public void PasswordManager_Should_Work_Correctly(string password, string incorrectPassword)
{
var passwordManager = new PasswordManager();
var hashSalt = passwordManager.GeneratePassword(password);
Assert.AreNotEqual(password, hashSalt.PasswordHash);
Assert.AreNotEqual(password, hashSalt.Salt);
var isCorrect = passwordManager.IsPasswordCorrect(password, hashSalt.PasswordHash, hashSalt.Salt);
Assert.IsTrue(isCorrect);
isCorrect = passwordManager.IsPasswordCorrect(incorrectPassword, hashSalt.PasswordHash, hashSalt.Salt);
Assert.IsFalse(isCorrect);
}
public IActionResult RegisterContractor([FromForm] ContractorAccount contractor)
{
IActionResult response;
if (ModelState.IsValid)
{
bool AccountExist = ContractorAccountRepository.CheckIfAccountExist(contractor.EmailAddress);
EmailValidator EmailValidator = new EmailValidator();
bool isEmailValid = EmailValidator.IsValidEmail(contractor.EmailAddress);
if (AccountExist == true || (isEmailValid == false))
{
string errorMessage = "This email address is already in use or invalid";
response = BadRequest(new { error = errorMessage });
}
else
{
PasswordManager PasswordManager = new PasswordManager();
string encryptedPassword = PasswordManager.GeneratePassword(contractor.Password);
contractor.Password = encryptedPassword;
ContractorAccountRepository.MarkAsModified(contractor);
string userToken = BuildUserIdentity(contractor);
ContractorAccountRepository.SaveNewContractorAccount(contractor);
CreateContractorProfile(contractor);
var jsonResponse = new {
user = new {
account = contractor.EmailAddress,
token = userToken,
role = "contractor"
}
};
response = Ok(jsonResponse);
}
return(response);
}
else
{
return(new BadRequestObjectResult(ModelState));
}
}
public async Task <ApiResponse <string> > ForgotPassword(UserDto userDto)
{
var response = new ApiResponse <string>();
User user = await _userRepository.FindAsync(x => x.Email == userDto.Email);
if (user == null)
{
response.Success = false;
response.Data = "User Not Found";
return(response);
}
response.Success = true;
response.Data = _passwordManager.GeneratePassword();
return(response);
}
public async Task<Credentials> CreateAsync(UserDto userDto)
{
var user = _mapper.Map<User>(userDto);
user.Id = Guid.NewGuid();
user.Role = userDto.Role;
user.Status = UserStatus.Active;
var generatedPassword = PasswordManager.GeneratePassword(PasswordManager.CharSet.All, 8);
_passwordManager.SetHashedPassword(user, generatedPassword);
user.OrganisationName = (await _organisationRepository.GetAsync(userDto.OrganisationId)).Name;
await _repository.CreateAsync(user);
try
{
_bus.Publish(new UserRegisteredMessage() {Email = userDto.Email, Password = generatedPassword});
}
catch(Exception ex)
{
throw new Exception(ex.Message);
}
return new Credentials()
{
Email = userDto.Email,
Password = generatedPassword
};
}
public async Task <ApiResponse <UserOld> > CreateUser(UserOldDto userDto)
{
var response = new ApiResponse <UserOld>();
try
{
//check user Exists
var isExistUser = await _usersRepository.CountAsync(i => i.UserName == userDto.UserName);
if (isExistUser != 0)
{
response.Success = false;
response.Errors.Add("Username Already Exists");
return(response);
}
//create roles
var userRoles = new List <UserRolesOld>();
var id = Guid.NewGuid();
foreach (var role in userDto.UserRoles)
{
if (!role.IsSelected)
{
continue;
}
dynamic roleNmae = "";
switch (role.Role)
{
case "Investor":
roleNmae = RoleName.Investor;
break;
case "NonInvestor":
roleNmae = RoleName.NonInvestor;
break;
}
var userRole = new UserRolesOld()
{
Id = Guid.NewGuid(),
Role = roleNmae,
CreatedBy = id,
CreatedDate = DateTime.Now,
IsActive = true,
};
userRoles.Add(userRole);
}
PasswordManager passwordManger = new PasswordManager();
//create new user
var user = Mapper.Map <UserOld>(userDto);
user.Id = id;
user.Password = passwordManger.Encrypt(passwordManger.GeneratePassword());
user.CreatedBy = user.Id;
user.CreatedDate = DateTime.Now;
user.Roles = userRoles;
user.IsActive = true;
await _usersRepository.AddAsyn(user);
response.Success = true;
}
catch (Exception ex)
{
response.Success = false;
response.Errors.Add(ex.Message);
}
return(response);
}
public void TestTruePassword()
{
string trueHashPassword = PasswordManager.GeneratePassword(TruePassword);
Assert.True(PasswordManager.VerifyPassword(trueHashPassword, TruePassword));
}
private void ShowPassword()
{
int PasswordLength = (int)PasswordLengthSlider.value;
YourPassword.text = Generator.GeneratePassword(PasswordLength, AlphabetToggle.isOn, ALPHABETToggle.isOn, NumbersToggle.isOn, SpecialCharsToggle.isOn);
}
public void GeneratingRandomPasswordTest()
{
var userId = "user1";
Password passwordSavedByRepo = new Password();
var datetimeAtStartOfTest = DateTime.UtcNow;
var passwordRepository = new Mock<IRepository<Password>>();
passwordRepository.Setup(u => u.Save(It.IsAny<Password>())).Callback<Password>(p => passwordSavedByRepo = p);
var passwordGenerator = new PasswordManager(passwordRepository.Object);
var password = passwordGenerator.GeneratePassword(userId);
passwordRepository.Verify(u => u.Save(It.IsAny<Password>()), Times.Once);
Assert.IsFalse(string.IsNullOrEmpty(password), "Check password is not empty");
Assert.AreEqual(userId, passwordSavedByRepo.UserId, "Check saved password has userid");
Assert.AreEqual(HardcodedSalt, passwordSavedByRepo.PasswordSalt, "Check saved password has salt");
Assert.AreEqual(String.Concat(password, HardcodedSalt).GetHashCode().ToString(), passwordSavedByRepo.PasswordHash, "Check saved password has hash");
Assert.IsTrue(passwordSavedByRepo.ExpiryTime < datetimeAtStartOfTest.AddSeconds(35) && passwordSavedByRepo.ExpiryTime > datetimeAtStartOfTest.AddSeconds(25), "Check saved password has expiry date");
}