public ModifyUserResponse(ModifyUserResult result, MandatoryUserParams mandatoryUserParams, PasswordRules passwordRules, User userData)
{
Result = result;
MandatoryUserParams = mandatoryUserParams;
PasswordRules = passwordRules;
UserData = userData;
}
public void Initialise()
{
validTestPassword = new Password
{
UserId = "ABHW089",
OldPassword = "******",
NewPassword = "******",
ConfirmPassword = "******",
NewPasswordHash = "yVHn6?R@",
IsValid = true
};
validTestPassword.SetHistory(new List <string> {
"$sG96r#X", "3g9m&9W7"
});
validTestRules = new PasswordRules
{
Validators = ValidatorTypes.All,
MinLength = 8,
MaxLength = 10,
SpecialChars = new[] { '!', '@', '#', '$', '%', '*', '+', '/' },
MinHistory = 3,
Blacklist = new[] { "test", "password" }
};
factory = new ValidatorFactory();
service = new PasswordService(factory);
}
public void Test_CreateValidationSet_Basic_Rules()
{
var testRules = PasswordRules.CreateBasic();
var valSet = factory.CreateValidationSet(testRules).ToList();
valSet.Count.Should().Be(2);
}
public override string ToString(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
return(string.Format(Properties.Resources.ValidateHistory_PasswordMayNotBeAnyOfYourPrevious0Passwords, ruleSet.MinHistory));
}
public override void Setup(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
histCount = ruleSet.MinHistory;
}
public override void Setup(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
blackList = ruleSet.Blacklist.ToList();
}
public override string ToString(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
return(string.Format(Properties.Resources.ValidateSpecial_PasswordMustContainAtLeast1OfTheFollowingCharacters, string.Concat(ruleSet.SpecialChars)));
}
public override string ToString(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
return(FormatMessage(ruleSet.MinLength, ruleSet.MaxLength));
}
public override void Setup(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
minLength = ruleSet.MinLength;
maxLength = ruleSet.MaxLength;
}
public override void Setup(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
charSet = ruleSet.SpecialChars;
var set = string.Concat(charSet);
regex = new Regex($"(.*[{set}])", RegexOptions.Compiled);
}
public void Initialise()
{
validTestRules = new PasswordRules
{
Validators = ValidatorTypes.All,
MinLength = 8,
MaxLength = 10,
SpecialChars = new[] { '!', '@', '#', '$', '%', '*', '+', '/' },
MinHistory = 3,
Blacklist = new[] { "test", "password" }
};
}
public PasswordScore PasswordStrength(String password)
{
/*SCORING LOGIC.
* Divide 1 by number of password rules. The result is RequirementScore.
* Get the password-score using Password.Strength. This is StrengthScore
* Take the smaller of RequirementScore,StrengthScore.
* Project it to appropriate strength string.
*/
double requirementScore = 0d; double strengthScore = 0d;
int countRules = PasswordRules.Count(); int passedRules = countRules;
if (countRules == 0)
{
requirementScore = 1;
}
else
{
var errors = PasswordRules.Where(r => !r.Holds(password)).Select(r => r.Name);
if (errors != null)
{
passedRules = countRules - errors.Count();
}
requirementScore = (double)passedRules / countRules;
}
strengthScore = Password.Strength(password);
var score = Math.Min(requirementScore, strengthScore);
PasswordScore[] passwordStrengthVerdicts = new[] { PasswordScore.VeryWeak, PasswordScore.Weak, PasswordScore.Average, PasswordScore.Strong, PasswordScore.VeryStrong };
score = score * passwordStrengthVerdicts.Length;
int passwordVerdictIndex = Math.Min((int)score, passwordStrengthVerdicts.Length - 1);
/* If resultScore is highest but requirementScore is less than 1. It means all password rules have not been met. Hence reduce strength by one level*/
if (passwordVerdictIndex == (passwordStrengthVerdicts.Length - 1) && requirementScore < 1)
{
passwordVerdictIndex -= 1;
}
PasswordScore resultScore = passwordStrengthVerdicts[passwordVerdictIndex];
return(resultScore);
}
private bool CheckPasswordRules(string password)
{
bool result = true;
PasswordRules rules = BesteUserSettings?.PasswordRules;
if (rules == null)
{
