private Employee Authenticate(Login param)
{
try
{
var existingUser = _context.Employees.FirstOrDefault(e => e.Email == param.Email);
if (existingUser != null)
{
if (PasswordHashUtility.ValidatePassword(param.Password, existingUser.Password))
{
return(existingUser);
}
else
{
return(null);
}
}
else
{
return(existingUser);
}
}
catch (Exception ex)
{
return(null);
}
}
public int Add(Employee entity)
{
entity.Password = PasswordHashUtility.HashString(entity.Password);
_context.Employees.Add(entity);
_context.SaveChanges();
return(entity.Id);
}
public void Update(Employee dbEntity, Employee entity)
{
dbEntity.Email = entity.Email;
dbEntity.Password = PasswordHashUtility.HashString(entity.Password);
dbEntity.EmployeeType = entity.EmployeeType;
dbEntity.Name = entity.Name;
dbEntity.Position = entity.Position;
_context.SaveChanges();
}
public Password(string password)
{
if (password.IsNotExist())
{
throw new MissingValueException($"Hasło jest wymagane");
}
PasswordHashUtility.CreatePasswordHash(password, out byte[] passwordHash, out byte[] passwordSalt);
PasswordHash = passwordHash;
PasswordSalt = passwordSalt;
}
private void NewUser()
{
UserDialogue userDialog = new UserDialogue();
userDialog.Text = "New User";
userDialog.userTextBox.Text = "";
userDialog.userTextBox.Enabled = true;
userDialog.passwordTextBox.Text = "";
userDialog.ShowDialog();
if (userDialog.DialogResult == DialogResult.OK)
{
if (userDialog.userTextBox.Text != "")
{
bool add = true;
foreach (User u in userList.Items)
{
if (userDialog.userTextBox.Text == u.Username)
{
MessageBox.Show("Username: \"" + u.Username + "\" already taken.");
add = false;
break;
}
}
if (add)
{
User u2 = new User(userDialog.userTextBox.Text);
if (ServerOptions.UseStrongPasswords)
{
if (Authenticator.IsStrongPassword(u2, userDialog.passwordTextBox.Text))
{
u2.Password = PasswordHashUtility.HashPassword(userDialog.passwordTextBox.Text);
userList.Items.Add(u2);
}
else
{
MessageBox.Show(passwordRulesString);
}
}
else
{
u2.Password = PasswordHashUtility.HashPassword(userDialog.passwordTextBox.Text);
userList.Items.Add(u2);
}
}
}
else
{
MessageBox.Show("Invalid Username");
}
}
SetButtons();
}
public void AuthenticationRequest(string username, string password, string terminal_id)
{
_AuthenticationRequest = SimulationEventFactory.BuildEvent(ref _SimModel, "AuthenticationRequest");
((StringValue)(_AuthenticationRequest["Username"])).value = username;
((StringValue)(_AuthenticationRequest["Password"])).value = PasswordHashUtility.HashPassword(password);
((StringValue)(_AuthenticationRequest["TerminalID"])).value = terminal_id;
if (DDD_Global.Instance.IsConnected)
{
DDD_Global.Instance.PutEvent(_AuthenticationRequest);
}
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
modelBuilder.Entity <Employee>().HasData(new Employee
{
Id = 1,
Email = "*****@*****.**",
Password = PasswordHashUtility.HashString("abc123"),
EmployeeType = "Admin",
Name = "Bob",
Position = "Manager"
}, new Employee
{
Id = 2,
Email = "*****@*****.**",
Password = PasswordHashUtility.HashString("abc123"),
EmployeeType = "General",
Name = "John",
Position = "Developer"
});
}
private void EditUser()
{
User selected = (User)userList.SelectedItem;
UserDialogue userDialog = new UserDialogue();
userDialog.Text = "Edit User";
userDialog.userTextBox.Text = selected.Username;
userDialog.userTextBox.Enabled = false;
string oldPassword = selected.Password;
userDialog.passwordTextBox.Text = oldPassword;
userDialog.ShowDialog();
if (userDialog.DialogResult == DialogResult.OK)
{
if (userDialog.passwordTextBox.Text == oldPassword)
{
// do nothing
}
else if (ServerOptions.UseStrongPasswords)
{
if (Authenticator.IsStrongPassword(selected, userDialog.passwordTextBox.Text))
{
selected.Password = PasswordHashUtility.HashPassword(userDialog.passwordTextBox.Text);
}
else
{
MessageBox.Show(passwordRulesString);
}
}
else
{
selected.Password = PasswordHashUtility.HashPassword(userDialog.passwordTextBox.Text);
}
}
SetButtons();
//ud.Show();
}
public bool Equals(string password)
{
return(PasswordHashUtility.VerifyPasswordHash(password, PasswordHash, PasswordSalt));
}
public static void Initialize(HonestProjectContext context)
{
context.Database.EnsureCreated();
// Look for any students.
