C# (CSharp) PasswordManager.CheckPassword 예제들

예제 #1

파일: Service.cs 프로젝트: rollend/DiskLocker

        private object OnDeletePassword(object message)
        {
            var packet = ( DeletePasswordMessage )message;
            var ret    = new OperationResult();

            if (!this.CheckSession(packet.SessionKey))
            {
                ret.Value = false;
                return(ret);
            }

            PasswordManager passwordManager = new PasswordManager();

            string password = HashManager.Sha256(packet.Password);

            bool result = passwordManager.CheckPassword(password);

            if (result)
            {
                result = passwordManager.DeletePassword(password);
                this.DeleteSession(packet.SessionKey);
            }

            ret.Value = result;
            return(ret);
        }

예제 #2

파일: PasswordManagerTests.cs 프로젝트: ee3dmw/PasswordGen

        public void CheckPassword_PasswordHasNotBeenGenerated_Test()
        {
            var userId = "user1";

            var passwordRepository = new Mock<IRepository<Password>>();

            var passwordGenerator = new PasswordManager(passwordRepository.Object);
            var isPasswordCorrect = passwordGenerator.CheckPassword(userId, "monkey");

            Assert.IsFalse(isPasswordCorrect);
        }

예제 #3

파일: BasicAuthFilter.cs 프로젝트: AshishKhatiwada2/Millo

        /// <summary>
        /// Internal method to validate the credentials included in the request,
        /// returning an IPrincipal for the resulting authenticated entity.
        /// </summary>
        private async Task <IPrincipal> ValidateCredentialsAsync(string credentials, CancellationToken cancellationToken)
        {
            // TODO: your credential validation logic here, hopefully async!!
            // crack open the basic auth credentials
            var             subject         = ParseBasicAuthCredential(credentials);
            PasswordManager passwordManager = new PasswordManager();

            User user = await passwordManager.CheckPassword(subject.Item1, subject.Item2);

            // in your system you would probably do an async database lookup...

            //if (String.IsNullOrEmpty(subject.Item2) || subject.Item2 != "abc123")
            //    return null;
            if (user == null)
            {
                return(null);
            }

            // TODO: Create an IPrincipal (generic or custom), holding an IIdentity (generic or custom)
            //       Note a very useful IPrincipal/IIdentity is ClaimsPrincipal/ClaimsIdentity if
            //       you need both subject identifier (ex. user name), plus a set of attributes (claims)
            //       about the subject.
            IList <Claim> claimCollection = new List <Claim>
            {
                new Claim("Id", user.UserId.ToString()),
                new Claim(type: "UserName", user.UserName),
                new Claim(type: ClaimTypes.Role, user.Role),
                new Claim(type: "Email", user.Email),
                new Claim(type: "PhoneNumber", user.PhoneNumber),
                new Claim(type: "FullAddress", user.FullAddress),
                // you can add other standard or custom claims here based on your username/password lookup...
                new Claim(type: ClaimTypes.AuthenticationInstant, DateTime.UtcNow.ToString("o")),
                new Claim(type: "FullName", user.FullAddress),
                new Claim(type: "Issuer", "Ashish Khatiwada"),
                new Claim(type: "Audience", user.UserName),
                new Claim(type: "PublicToken", user.PublicToken),
                new Claim(type: "PrivateToken", user.PrivateToken),
                new Claim(type: "PasswordSalt", user.PasswordSalt),
                new Claim(type: "PasswordHash", user.PasswordHash)
                // etc.
            };
            // we'll include the specific token scheme as "authentication type" that was successful
            // in authenticating the user so downstream code can verify it was a token type
            // sufficient for the activity the code is attempting.
            var identity  = new ClaimsIdentity(claimCollection, SupportedTokenScheme);
            var principal = new ClaimsPrincipal(identity);

            return(await Task.FromResult(principal));
        }

예제 #4

파일: PasswordManagerTests.cs 프로젝트: ee3dmw/PasswordGen

        public void CheckPassword_WrongPassword_Test()
        {
            var userId = "user1";
            var password = "******";
            var passwordHash = String.Concat(password, HardcodedSalt).GetHashCode().ToString();
            var passwordFromRepo = new Password() { UserId = userId, ExpiryTime = DateTime.UtcNow.AddSeconds(30), PasswordHash = passwordHash, PasswordSalt = HardcodedSalt };

            var passwordRepository = new Mock<IRepository<Password>>();
            passwordRepository.Setup(u => u.Load(userId)).Returns(passwordFromRepo);

            var passwordGenerator = new PasswordManager(passwordRepository.Object);
            var isPasswordCorrect = passwordGenerator.CheckPassword(userId, "chicken");

