private string EncodePassword(string password, PasswordFormatType passwordFormat, string key)
{
string encodedPassword = password;
if (password != null) // PasswordAnswer some times sends null to encode
{
switch (passwordFormat)
{
case PasswordFormatType.Clear:
break;
case PasswordFormatType.Hashed:
HMACSHA1 hash = new HMACSHA1();
//hash.Key = HexToByte(machineKey.ValidationKey);
hash.Key = Encoding.UTF8.GetBytes(key);
//encodedPassword =
// Convert.ToBase64String(hash.ComputeHash(Encoding.UTF8.GetBytes(password)));
encodedPassword = BitConverter.ToString(hash.ComputeHash(Encoding.UTF8.GetBytes(password))).Replace("-", string.Empty);
//System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile()
break;
case PasswordFormatType.Encrypted:
encodedPassword =
Convert.ToBase64String(EncryptPassword(Encoding.UTF8.GetBytes(password)));
break;
case PasswordFormatType.Otp:
break;
case PasswordFormatType.OtpMessage:
break;
default:
throw new UserRightException("Unsupported password format.");
}
}
return(encodedPassword);
}
private string DecodePassword(string password, PasswordFormatType passwordFormat, string key)
{
string pass = password;
switch (passwordFormat)
{
case PasswordFormatType.Clear:
break;
case PasswordFormatType.Encrypted:
pass =
Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
break;
case PasswordFormatType.Hashed:
throw new UserRightException("Cannot unencode a hashed password.");
default:
throw new UserRightException("Unsupported password format.");
}
return(pass);
}
/// <summary>
/// Method to check a password.
/// </summary>
/// <param name="password"></param>
/// <param name="passwordFormatType"></param>
/// <returns></returns>
public CheckPasswordResponse CheckPassword(string password, PasswordFormatType passwordFormatType = PasswordFormatType.Blake2b)
{
return CheckPassword(Encoding.UTF8.GetBytes(password), passwordFormatType);
}
/// <summary>
/// Method to check a password.
/// </summary>
/// <param name="password"></param>
/// <param name="passwordFormatType"></param>
/// <returns></returns>
public CheckPasswordResponse CheckPassword(byte[] password,
PasswordFormatType passwordFormatType = PasswordFormatType.Blake2b)
{
var request = new RestRequest("/CheckPassword/", Method.POST) { RequestFormat = DataFormat.Json };
var passwordRequest = new CheckPasswordRequest();
switch (passwordFormatType)
{
case PasswordFormatType.Cleartext:
passwordRequest = (new CheckPasswordRequest {Cleartext = Encoding.UTF8.GetString(password)});
break;
case PasswordFormatType.Blake2b:
passwordRequest = (new CheckPasswordRequest { Blake2b = Encoding.UTF8.GetString(password) });
break;
case PasswordFormatType.Sha512:
passwordRequest = (new CheckPasswordRequest { Sha512 = Encoding.UTF8.GetString(password) });
break;
}
// encrypt the request
request.AddBody(EncryptCheckPasswordRequest(passwordRequest));
// sign the request
request = AddHeaders(request);
try
{
var response = _restClient.Execute<EncryptedResponse>(request);
if (response.StatusCode == HttpStatusCode.OK)
{
var responseNonce = response.Headers.SingleOrDefault(h => h.Name.Equals("X-Nonce"));
var responsePublic = response.Headers.SingleOrDefault(h => h.Name.Equals("X-Public"));
var responseSignature = response.Headers.SingleOrDefault(h => h.Name.Equals("X-Signature"));
if ((responseNonce != null) && (responsePublic != null) && (responseSignature != null))
{
// validate the response signature
if (PublicKeyAuth.VerifyDetached(Utilities.HexToBinary(responseSignature.Value.ToString()), GenericHash.Hash(Utilities.HexToBinary(responseNonce.Value.ToString()), null, 64), Utilities.HexToBinary(ServerSignaturePublicKeyHex)))
{
return DecryptCheckPasswordResponse(response.Data);
}
}
}
}
catch (Exception)
{
}
return new CheckPasswordResponse();
}
public async Task <User> Register(string username, string password, string passwordConfirm, PasswordFormatType passwordFormat,
string firstName, string lastName, string phone, string email, bool isApproved, bool allowChangePassword, bool mustChangePassword, bool isLockedOut, string appName)
{
if (string.IsNullOrWhiteSpace(username))
{
throw new UserRightException(Resx.AppResources.InvalidUsernameException);
}
if (password != passwordConfirm)
{
throw new ApplicationException(Resx.AppResources.PasswordNotMachException);
}
if (string.IsNullOrWhiteSpace(email) || !new Regex(EmailRegularExpression).Match(email).Success)
{
throw new UserRightException(Resx.AppResources.InvalidEmailException);
}
if (string.IsNullOrWhiteSpace(phone) || !new Regex(PhoneRegularExpression).Match(phone).Success)
{
throw new UserRightException(Resx.AppResources.InvalidPhoneException);
}
if (string.IsNullOrWhiteSpace(password) || password.Length < MinRequiredPasswordLength)
{
throw new UserRightException(string.Format(Resx.AppResources.InvalidPasswordException, MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters));
}
int num = password.Where((t, i) => !char.IsLetterOrDigit(password, i)).Count();
if (num < MinRequiredNonAlphanumericCharacters)
{
throw new UserRightException(string.Format(Resx.AppResources.InvalidPasswordException, MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters));
}
if (!string.IsNullOrWhiteSpace(PasswordStrengthRegularExpression))
{
var regex = new Regex(PasswordStrengthRegularExpression);
if (!regex.Match(password).Success)
{
throw new UserRightException(string.Format(Resx.AppResources.InvalidPasswordException, MinRequiredPasswordLength, MinRequiredNonAlphanumericCharacters));
}
}
if (RequiresUniqueEmail)
{
var item = _dataManager.Get <User>(new { Email = email });
if (item != null)
{
throw new UserRightException(Resx.AppResources.DuplicateEmailException);
}
}
if (RequiresUniquePhone)
{
var item = _dataManager.Get <User>(new { Phone = phone });
if (item != null)
{
throw new UserRightException(Resx.AppResources.DuplicatePhoneException);
}
}
var u = _dataManager.Get <User>(new { Name = username });
if (u != null)
{
throw new UserRightException(Resx.AppResources.DuplicateUserNameException);
}
return(await Task.Run <User>(() =>
{
var user = new User()
{
Name = username,
FirstName = firstName,
LastName = lastName,
Password = EncodePassword(password, passwordFormat, username),
PasswordFormat = passwordFormat,
Phone = phone,
Email = email,
IsApproved = isApproved,
AllowChangePassword = allowChangePassword,
MustChangePassword = mustChangePassword,
IsLockedOut = isLockedOut,
AppName = appName
};
user.Id = _dataManager.Insert <User, long>(user);
if (SendActivationEmailAfterSignup)
{
SendCodeToUser(user, AuthCodeMessageType.Email, "قبض یار");
}
return user;
}));
}
public async Task <User> Register(string username, string password, string passwordConfirm, PasswordFormatType passwordFormat,
string email, bool isApproved, string appName)
{
return(await Register(username, password, passwordConfirm, passwordFormat, null, null, null, email, isApproved, true, false, false, appName));
}