rules = new PasswordRules();
}
result = result && password.Length > rules.MinLength;
result = result && (!rules.HasDigit || (password.HasDigit()));
result = result && (!rules.HasLowerCase || (password.HasLowerCase()));
result = result && (!rules.HasUpperCase || (password.HasUpperCase()));
result = result && (!rules.HasSpecialChars || (password.HasSpecialChars()));
return(result);
}
private void Generate()
{
IPasswordGenerator passwordGenerator;
bool containsLowerCaseLetters = CheckLowerCaseLetters.Checked;
bool containsUpperCaseLetters = CheckUpperCaseLetters.Checked;
bool containsDigits = CheckDigits.Checked;
bool containsSpecialCharacters = CheckSpecialCharacters.Checked;
PasswordRules rules = new PasswordRules()
{
ContainsLowerCaseLetters = containsLowerCaseLetters,
ContainsUpperCaseLetters = containsUpperCaseLetters,
ContainsDigits = containsDigits,
ContainsSpecialCharacters = containsSpecialCharacters
};
int passwordLength = (int)PasswordLength.Value;
if (containsSpecialCharacters && InputSpecialCharacters.Text.Length < 1)
{
MessageBox.Show("Keine Sonderzeichen angegeben.");
return;
}
passwordGenerator = new PasswordGenerator(rules, InputSpecialCharacters.Text.ToCharArray());
string password = passwordGenerator.Generate(passwordLength);
InputPassword.Text = password;
Password = password;
Settings.Default.PasswordLength = (int)PasswordLength.Value;
Settings.Default.ContainsLowerCaseLetters = CheckLowerCaseLetters.Checked;
Settings.Default.ContainsUpperCaseLetters = CheckUpperCaseLetters.Checked;
Settings.Default.ContainsDigits = CheckDigits.Checked;
Settings.Default.ContainsSpecialCharacters = CheckSpecialCharacters.Checked;
Settings.Default.SpecialCharacters = InputSpecialCharacters.Text;
Settings.Default.Save();
}
public PasswordRules CreatePasswordRules()
{
var config = configuration.GetPasswordRulesSection();
var passwordRules = new PasswordRules
{
Validators = ValidatorTypes.None,
MinLength = config.Lengths?.Min ?? 0,
MaxLength = config.Lengths?.Max ?? 0,
MinHistory = config.MinCounts?.History ?? 0,
SpecialChars = config.SpecialChars?.Value.ToCharArray() ?? new char[0]
};
var validatorStr = config.Validators.Types.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
foreach (var val in validatorStr)
{
passwordRules.Validators = passwordRules.Validators | (ValidatorTypes)Enum.Parse(typeof(ValidatorTypes), val);
}
return(passwordRules);
}
public static bool IsPasswordValid(string password,
PasswordRules rules,
params string[] ruleOutList)
{
bool result = true;
const string lower = "abcdefghijklmnopqrstuvwxyz";
const string upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string digits = "0123456789";
string allChars = lower + upper + digits;
//Check Lowercase if rule is enforced
if (Convert.ToBoolean(rules & PasswordRules.LowerCase))
{
result &= (password.IndexOfAny(lower.ToCharArray()) >= 0);
}
//Check Uppercase if rule is enforced
if (Convert.ToBoolean(rules & PasswordRules.UpperCase))
{
result &= (password.IndexOfAny(upper.ToCharArray()) >= 0);
}
//Check to for a digit in password if digit is required
if (Convert.ToBoolean(rules & PasswordRules.Digit))
{
result &= (password.IndexOfAny(digits.ToCharArray()) >= 0);
}
//Check to make sure special character is included if required
if (Convert.ToBoolean(rules & PasswordRules.SpecialChar))
{
result &= (password.Trim(allChars.ToCharArray()).Length > 0);
}
if (ruleOutList != null)
{
for (int i = 0; i < ruleOutList.Length; i++)
{
result &= (password != ruleOutList[i]);
}
}
return(result);
}
public IEnumerable <IPasswordValidator> CreateValidationSet(PasswordRules ruleSet)
{
if (ruleSet == null)
{
throw new ArgumentNullException(nameof(ruleSet));
}
var result = new List <IPasswordValidator>();
foreach (var validator in InternalValidators)
{
if ((ruleSet.Validators & validator.Type) != validator.Type)
{
continue;
}
validator.Setup(ruleSet);
result.Add(validator);
}
return(result);
}
public JsonResult passwprd(string pasword)
{
PasswordRules pw = new PasswordRules();
int dif = 0;
string result = "";
if (pw.GeneratePasswordScore(pasword) > 80)
{
result = "Şifreniz güçlü";
}