            Assert.IsFalse(isPasswordCorrect);
        }

예제 #5

파일: Service.cs 프로젝트: rollend/DiskLocker

        private object OnCreateAuthSessionKey(object message)
        {
            var packet = ( CreateAuthSessionKeyMessage )message;
            var ret    = new CreateAuthSessionKeyResult();

            PasswordManager passwordManager = new PasswordManager();

            string password = HashManager.Sha256(packet.Password);

            bool result = passwordManager.CheckPassword(password);

            ret.SessionKey = Guid.NewGuid().ToString();
            this.sessions.Add(ret.SessionKey);

            ret.Value = result;
            return(ret);
        }

예제 #6

파일: Service.cs 프로젝트: rollend/DiskLocker

        private object OnChangePassword(object message)
        {
            var packet = ( ChangePasswordMessage )message;
            var ret    = new OperationResult();

            if (!this.CheckSession(packet.SessionKey))
            {
                ret.Value = false;
                return(ret);
            }

            if (!this.IsPasswordCorrect(packet.OldPassword))
            {
                ret.Value = false;
                return(ret);
            }

            if (!this.IsPasswordCorrect(packet.NewPassword))
            {
                ret.Value = false;
                return(ret);
            }

            PasswordManager passwordManager = new PasswordManager();

            string oldPassword = HashManager.Sha256(packet.OldPassword);

            bool result = passwordManager.CheckPassword(oldPassword);

            if (result)
            {
                string newPassword = HashManager.Sha256(packet.NewPassword);
                result = passwordManager.ChangePassword(oldPassword, newPassword);
            }

            ret.Value = result;
            return(ret);
        }

예제 #7

파일: TokenManagerBase.cs 프로젝트: dunglh/MyProject

        internal bool UpdateUserPassword(string loginname, string oldPassword, string newPassword, CommonParam commonParam)
        {
            bool result = false;

            try
            {
                if (String.IsNullOrWhiteSpace(loginname))
                {
                    throw new ArgumentNullException("loginname");
                }
                if (String.IsNullOrWhiteSpace(oldPassword))
                {
                    throw new ArgumentNullException("oldPassword");
                }
                if (String.IsNullOrWhiteSpace(newPassword))
                {
                    throw new ArgumentNullException("newPassword");
                }
                if (oldPassword.Length < Constant.MIN_LENGTH_PASSWORD)
                {
                    MessageUtil.SetMessage(commonParam, LibraryMessage.Message.Enum.Common__MatKhauKhongDuocNhoHon6KyTu);
                    throw new Exception("Mat khau khong duoc nho hon 6 ky tu");
                }
                PasswordManager       passwordManager = new PasswordManager();
                AasUser.AasUserUpdate aasUserUpdate   = new AasUser.AasUserUpdate(commonParam);
                User user = new UserManagerGet().GetByLoginname(loginname);
                if (user == null)
                {
                    MessageUtil.SetMessage(commonParam, LibraryMessage.Message.Enum.Common_TaiKhoanKhongChinhXac);
                    throw new Exception("Loginname invalid: " + loginname);
                }
                if (!passwordManager.CheckPassword(user.Password, oldPassword, user.Salt, loginname))
                {
                    MessageUtil.SetMessage(commonParam, LibraryMessage.Message.Enum.Common_TaiKhoanHoacMatKhauKhongChinhXac);
                    throw new Exception("Tai khoan hoac mat khau khong chinh xac");
                }

                string newHashPassword = passwordManager.HashPassword(newPassword, user.Salt, loginname);
                Mapper.CreateMap <User, User>();
                User before = Mapper.Map <User>(user);
                user.Password = newHashPassword;
                if (!aasUserUpdate.Update(user, before))
                {
                    throw new Exception("Update mat khau cho tai khoan that bai");
                }
                result        = true;
                user.Password = "";
            }
            catch (ArgumentNullException ex)
            {
                BugUtil.SetBugCode(commonParam, LibraryBug.Bug.Enum.Common__ThieuThongTinBatBuoc);
                DungLH.Util.CommonLogging.LogSystem.Error(ex);
                result = false;
            }
            catch (Exception ex)
            {
                DungLH.Util.CommonLogging.LogSystem.Error(ex);
                result = false;
            }
            return(result);
        }