public void HashAndVerifyPassowrd_ShouldVerify(string password)
        {
            //

            var hash         = HashingUtil.HashPasswordWithSalt(password);
            var verifyIsTrue = HashingUtil.VerifyPassword(password, hash);

            Assert.IsTrue(verifyIsTrue);
        }
예제 #2
0
        public void ChangePassword(int userId, string oldPassword, string newPassword)
        {
            using (var transaction = new TransactionScope())
            {
                var user = usersDao.SelectByID(userId);
                if (user == null)
                {
                    throw new EntityNotFoundException($"User with ID {userId} was not found", typeof(User));
                }

                if (!HashingUtil.VerifyPassword(oldPassword, user.Password))
                {
                    throw new ValidationFailedException(new ValidationInfo(new ErrorMessage[] { Errors.InvalidPassword() }));
                }

                user.Password = HashingUtil.HashPasswordWithSalt(newPassword);
                usersDao.UpdateUser(user);

                transaction.Complete();
            }
        }
예제 #3
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var identity = new ClaimsIdentity(context.Options.AuthenticationType);

            var userSelector = new UsersDao();

            //var userData = (User) userSelector.SelectOneRow(context.UserName, context.Password);
            var userData = (User)userSelector.SelectByEmail(context.UserName);

            if (userData != null && userData.Password != null && HashingUtil.VerifyPassword(context.Password, userData.Password))
            {
                //identity.AddClaim(new Claim(ClaimTypes.
                identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userData.UserId.ToString()));
                identity.AddClaim(new Claim(ClaimTypes.Name, userData.Email));
                context.Validated(identity);
            }
            else
            {
                context.SetError("invalid_grant", "Provided username and password is incorrect");
                context.Rejected();
            }
        }