if (context.Site.Any())
{
return; // DB has been seeded
}
Site site = new Site();
site.Name = "Texas Legislative Council";
site.IncludeWeekends = false;
site.UniqueSiteId = "txlcis";
site.HoursPerDay = 8;
site.PublicIdentifier = Guid.NewGuid();
context.Site.Add(site);
context.SaveChanges();
var roles = new Role[] {
new Role()
{
PublicIdentifier = Guid.NewGuid(), Description = "Does all site administration. Has all privliges", Name = "Site Administrator"
},
new Role()
{
PublicIdentifier = Guid.NewGuid(), Description = "Manages teams", Name = "Manager"
},
new Role()
{
PublicIdentifier = Guid.NewGuid(), Description = "Leads teams", Name = "Team Leader"
},
new Role()
{
PublicIdentifier = Guid.NewGuid(), Description = "A member of a team", Name = "Team Member"
}
};
foreach (Role s in roles)
{
context.Role.Add(s);
}
context.SaveChanges();
Role teamMember = context.Role.Where(x => x.Name == "Team Member").FirstOrDefault();
Role teamLeader = context.Role.Where(x => x.Name == "Team Leader").FirstOrDefault();
Role manager = context.Role.Where(x => x.Name == "Manager").FirstOrDefault();
Role siteAdministrator = context.Role.Where(x => x.Name == "Site Administrator").FirstOrDefault();
PasswordHashUtility utility = new PasswordHashUtility();
var users = new User[] {
new User()
{
Site = site, FirstName = "Colin", LastName = "Gormley", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = siteAdministrator
},
new User()
{
Site = site, FirstName = "Eric", LastName = "Lavangi", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = teamMember
},
new User()
{
Site = site, FirstName = "Osama", LastName = "Abdullahussein", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = teamMember
},
new User()
{
Site = site, FirstName = "Kevin", LastName = "Welcht", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = teamMember
},
new User()
{
Site = site, FirstName = "Rebecca", LastName = "Garcia", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = teamLeader
},
new User()
{
Site = site, FirstName = "Kris", LastName = "Doer", CreatedDate = DateTime.Now, PasswordHash = utility.CalculateHash("fakepassword"), EmailAddress = "[email protected]", PublicIdentifier = Guid.NewGuid(), Role = manager
}
};
foreach (User s in users)
{
context.User.Add(s);
}
context.SaveChanges();
User leader = context.User.Where(x => x.EmailAddress == "[email protected]").FirstOrDefault();
User userManager = context.User.Where(x => x.EmailAddress == "[email protected]").FirstOrDefault();
var team = new Team {
Site = site, Name = "Picante", PublicIdentifier = Guid.NewGuid(), TeamLeader = leader, TeamManager = userManager, Description = "Responsible for everything important", TeamMembers = new System.Collections.Generic.List <User>()
};
User kevin = context.User.Where(x => x.EmailAddress == "[email protected]").FirstOrDefault();
User osama = context.User.Where(x => x.EmailAddress == "[email protected]").FirstOrDefault();
team.TeamMembers.Add(leader);
team.TeamMembers.Add(kevin);
team.TeamMembers.Add(osama);
context.Team.Add(team);
context.SaveChanges();
}
public static bool IsStrongPassword(User user, string password)
{
// 2+ punctuation
Regex punctuationRegex2 = new Regex(@"\p{P}");
MatchCollection c;
c = punctuationRegex2.Matches(password);
if (c.Count < 2)
{
return(false);
}
// Minimum of 10 characters
if (password.Length < 10)
{
return(false);
}
// 2+ numbers
Regex numbersRegex = new Regex(@"[0-9]");
c = numbersRegex.Matches(password);
if (c.Count < 2)
{
return(false);
}
// 2+ uppercase letters
Regex uppercaseRegex = new Regex(@"[A-Z]");
c = uppercaseRegex.Matches(password);
if (c.Count < 2)
{
return(false);
}
// 2+ lowercase letters
Regex lowercaseRegex = new Regex(@"[a-z]");
c = lowercaseRegex.Matches(password);
if (c.Count < 2)
{
return(false);
}
// 2+ punctuation
Regex punctuationRegex = new Regex(@"\p{P}");
c = punctuationRegex.Matches(password);
if (c.Count < 2)
{
return(false);
}
// Cannot re-use the last 10 passwords
if (user.passwords.Contains(PasswordHashUtility.HashPassword(password)))
{
return(false);
}
return(true);
}
