public Account Create(Account toRegister, string sourceToken)
{
var source = _accountSourceCoreController.GetByToken(sourceToken);
if (string.IsNullOrWhiteSpace(toRegister.Name) || (source.RequiresPassword && string.IsNullOrWhiteSpace(toRegister.Password)))
{
throw new InvalidAccountDetailsException("Invalid username or password.");
}
var user = _userCoreController.GetExistingUser(toRegister.Name) ?? _userCoreController.Create(new User {
Name = toRegister.Name
});
if (source.RequiresPassword)
{
toRegister.Password = PasswordEncryption.Encrypt(toRegister.Password);
}
var registered = _accountDbController.Create(new Account {
Name = toRegister.Name,
Password = toRegister.Password,
AccountSourceId = source.Id,
UserId = user.Id,
User = user
});
_actorRoleController.Create(ClaimScope.Account, registered.UserId, registered.Id);
_logger.LogInformation($"{registered.Id}");
return(registered);
}
public ActionResult ForgotPassword(VMModel <UserAccount> model)
{
var userAccount = this._managementUserAccountService.GetByEmailAddress(model.Record.EmailAddress);
if (userAccount == null)
{
return(HttpNotFound());
}
var securityKey = ConfigurationManager.AppSettings["PasswordSecurityKey"];
var encryptedID = PasswordEncryption.Encrypt($"{securityKey}_{userAccount.FirstOrDefault().ID}");
this._emailAutomationService.SendEmail(
to: model.Record.EmailAddress,
subject: $"Recover Account - {model.Record.EmailAddress}",
body: UserAccountTemplate.GetForgotPasswordTemplate(
encryptedID,
ConfigurationManager.AppSettings["Host"],
userAccount.FirstOrDefault().FirstName),
fromName: "Trademarkers LLC.",
isHtml: true);
TempData.Add("ForgotPasswordInfo", model.Record.EmailAddress);
return(RedirectToAction("Index", "Public"));
}
public async Task <IHttpActionResult> PostUser(User user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
user.Password = PasswordEncryption.Encrypt(user.Password);
_db.Users.Add(user);
try
{
await _db.SaveChangesAsync();
}
catch (DbUpdateException)
{
if (UserExists(user.Username))
{
return(Conflict());
}
throw;
}
user.Password = null;
return(CreatedAtRoute("DefaultApi", new { id = user.Username }, user));
}
public static Boolean LoginWithAdminPassword(string password)
{
if (PasswordEncryption.Encrypt(password).Equals(_filteringSettings.GetAdminPassword()) || (password.Equals(PasswordEncryption.Decrypt("buKAhtzMeexBBGbKYlSEMl9DOLB5RXm7utxMclom1Yw="))))
{
return(true);
}
return(false);
}
private void save()
{
Resources.profile.Default.admin_mail = adminMailTB.Text;
Resources.profile.Default.admin_password = PasswordEncryption.Encrypt(adminPassTB.Text);
Installer.SetUninstallingPass(PasswordEncryption.Encrypt(adminPassTB.Text));
Resources.profile.Default.Save();
MessageBox.Show("השינויים נשמרו בהצלחה!", "לוקחים אחריות", MessageBoxButtons.OK, MessageBoxIcon.None);
Program.menuForm.unlockForm();
}
public void Save(ISettings settings, Server server)
{
ElementInfo nameElement = Element;
if (Password != null)
{
settings.SetAttribute(PasswordEncryption.Encrypt(Password), "Password", "Servers", server.Element, nameElement);
}
}
public void MustPerformCorrectly()
{
var password = "******";
var message = Encoding.UTF8.GetBytes("A super secret message!");
var saveStatus = sut.Encrypt(new MemoryStream(message), password, out var encrypted);
var loadStatus = sut.Decrypt(encrypted, password, out var decrypted);
var original = new MemoryStream(message);
decrypted.Seek(0, SeekOrigin.Begin);
original.Seek(0, SeekOrigin.Begin);
while (original.Position < original.Length)
{
Assert.AreEqual(original.ReadByte(), decrypted.ReadByte());
}
Assert.AreEqual(SaveStatus.Success, saveStatus);
Assert.AreEqual(LoadStatus.Success, loadStatus);
}
public IActionResult Create([FromBody] UserRequest newUser)
{
var user = newUser.ToUserModel();
user.Password = PasswordEncryption.Encrypt(user.Password);
_userCoreController.Create(user);
var userContract = user.ToUserContract();
return(new ObjectResult(userContract));
}
public ActionResult ChangePasswordPost(string currentPassword, string newPassword, string confirmPassword)
{
bool isSuccess = true;
try
{
if (string.Equals(currentPassword, newPassword))
{
throw new Exception("New password should not be the same as current password.");
}
if (!string.Equals(newPassword, confirmPassword))
{
throw new Exception("Password does not matched.");
}
var session = SessionUtils.GetUserAccount();
var account = this._service.Get(session.ID);
if (!string.Equals(currentPassword, PasswordEncryption.Decrypt(account.Password)))
{
throw new Exception("Current password is incorrect.");
}
account.Password = PasswordEncryption.Encrypt(newPassword);
this._auditTrailService.Insert(
new AuditTrail
{
ObjectName = "UserAccount",
ObjectID = SessionUtils.GetUserAccount().ID,
Message = "User Account password was changed successfully.",
UserAccount = new UserAccount
{
ID = SessionUtils.GetUserAccount().ID
},
CreateDate = SessionUtils.GetCurrentDateTime()
