public void CreateSaltKey_ReturnOthersSaltWithSpecificSize() { var size = 32; var salt1 = _encryptionService.CreateSaltKey(size); var salt2 = _encryptionService.CreateSaltKey(size); Assert.AreNotEqual(salt1, salt2); Assert.IsTrue(Convert.FromBase64String(salt1).Length.Equals(size)); Assert.IsTrue(Convert.FromBase64String(salt2).Length.Equals(size)); }
public ActionResult Create(AppUserViewModel model) { List <string> errors = new List <string>(); try { if (ModelState.IsValid) { if (model.Id == 0) { var dbModel = AutomapperConfig.Mapper.Map <AppUser>(model); EncryptionService encsvc = new EncryptionService(); dbModel.Salt = encsvc.CreateSaltKey(10); dbModel.Password = encsvc.CreatePasswordHash(model.Password, dbModel.Salt); dbModel.IsActive = true; dbModel.UserRoles.Add(new UserRole { RoleId = model.RoleId }); model.Id = db.AppUserRepo.Create(dbModel); } else { var oldmodel = db.AppUserRepo.GetById(model.Id); if (oldmodel == null) { Response.StatusCode = (int)HttpStatusCode.OK; return(Json(new { redirecturl = "/error/badrequest" })); } var role = db.UserRoleRepo.Table().Where(x => x.UserId == model.Id); db.UserRoleRepo.DeleteRange(role); var dbModel = AutomapperConfig.Mapper.Map <AppUser>(model); EncryptionService encsvc = new EncryptionService(); oldmodel.UserName = model.UserName; oldmodel.Password = encsvc.CreatePasswordHash(model.Password, dbModel.Salt); oldmodel.EmployeeId = model.EmployeeId; oldmodel.Photo = model.Photo; oldmodel.UserRoles.Add(new UserRole { RoleId = model.RoleId }); oldmodel.IsActive = model.IsActive; } db.SaveChanges(); Response.StatusCode = (int)HttpStatusCode.OK; TempData["Success"] = "User Successfully Saved"; return(RedirectToAction("Index")); } foreach (var item in ModelState.Where(x => x.Value.Errors.Any())) { errors.Add(item.Value.Errors.FirstOrDefault().ErrorMessage); } } catch (Exception ex) { errors.Add(ex.GetExceptionMessages()); } Response.StatusCode = (int)HttpStatusCode.SeeOther; return(View(model)); }
/// <summary> /// 修改密码 /// </summary> /// <param name="phone">手机号码</param> /// <param name="password">新密码</param> /// <param name="returnCode">返回码对象</param> /// <returns>user对象,根据codeMessage是否为空判断系统是否出错</returns> public Return ChangePassword(string phone, string password) { var resultReturn = new Return(); var userInfo = GetUserByPhone(phone); //该手机号码还没注册 if (userInfo == null) { resultReturn.ReturnCode.Code = 1996; return(resultReturn); } var salt = EncryptionService.CreateSaltKey(6); var saltPassword = EncryptionService.CreatePasswordHash(password, salt); userInfo.Password = password; userInfo.SaltPassword = saltPassword; userInfo.Salt = salt; db.Entry <User>(userInfo).State = EntityState.Modified; db.SaveChanges(); resultReturn.Content = userInfo; return(resultReturn); }
/// <summary> /// 修改密码 /// </summary> /// <param name="customerId">用户ID</param> /// <param name="password">新密码</param> /// <returns></returns> public Return ChangePassword(string customerId, string password) { var resultReturn = new Return(); var customerInfo = GetByCustomerId(customerId); //该手机号码还没注册 if (customerInfo == null) { resultReturn.ReturnCode.Code = 1996; return(resultReturn); } var salt = EncryptionService.CreateSaltKey(6); var saltPassword = EncryptionService.CreatePasswordHash(password, salt); customerInfo.Password = password; customerInfo.SaltPassword = saltPassword; customerInfo.Salt = salt; _db.Entry <Customer>(customerInfo).State = EntityState.Modified; _db.SaveChanges(); resultReturn.Content = customerInfo; return(resultReturn); }
public void TestSetup() { _securSettings = new SecuritySettings { EncryptionKey = "A9C7A8FA-BD16-445B-82BC-37730E683B10" }; _encryptionService = new EncryptionService(_securSettings); _salt = _encryptionService.CreateSaltKey(16); _dBcontext = new OpenFrameworkCoreContext(); }
public async Task <IActionResult> Register(User user) { EncryptionService service = new EncryptionService(); var saltkey = service.CreateSaltKey(EncryptionService.PasswordSaltKeySize); user.PasswordSalt = saltkey; user.Password = service.CreatePasswordHash(user.Password, saltkey, EncryptionService.DefaultHashedPasswordFormat); await RegisterUser(user); return(View()); }
