStore.ReadCredentials())
.Returns(new List <ICredential>
{
testCredential
});
var sut = new PasswordChanger(credentialStore);
sut.ChangePasswordForUsername("username", "new_password");
Assert.True(testCredential.PasswordWasChangedTo("new_password"));
}
public void ChangePassword_WithCaseInsensitiveMatch_ShouldChangePassword()
{
var credentialStore = A.Fake <ICredentialStore>();
var testCredential = new TestCredential("USERNAME");
A.CallTo(() => credentialStore.ReadCredentials())
.Returns(new List <ICredential>
{
testCredential
});
var sut = new PasswordChanger(credentialStore);
sut.ChangePasswordForUsername("username", "new_password");
Assert.True(testCredential.PasswordWasChangedTo("new_password"));
}
public void ChangePassword_WhenCredentialStoreHasNullTarget_ShouldNotChangePassword()
{
var credentialStore = A.Fake <ICredentialStore>();
var testCredential = new TestCredential(null);
A.CallTo(() => credentialStore.ReadCredentials())
.Returns(new List <ICredential>
{
testCredential
});
var sut = new PasswordChanger(credentialStore);
sut.ChangePasswordForUsername("username", "new_password");
Assert.True(testCredential.PasswordWasNotChanged());
}
public void ChangePassword_RequestsPasswordChange_ForAllMatchedCredentialsInStore()
{
var credentialStore = A.Fake <ICredentialStore>();
var testCredential1 = new TestCredential("match");
var testCredential2 = new TestCredential("match");
A.CallTo(() => credentialStore.ReadCredentials())
.Returns(new List <ICredential>()
{
testCredential1,
testCredential2,
new TestCredential("not matched")
});
var sut = new PasswordChanger(credentialStore);
sut.ChangePasswordForUsername("match", "new_password");
Assert.True(testCredential1.PasswordWasChangedTo("new_password"));
Assert.True(testCredential2.PasswordWasChangedTo("new_password"));
}
public void ChangePassword_RequestsPasswordChange_OnlyForMatchedCredentialInStore()
{
var credentialStore = A.Fake <ICredentialStore>();
var matchedCredential = new TestCredential("match");
var unmatchedCredentials = new TestCredential("not matched");
A.CallTo(() => credentialStore.ReadCredentials())
.Returns(new List <ICredential>()
{
matchedCredential,
unmatchedCredentials
});
var sut = new PasswordChanger(credentialStore);
sut.ChangePasswordForUsername("match", "new_password");
Assert.True(matchedCredential.PasswordWasChangedTo("new_password"));
Assert.True(unmatchedCredentials.PasswordWasNotChanged());
}
public void ChangeOwnPassword_returns_success_response_when_request_is_valid([Frozen] IPasswordPolicy policy,
[Frozen] IPasswordAuthenticationService authService,
[LoggedIn] User currentUser,
PasswordChanger sut,
PasswordChangeRequest request)
{
// Arrange
Mock.Get(authService)
.Setup(x => x.Authenticate(It.IsAny <IPassword>()))
.Returns(Mock.Of <CSF.Security.Authentication.IAuthenticationResult>(x => x.Success == true));
Mock.Get(policy)
.Setup(x => x.IsPasswordOk(request.NewPassword, currentUser))
.Returns(true);
request.ConfirmNewPassword = request.NewPassword;
// Act
var result = sut.ChangeOwnPassword(request);
// Assert
Assert.IsTrue(result.Success);
}
private void button1_Click(object sender, EventArgs e)
{
PasswordChanger PwdChgr = new PasswordChanger();
switch (PwdChgr.Change(textBoxCurrentPassword.Text, textBoxNewPassword.Text, textBoxConfirmNewPassword.Text))
{
case PasswordChangeResult.OK:
OnPasswordChangeOK();
break;
case PasswordChangeResult.CurrentPassworFail:
OnCurrentPassworFail();
break;
case PasswordChangeResult.ConfirmNewPasswordCompareFail:
OnConfirmNewPasswordErrorFail();
break;
default:
this.Close();
break;
}
}
public ActionResult Index([Bind(Include = "currentPassword,newPassword,confirmedNewPassword")] PasswordChanger changePassword)
{
if (ModelState.IsValid)
{
try
{
Account accnt = db.Accounts.Find((Session["account"] as Account).personId);
byte[] hash = SHA256Managed.Create().ComputeHash(Encoding.UTF8.GetBytes(changePassword.currentPassword));
StringBuilder currentPassword = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
currentPassword.Append(hash[i].ToString("X2"));
}
if (accnt.password == currentPassword.ToString())
{
hash = SHA256Managed.Create().ComputeHash(Encoding.UTF8.GetBytes(changePassword.newPassword));
StringBuilder newPassword = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
newPassword.Append(hash[i].ToString("X2"));
}
accnt.password = newPassword.ToString();
db.Entry(accnt).State = EntityState.Modified;
db.SaveChanges();
Session.Remove("account");
TempData["infoMsg"] = "Password successfully changed.";
return(RedirectToAction("", "Login"));
}
}
catch (Exception)
{
TempData["errMsg"] = "An unexpected error has occurred. Please try again later.";
}
}