else if (pw.GeneratePasswordScore(pasword) >= 60)
{
result = "Şifreniz orta seviye";
}
else if (pw.GeneratePasswordScore(pasword) < 60)
{
result = "Şifreniz zayıf";
}
dif = pw.GeneratePasswordScore(pasword);
return(Json(new { data = dif, message = result }, JsonRequestBehavior.AllowGet));
}
public string ToString(PasswordRules ruleSet)
{
return("Custom Validator 2");
}
public virtual string ToString(PasswordRules ruleSet)
{
return(ToString());
}
public virtual void Setup(PasswordRules ruleSet)
{
}
public JsonResult personalRegister(string Name, string Surname, string BirthDay, string Contact, string City, string State, string Address, string Email, string Password)
{
try
{
var image = System.Web.HttpContext.Current.Request.Files[0];
using (business.Management.UserManagement.UserFunctions userManagement = new business.Management.UserManagement.UserFunctions())
{
PasswordRules pw = new PasswordRules();
ImageProcess Ip = new ImageProcess();
if (!userManagement.isPersonalExist(Email))
{
if (pw.GeneratePasswordScore(Password) >= 60)
{
string hashedPW = Crypting.En_De_crypt._Encrypt(Password);
string filename = null;
if (image != null && (image.ContentType == "image/jpeg" || image.ContentType == "image/jpg" || image.ContentType == "image/png"))
{
filename = Ip.Resolution(image, new int[] { 128, 256, 512 }, Email.Split('@')[0], "UserPicture");
}
else
{
filename = $"user_default.png";
}
Personal newPersonal = new Personal
{
OwnFirmId = Convert.ToInt64(Session["personalFirmId"]),
personalUserId = userManagement.addUser(new db.Tables.User
{
EncryptedPassword = hashedPW,
Token = Guid.NewGuid().ToString(),
Role = "Personal",
UserName = Email.ToString(),
Image = filename,
EmailVeryfied = false
}),
Name = Name.ToString(),
Surname = Surname.ToString(),
BirthDay = BirthDay.ToString(),
Contact = Contact.ToString(),
City = City.ToString(),
State = State.ToString(),
Address = Address.ToString(),
Mail = Email.ToString(),
Password = hashedPW,
Register_Date = DateTime.Now,
Login_Date = default(DateTime),
Status = true
};
userManagement.addPersonal(newPersonal);
BuildEmailTemplate(newPersonal.personalUserId);
return(Json(new { result = true, redirect = "Login", message = "Kaydınız başarılı bir şekilde oluşturuldu." }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { result = false, message = "Şifreniz zayıf daha güçlü bir şifre giriniz." }, JsonRequestBehavior.AllowGet));
}
}
else
{
return(Json(new { redirect = "Password", result = false, message = "Giriş yaptığınız mail sisteme kayıtlı." }, JsonRequestBehavior.AllowGet));
}
}
}
catch (Exception)
{
return(Json(new { message = "Hata Oluştu." }, JsonRequestBehavior.AllowGet));
}
}
public JsonResult clientRegister(string Name, string Surname, string Emailc, string Password, string Contact)
{
try
{
var image = System.Web.HttpContext.Current.Request.Files[0];
ImageProcess Ip = new ImageProcess();
using (business.Management.UserManagement.UserFunctions userManagement = new business.Management.UserManagement.UserFunctions())
{
PasswordRules pw = new PasswordRules();
int wfsNumber = Convert.ToInt32(Session["wfs"]);
string role;
bool IsUser;
if (wfsNumber == 1)
{
role = "CustomerManager";
IsUser = false;
}
else
{
role = "ClientManager";
IsUser = true;
}
if (!userManagement.isManagerExist(Emailc))
{
if (pw.GeneratePasswordScore(Password) >= 60)
{
string hashedPW = Crypting.En_De_crypt._Encrypt(Password);
string filename = null;
if (image != null && (image.ContentType == "image/jpeg" || image.ContentType == "image/jpg" || image.ContentType == "image/png"))
{
filename = Ip.Resolution(image, new int[] { 128, 256, 512 }, Emailc.Split('@')[0], "UserPicture");
}
else
{
filename = $"user_default.png";
}
ClientManager newManager = new ClientManager
{
managerUserId = userManagement.addUser(new db.Tables.User
{
EncryptedPassword = hashedPW,
Token = Guid.NewGuid().ToString(),
Role = role,
UserName = Emailc,
Image = filename,
EmailVeryfied = false
}),
Name = Name,
Surname = Surname,
Email = Emailc,
Password = hashedPW,
Contact = Contact,
Register_Date = DateTime.Now,
Login_Date = default(DateTime),
Status = true,
ManagerFirmId = (long)Session["latest"],