private void HashDefaultCustomerPassword(string defaultUserEmail, string defaultUserPassword) { var encryptionService = new EncryptionService(new SecuritySettings()); var saltKey = encryptionService.CreateSaltKey(5); var adminUser = _ctx.Set <Customer>().FirstOrDefault(x => x.Email == _config.DefaultUserName); adminUser.PasswordSalt = saltKey; adminUser.PasswordFormat = PasswordFormat.Hashed; adminUser.Password = encryptionService.CreatePasswordHash(defaultUserPassword, saltKey, new CustomerSettings().HashedPasswordFormat); _ctx.SaveChanges(); }
private void HashDefaultUserPassword(string defaultUserEmail, string defaultUserPassword) { var adminUser = _ctx.Set <User>().Where(x => x.Email == _config.DefaultUserName).Single(); var encryptionService = new EncryptionService(new SecuritySettings()); string saltKey = encryptionService.CreateSaltKey(5); adminUser.PasswordSalt = saltKey; adminUser.PasswordFormat = PasswordFormat.Hashed; adminUser.Password = encryptionService.CreatePasswordHash(defaultUserPassword, saltKey, new UserSettings().HashedPasswordFormat); SetModified(adminUser); _ctx.SaveChanges(); }
/// <summary> /// 用户注册(根据UserId补充信息) /// </summary> /// <param name="userId">用户ID</param> /// <param name="phone">手机号码</param> /// <param name="password">登录密码</param> /// <param name="returnCode">返回码对象</param> /// <returns>user对象,根据codeMessage是否为空判断系统是否出错</returns> public Return Register(string userId, string phone, string password) { var resultReturn = new Return(); var userInfo = GetUserByUserId(userId); var salt = EncryptionService.CreateSaltKey(6); var saltPassword = EncryptionService.CreatePasswordHash(password, salt); userInfo.Phone = phone; userInfo.Password = password; userInfo.Salt = salt; userInfo.SaltPassword = saltPassword; userInfo.RegisterTime = DateTime.Now; db.Entry <User>(userInfo).State = EntityState.Modified; db.SaveChanges(); resultReturn.Content = userInfo; return(resultReturn); }
/// <summary> /// 用户注册(根据CustomerId补充信息) /// </summary> /// <param name="customerId">用户ID</param> /// <param name="phone">手机号码</param> /// <param name="password">登录密码</param> /// <returns></returns> public Return Register(string customerId, string phone, string password) { var resultReturn = new Return(); var customerInfo = GetByCustomerId(customerId); var salt = EncryptionService.CreateSaltKey(6); var saltPassword = EncryptionService.CreatePasswordHash(password, salt); customerInfo.Phone = phone; customerInfo.Password = password; customerInfo.Salt = salt; customerInfo.SaltPassword = saltPassword; customerInfo.RegisterTime = DateTime.Now; _db.Entry <Customer>(customerInfo).State = EntityState.Modified; _db.SaveChanges(); resultReturn.Content = customerInfo; return(resultReturn); }
public Guid CreateCustomer(User customer) { var securSettings = new SecuritySettings(); var encryptionService = new EncryptionService(securSettings); var salt = encryptionService.CreateSaltKey(); customer.Salt = salt; customer.Password = encryptionService.CreatePasswordHash(customer.Password, salt); customer.PasswordFormat = 1; //"SHA1" customer.CreatedOn = DateTime.UtcNow; customer.CreatedBy = customer.CreatedBy == Guid.Empty ? new Guid(Constants.SystemAccountGuid) : customer.CreatedBy; using (var scope = new TransactionScope()) { using (var coreUow = new MemberUnitOfWork()) { coreUow.CreateMember(customer); coreUow.Save(); scope.Complete(); return(customer.UserGuid); } } }
public new void SetUp() { _customerSettings = new CustomerSettings { UnduplicatedPasswordsNumber = 1, HashedPasswordFormat = "SHA512" }; _securitySettings = new SecuritySettings { EncryptionKey = "273ece6f97dd844d" }; _rewardPointsSettings = new RewardPointsSettings { Enabled = false }; _encryptionService = new EncryptionService(_securitySettings); _customerRepo = new Mock <IRepository <Customer> >(); var customer1 = new Customer { Id = 1, Username = "******", Email = "*****@*****.**", Active = true }; AddCustomerToRegisteredRole(customer1); var customer2 = new Customer { Id = 2, Username = "******", Email = "*****@*****.**", Active = true }; AddCustomerToRegisteredRole(customer2); var customer3 = new Customer { Id = 3, Username = "******", Email = "*****@*****.