ModelState.AddModelError("currentPassword", "Current password is not valid.");
return(View(changePassword));
}
/// <summary>
/// Changes password for a member/user given the membership provider and the password change model
/// </summary>
/// <param name="username"></param>
/// <param name="passwordModel"></param>
/// <param name="membershipProvider"></param>
/// <returns></returns>
public virtual Attempt <PasswordChangedModel> ChangePassword(string username, ChangingPasswordModel passwordModel, MembershipProvider membershipProvider)
{
var passwordChanger = new PasswordChanger(_logger, _userService, HttpContext);
return(passwordChanger.ChangePasswordWithMembershipProvider(username, passwordModel, membershipProvider));
}
public AccountController(LoginService loginService, RegisterService registerService, PasswordChanger passwordChanger)
{
this.loginService = loginService;
this.registerService = registerService;
this.passwordChanger = passwordChanger;
}
public void ChangeOwnPassword_returns_failure_result_if_new_passwords_do_not_meet_policy([Frozen] IPasswordPolicy policy,
[Frozen] IPasswordAuthenticationService authService,
[LoggedIn] User currentUser,
PasswordChanger sut,
PasswordChangeRequest request)
{
// Arrange
Mock.Get(authService)
.Setup(x => x.Authenticate(It.IsAny <IPassword>()))
.Returns(Mock.Of <CSF.Security.Authentication.IAuthenticationResult>(x => x.Success == true));
Mock.Get(policy)
.Setup(x => x.IsPasswordOk(request.NewPassword, currentUser))
.Returns(false);
request.ConfirmNewPassword = request.NewPassword;
// Act
var result = sut.ChangeOwnPassword(request);
// Assert
Assert.IsFalse(result.Success);
}
public void ChangeOwnPassword_stores_updated_password_when_when_request_is_valid([Frozen] IPasswordPolicy policy,
[Frozen] IPasswordAuthenticationService authService,
[LoggedIn] User currentUser,
[Frozen] IUserPasswordUpdater updater,
PasswordChanger sut,
PasswordChangeRequest request)
{
// Arrange
Mock.Get(authService)
.Setup(x => x.Authenticate(It.IsAny <IPassword>()))
.Returns(Mock.Of <CSF.Security.Authentication.IAuthenticationResult>(x => x.Success == true));
Mock.Get(policy)
.Setup(x => x.IsPasswordOk(request.NewPassword, currentUser))
.Returns(true);
request.ConfirmNewPassword = request.NewPassword;
// Act
sut.ChangeOwnPassword(request);
// Assert
Mock.Get(updater)
.Verify(x => x.ChangePassword(currentUser, request.NewPassword), Times.Once());
}
/// <summary>
/// Changes password for a member/user given the membership provider and the password change model
/// </summary>
/// <param name="username"></param>
/// <param name="passwordModel"></param>
/// <param name="membershipProvider"></param>
/// <returns></returns>
public virtual Attempt <PasswordChangedModel> ChangePassword(string username, ChangingPasswordModel passwordModel, MembershipProvider membershipProvider)
{
var passwordChanger = new PasswordChanger(_applicationContext.ProfilingLogger.Logger, _applicationContext.Services.UserService, UmbracoContext.Current.HttpContext);
return(passwordChanger.ChangePasswordWithMembershipProvider(username, passwordModel, membershipProvider));
}
private void passwordWorker_DoWork(object sender, DoWorkEventArgs e)
{
// Password changing function that runs in background without disrupting the GUI
int checkedCount = computersCheckBox.CheckedItems.Count;
int percentageInc = (100 / computersCheckBox.CheckedItems.Count);
int percentageCompleted = 0;
bool allAdmins = allAdminsRadio.Checked;
RemoteUserTableHandler rUserHandler = new RemoteUserTableHandler();
for (int i = 0; i < checkedCount; i++)
{
List <String> userAccounts = new List <String>();
String target = (String)computersCheckBox.CheckedItems[i];
if (allAdmins)
{
userAccounts = Utils.getRemoteAdmins(target);
}
else
{
userAccounts.Add("Administrator");
}
foreach (String username in userAccounts)
{
String newPassword = this.passwordGenerate();
PasswordChanger rc = new PasswordChanger(target);
RemoteUser rUser = new RemoteUser();
rUser.setSystemName(target);
rUser.setUsername(username);
if (rc.change(username, newPassword))
{//Successfully changed the password
rUser.setPassword(newPassword);
if (rUserHandler.exists(rUser))
{
rUserHandler.updatePassword(rUser);
}
else
{
rUserHandler.addUser(rUser);
}
}
else
{//Fails to chang the password
rUser.setStatus(rc.getError());
if (rUserHandler.exists(rUser))
{
rUserHandler.updateStatus(rUser);
}
else
{
rUserHandler.addUser(rUser);
}
}
}
percentageCompleted = ((i + 1) * percentageInc);
passwordWorker.ReportProgress(percentageCompleted);
if (passwordWorker.CancellationPending)
{
e.Cancel = true;
passwordWorker.ReportProgress(0);
return;
}
Thread.Sleep(100);
}
passwordWorker.ReportProgress(100);
}