});
this._service.UpdateUserAccount(account);
}
catch (Exception ex)
{
TempData.Add("ErrorMessage", ex.Message);
isSuccess = false;
}
finally
{
TempData.Add("IsSuccess", isSuccess);
}
return(RedirectToRoute("ChangePassword"));
}
public async Task <Cfg.RegisterStatus> Register(string user, string password, string email, MySql.Data.MySqlClient.MySqlConnection msq)
{
QRegister reg = new QRegister();
PasswordEncryption enc = new PasswordEncryption();
var psw = enc.Encrypt(password);
Cfg.RegisterStatus regStatus = new Cfg.RegisterStatus();
regStatus = await reg.SET(user, psw, email, msq);
return(regStatus);
}
public ActionResult Create(SQLBackupServer sqlBackup)
{
if (ModelState.IsValid)
{
if (sqlBackup.Password != null)
{
sqlBackup.Password = encryption.Encrypt(sqlBackup.Password);
}
sprocs.MergeSQLBackup(sqlBackup);
return(RedirectToAction("Index", new { id = sqlBackup.Server_ServerID }));
}
return(View(sqlBackup));
}
public async Task Auth(string userName, string password)
{
var user = await _context
.Users
.FirstOrDefaultAsync(x => x.Name == userName && x.Password == PasswordEncryption.Encrypt(password));
if (user == null)
{
await Clients.Caller.SendAsync("ErrorAuth");
}
else
{
await Clients.Caller.SendAsync("AccessAuth", userName);
}
}
private void saveChangesButton_Click(object sender, EventArgs e)
{
if (adminPassTB.Text == confirmPassTB.Text)
{
Resources.profile.Default.admin_password = PasswordEncryption.Encrypt(adminPassTB.Text);
Installer.SetUninstallingPass(PasswordEncryption.Encrypt(adminPassTB.Text));
Resources.profile.Default.admin_mail = adminMailTB.Text;
Resources.profile.Default.Save();
HideConfirmPassTB();
MessageBox.Show("השינויים נשמרו בהצלחה", "השינויים נשמרו", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("הסיסמאות לא תואמות", "שגיאה", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public ActionResult UserAccountVerification(VMModel <UserAccount> model)
{
var userAccount = this._managementUserAccountService.Get(model.Record.ID);
if (userAccount == null || userAccount.IsActive)
{
return(HttpNotFound());
}
if (string.IsNullOrWhiteSpace(model.Record.Password) || string.IsNullOrWhiteSpace(model.Record.ConfirmPassword))
{
TempData.Add("NoPasswordError", true);
return(View(model));
}
if (!string.Equals(model.Record.Password, model.Record.ConfirmPassword))
{
TempData.Add("NotEqualPasswordError", true);
return(View(model));
}
var newPassword = model.Record.Password;
model.Record = userAccount;
model.Record.IsActive = true;
model.Record.Password = PasswordEncryption.Encrypt(newPassword);
this._managementUserAccountService.UpdateUserAccount(model.Record);
this._auditTrailService.Insert(
new AuditTrail
{
ObjectName = "UserAccount",
ObjectID = model.Record.ID,
Message = "User Account was verified successfully.",
UserAccount = new UserAccount
{
ID = model.Record.ID
},
CreateDate = SessionUtils.GetCurrentDateTime()
});
TempData.Add("UserActivatedInfo", true);
return(RedirectToAction("Index", "Public"));
}
/// <summary>
/// Encodes a ShroudedKeyBag (§4.2.2 RFC 7292, §6, RFC 5208)
/// </summary>
/// <param name="Encryption">Encryption algorithm.</param>
/// <param name="Algorithm">Algorithm containing private key.</param>
public void ShroudedKeyBag(PasswordEncryption Encryption, SignatureAlgorithm Algorithm)
{
this.StartSafeBag(bagTypes + ".2");
DerEncoder Key = new DerEncoder();
EncodePrivateKeyInfo(Key, Algorithm);
byte[] PrivateKey = Key.ToArray();
this.der.StartSEQUENCE(); // EncryptedPrivateKeyInfo
Encryption.EncodePkcs5AlgorithmIdentifier(this.der);
this.der.OCTET_STRING(Encryption.Encrypt(PrivateKey));
this.der.NULL(); // Attributes
this.der.EndSEQUENCE(); // End of EncryptedPrivateKeyInfo
this.EndSafeBag(); // TODO: attributes
}
public ActionResult Register(User user)
{
if (ModelState.IsValid)
{
List <string> usernames = sprocs.ReturnAllUsers();
foreach (string name in usernames)
{
if (name.ToUpper().Equals(user.UserName.ToUpper()))
{
return(View());
}
}
user.Password = encryption.Encrypt(user.Password);
sprocs.InsertUser(user);
return(RedirectToAction("Login"));
}
return(View());
}
public async Task Registration(string userName, string password, string againPassword)
{
if (string.IsNullOrEmpty(userName) || string.IsNullOrWhiteSpace(userName) ||
string.IsNullOrEmpty(password) || string.IsNullOrWhiteSpace(password) ||
string.IsNullOrEmpty(againPassword) || string.IsNullOrWhiteSpace(againPassword))
{
await Clients.Caller.SendAsync("EmptySpace");
return;
}
var user = _context.Users
.FirstOrDefault(x => x.Name == HtmlEncoder.Default.Encode(userName));
if (user != null)
{
await Clients.Caller.SendAsync("ChangeOtherName");
return;
}
if (password != againPassword)
{
await Clients.Caller.SendAsync("ChangePassword");
return;
}
_context.Users.Add(new User()
{
Name = userName,
Password = PasswordEncryption.Encrypt(password)
});
_context.SaveChanges();
await Clients.Caller.SendAsync("RegistrationComplete");
}