**", Active = true }; AddCustomerToRegisteredRole(customer3); var customer4 = new Customer { Id = 4, Username = "******", Email = "*****@*****.**", Active = true }; AddCustomerToRegisteredRole(customer4); var customer5 = new Customer { Id = 5, Username = "******", Email = "*****@*****.**", Active = true }; _customerRepo.Setup(x => x.Table).Returns(new List <Customer> { customer1, customer2, customer3, customer4, customer5 }.AsQueryable()); _customerPasswordRepo = new Mock <IRepository <CustomerPassword> >(); var saltKey = _encryptionService.CreateSaltKey(5); var password = _encryptionService.CreatePasswordHash("password", saltKey, "SHA512"); var password1 = new CustomerPassword { CustomerId = customer1.Id, PasswordFormat = PasswordFormat.Hashed, PasswordSalt = saltKey, Password = password, CreatedOnUtc = DateTime.UtcNow }; var password2 = new CustomerPassword { CustomerId = customer2.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var password3 = new CustomerPassword { CustomerId = customer3.Id, PasswordFormat = PasswordFormat.Encrypted, Password = _encryptionService.EncryptText("password"), CreatedOnUtc = DateTime.UtcNow }; var password4 = new CustomerPassword { CustomerId = customer4.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var password5 = new CustomerPassword { CustomerId = customer5.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; _customerPasswordRepo.Setup(x => x.Table).Returns(new[] { password1, password2, password3, password4, password5 }.AsQueryable()); _eventPublisher = new Mock <IEventPublisher>(); _eventPublisher.Setup(x => x.Publish(It.IsAny <object>())); _storeService = new Mock <IStoreService>(); _customerRoleRepo = new Mock <IRepository <CustomerRole> >(); _genericAttributeRepo = new Mock <IRepository <GenericAttribute> >(); _shoppingCartRepo = new Mock <IRepository <ShoppingCartItem> >(); _genericAttributeService = new Mock <IGenericAttributeService>(); _newsLetterSubscriptionService = new Mock <INewsLetterSubscriptionService>(); _rewardPointService = new Mock <IRewardPointService>(); _localizationService = new Mock <ILocalizationService>(); _workContext = new Mock <IWorkContext>(); _workflowMessageService = new Mock <IWorkflowMessageService>(); _customerCustomerRoleMappingRepo = new Mock <IRepository <CustomerCustomerRoleMapping> >(); _customerService = new CustomerService(new CustomerSettings(), new TestCacheManager(), null, null, _eventPublisher.Object, _genericAttributeService.Object, _customerRepo.Object, _customerCustomerRoleMappingRepo.Object, _customerPasswordRepo.Object, _customerRoleRepo.Object, _genericAttributeRepo.Object, _shoppingCartRepo.Object, new TestCacheManager(), null); _customerRegistrationService = new CustomerRegistrationService(_customerSettings, _customerService, _encryptionService, _eventPublisher.Object, _genericAttributeService.Object, _localizationService.Object, _newsLetterSubscriptionService.Object, _rewardPointService.Object, _storeService.Object, _workContext.Object, _workflowMessageService.Object, _rewardPointsSettings); }
public UserViewModel SaveUser(UserViewModel model) { exceptionService.Execute((m) => { if (!InternetConnectionIsAvailable) { model.AddModelError(x => x.Email, "Message.NoInternetConnection", "Internet connection is not available, please try again later."); } if (model.HasError) { return; } var duplicateUserName = userRepository.Table.Any(x => x.UserId != model.UserId && x.Username == model.Username); if (duplicateUserName) { model.AddModelError(x => x.Username, "Message.Duplicate", string.Format("{0} already exists, please use another.", model.GetDisplayName(x => x.Username))); } if (model.HasError) { return; } if (!model.Validate()) { return; } var entity = new User(); if (model.UserId > 0) { entity = userRepository.GetById(model.UserId); userRepository.Update(entity); var employee = employeeRepository.GetById(model.EmployeeId); if (employee != null) { employee.UserId = model.UserId; employeeRepository.Update(employee); } var savedUser = employeeRepository.GetById(model.EmployeeId).User; if (savedUser != null) { var savedRoles = savedUser.UserRoles; if (savedRoles != null) { userRoleRepository.DeleteRange(savedRoles); } } if (employee != null && model.Roles != null && model.Roles.Any() && savedUser != null) { var roles = model.Roles.Select(x => x.Value); foreach (var r in roles) { userRoleRepository.Insert(new UserRole { UserId = employee.UserId.Value, RoleId = r, RoleGrantedFrom = DateTime.Now }); } } } else { var encServ = new EncryptionService(); var generatedPassword = encServ.RandomString(5); model.IsActive = true; model.Salt = encServ.CreateSaltKey(10); model.Password = encServ.CreatePasswordHash(generatedPassword, model.Salt); entity = AutomapperConfig.Mapper.Map <User>(model); userRepository.Insert(entity); model.UserId = entity.UserId; var employee = employeeRepository.GetById(model.EmployeeId); if (employee != null) { employee.UserId = model.UserId; employeeRepository.Update(employee); } if (employee != null && model.Roles != null && model.Roles.Any()) { var roles = model.Roles.Select(x => x.Value); foreach (var r in roles) { userRoleRepository.Insert(new UserRole { UserId = employee.UserId.Value, RoleId = r, RoleGrantedFrom = DateTime.Now }); } } if (employee != null && employee.Email != null) { var template = notificationService.EmailTemplate(NTAEnum.eEmailTemplateType.UserCreated); var subject = template.Subject; var body = template.TemplateBody.Replace("{EmployeeName}", employee.Name) .Replace("{UserName}", model.Username) .Replace("{Password}", generatedPassword); var messageBody = body; ServiceModel sm = notificationService.SendEmail(employee.Email, null, null, subject, messageBody, null, true, true); } } if (model.UserId == 0) { model.Message = localizationService.GetLocalizedText("Message.RecordSavedSuccessfully", IMSAppConfig.Instance.CurrentLanguage, "Record saved succeeded."); } else { model.Message = localizationService.GetLocalizedText("Message.RecordUpdatedSuccessfully", IMSAppConfig.Instance.CurrentLanguage, "Record update succeeded."); } }, model); return(model); }
public new void SetUp() { _userSettings = new UserSettings { UnduplicatedPasswordsNumber = 1, HashedPasswordFormat = "SHA512", }; _securitySettings = new SecuritySettings { EncryptionKey = "273ece6f97dd844d" }; _encryptionService = new EncryptionService(_securitySettings); #region User Setup _userRepository = new Mock <IRepository <User> >(); var user1 = new User { Id = 1, Username = "******", Email = "*****@*****.**", Active = true }; AddUserToRegisteredRole(user1); var user2 = new User { Id = 2, Username = "******", Email = "*****@*****.**", Active = true }; AddUserToRegisteredRole(user2); var user3 = new User { Id = 3, Username = "******", Email = "*****@*****.**", Active = true }; AddUserToRegisteredRole(user3); var user4 = new User { Id = 4, Username = "******", Email = "*****@*****.**", Active = true }; AddUserToRegisteredRole(user4); var user5 = new User { Id = 5, Username = "******", Email = "*****@*****.**", Active = true }; var mockUsers = new List <User> { user1, user2, user3, user4, user5 }.AsQueryable().BuildMockDbSet(); _userRepository.Setup(x => x.Table).Returns(mockUsers.Object); #endregion #region UserPassword Setup _userPasswordRepository = new Mock <IRepository <UserPassword> >(); var saltKey = _encryptionService.CreateSaltKey(5); var password = _encryptionService.CreatePasswordHash("password", saltKey, "SHA512"); var password1 = new UserPassword { UserId = user1.Id, PasswordFormat = PasswordFormat.Hashed, PasswordSalt = saltKey, Password = password, CreatedOnUtc = DateTime.UtcNow }; var password2 = new UserPassword { UserId = user2.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var password3 = new UserPassword { UserId = user3.Id, PasswordFormat = PasswordFormat.Encrypted, Password = _encryptionService.EncryptText("password"), CreatedOnUtc = DateTime.UtcNow }; var password4 = new UserPassword { UserId = user4.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var password5 = new UserPassword { UserId = user5.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var mockUserPasswords = new[] { password1, password2, password3, password4, password5 } .AsQueryable().BuildMockDbSet(); _userPasswordRepository.Setup(x => x.Table).Returns(mockUserPasswords.Object); #endregion _roleRepository = new Mock <IRepository <Role> >(); _userRoleRepository = new Mock <IRepository <UserRole> >(); _genericAttributeRepository = new Mock <IRepository <GenericAttribute> >(); _genericAttributeService = new Mock <IGenericAttributeService>(); _workContext = new Mock <IWorkContext>(); _eventPublisherService = new Mock <IEventPublisher>(); _userService = new UserService( new UserSettings(), new NullCache(), null, null, _eventPublisherService.Object, _genericAttributeService.Object, _userRepository.Object, _roleRepository.Object, _userRoleRepository.Object, _userPasswordRepository.Object, _genericAttributeRepository.Object, null); _userRegistrationService = new UserRegistrationService(_userSettings, _userService, _encryptionService); }
public CustomerRegistrationServiceTests() { #region customers var customer1 = new Customer { Id = 1, Username = "******", Email = "*****@*****.**", Active = true }; var customer2 = new Customer { Id = 2, Username = "******", Email = "*****@*****.**", Active = true }; var customer3 = new Customer { Id = 3, Username = "******", Email = "*****@*****.**", Active = true }; var customer4 = new Customer { Id = 4, Username = "******", Email = "*****@*****.**", Active = true }; #endregion #region passwords _securitySettings = new SecuritySettings { EncryptionKey = "273ece6f97dd844d" }; _encryptionService = new EncryptionService(_securitySettings); var saltKey = _encryptionService.CreateSaltKey(5); var password = _encryptionService.CreatePasswordHash("password", saltKey, "SHA512"); var password1 = new CustomerPassword { CustomerId = customer1.Id, PasswordFormat = PasswordFormat.Hashed, PasswordSalt = saltKey, Password = password, CreatedOnUtc = DateTime.UtcNow }; var password2 = new CustomerPassword { CustomerId = customer2.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; var password3 = new CustomerPassword { CustomerId = customer3.Id, PasswordFormat = PasswordFormat.Encrypted, Password = _encryptionService.EncryptText("password"), CreatedOnUtc = DateTime.UtcNow }; var password4 = new CustomerPassword { CustomerId = customer4.Id, PasswordFormat = PasswordFormat.Clear, Password = "******", CreatedOnUtc = DateTime.UtcNow }; #endregion _customerRoleRepo = _fakeDataStore.RegRepository(new[] { new CustomerRole { Id = 1, Active = true, IsSystemRole = true, SystemName = NopCustomerDefaults.RegisteredRoleName } }); _customerRepo = _fakeDataStore.RegRepository(new[] { customer1, customer2, customer3, customer4 }); _customerPasswordRepo = _fakeDataStore.RegRepository(new[] { password1, password2, password3, password4 }); _customerCustomerRoleMappingRepository = _fakeDataStore.RegRepository <CustomerCustomerRoleMapping>(); _customerService = new FakeCustomerService( customerCustomerRoleMappingRepository: _customerCustomerRoleMappingRepository, customerRepository: _customerRepo, customerPasswordRepository: _customerPasswordRepo, customerRoleRepository: _customerRoleRepo); //AddCustomerToRegisteredRole(customer1); //AddCustomerToRegisteredRole(customer2); //AddCustomerToRegisteredRole(customer3); //AddCustomerToRegisteredRole(customer4); _rewardPointsSettings = new RewardPointsSettings { Enabled = false }; _customerSettings = new CustomerSettings { UnduplicatedPasswordsNumber = 1, HashedPasswordFormat = "SHA512" }; _storeService = new Mock <IStoreService>(); _genericAttributeService = new Mock <IGenericAttributeService>(); _newsLetterSubscriptionService = new Mock <INewsLetterSubscriptionService>(); _rewardPointService = new Mock <IRewardPointService>(); _localizationService = new Mock <ILocalizationService>(); _workContext = new Mock <IWorkContext>(); _workflowMessageService = new Mock <IWorkflowMessageService>(); _eventPublisher = new Mock <IEventPublisher>(); _eventPublisher.Setup(x => x.Publish(It.IsAny <object>())); _customerRegistrationService = new CustomerRegistrationService(_customerSettings, _customerService, _encryptionService, _eventPublisher.Object, _genericAttributeService.Object, _localizationService.Object, _newsLetterSubscriptionService.Object, _rewardPointService.Object, _storeService.Object, _workContext.Object, _workflowMessageService.Object, _rewardPointsSettings); }