IsWFSuser = IsUser
};
userManagement.addClientManager(newManager);
BuildEmailTemplate(newManager.managerUserId);
return(Json(new { result = true, redirect = "Login", message = "Kaydınız başarılı bir şekilde oluşturuldu." }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { result = false, message = "Şifreniz zayıf daha güçlü bir şifre giriniz." }, JsonRequestBehavior.AllowGet));
}
}
else
{
using (business.Management.FirmManagement.FirmFunctions fm = new business.Management.FirmManagement.FirmFunctions())
{
fm.deleteFirm((long)Session["latest"]);
}
return(Json(new { message = "Giriş yaptığınız bilgiler sistemde kayıtlı lütfen bilgilerinizi kontrol ediniz." }, JsonRequestBehavior.AllowGet));
}
}
}
catch (Exception e)
{
return(Json(new { message = "Hata Oluştu." }, JsonRequestBehavior.AllowGet));
}
}
/// <summary>
/// FUNCTION FOR TESTING PASSWORD COMPLEXITY
/// </summary>
/// <param name="s">INCOMING PASSWORD TO TEST</param>
/// <param name="minLength">MIN LENGTH OF PASSWORD</param>
/// <param name="maxLength">MAX LENGTH OF PASSWORD</param>
/// <param name="rule">COMPARISON FLAGS CAN BE ANY COMBINATION OF THE FOLLOWING - UPPER, LOWER, NUMERIC, SPECIAL</param>
/// <returns>TRUE OR FALSE IF THE PASSWORD PASSES OR NOT</returns>
static bool ValidatePasswordComplexity(string s, int minLength, int maxLength, PasswordRules rule)
{
//CONSTANTS FOR COMPARISON GROUPS
const string UPPER = "(?=.*[A-Z])";
const string LOWER = "(?=.*[a-z])";
const string NUMERIC = "(?=.*[0-9])";
const string SPECIAL = "(?=.*[!@#$%^&*()<>])";
//CREATE A NEW VAR TO HOLD THE COMPARE STRING WHILE ITS ASSEMBLED
StringBuilder tmpCompare = new StringBuilder("^");
//CHECK IF UPPER IS A REQUIREMENT
if ((rule & PasswordRules.Upper) == PasswordRules.Upper)
{
tmpCompare.Append(UPPER);
}
//CHECK IF LOWER IS A REQUIREMENT
if ((rule & PasswordRules.Lower) == PasswordRules.Lower)
{
tmpCompare.Append(LOWER);
}
//CHECK IF NUMERIC IS A REQUIREMENT
if ((rule & PasswordRules.Numeric) == PasswordRules.Numeric)
{
tmpCompare.Append(NUMERIC);
}
//CHECK IF SPECIAL IS A REQUIREMENT
if ((rule & PasswordRules.Special) == PasswordRules.Special)
{
tmpCompare.Append(SPECIAL);
}
//APPEND THE LENGTH REQUIREMENTS
tmpCompare.Append(string.Format(".{{{0},{1}}}", minLength, maxLength));
//RETURN THE RESULT OF THE COMPARISON
return(Regex.Match(s, tmpCompare.ToString()).Success);
}
public async Task <JsonResult> ProfileUpdate(string Name, string Surname, string Contact, string Email, string Password)
{
var user = web.Session.SessionUser.User;
ImageProcess Ip = new ImageProcess();
try
{
var image = System.Web.HttpContext.Current.Request.Files[0];
string filename = null;
if (image != null && (image.ContentType == "image/jpeg" || image.ContentType == "image/jpg" || image.ContentType == "image/png"))
{
filename = Ip.Resolution(image, new int[] { 128, 256, 512 }, user.User.UserName.Split('@')[0], "UserPicture");
}
else
{
filename = user.User.Image;
}
using (business.Management.UserManagement.UserFunctions userM = new business.Management.UserManagement.UserFunctions())
{
PasswordRules pw = new PasswordRules();
string hashedPW = Password;
if (pw.GeneratePasswordScore(Password) >= 60)
{
if (Password != user.User.EncryptedPassword)
{
hashedPW = business.SessionSettings.Crypting.En_De_crypt._Encrypt(Password);
}
bool verify = true;
if (Email != user.User.UserName)
{
if (user.User.Role == "ClientManager")
{
if (userM.isManagerExist(Email))
{
return(Json(new { result = false, message = "Girdiğiniz bilgiler sistemde kayıtlı..." }, JsonRequestBehavior.AllowGet));
}
}
else
{
if (userM.isPersonalExist(Email))
{
return(Json(new { result = false, message = "Girdiğiniz bilgiler sistemde kayıtlı..." }, JsonRequestBehavior.AllowGet));
}
}
BuildEmailTemplate(user.User.UserId);
verify = false;
}
User updateuser = new User
{
UserName = Email,
EncryptedPassword = hashedPW,
Image = filename,
EmailVeryfied = verify
};
if (userM.updateUser(updateuser, user.User.UserId))
{
if (user.User.Role.Contains("ClientManager"))
{
ClientManager updateManager = new ClientManager
{
Name = Name,
Surname = Surname,
Email = Email,
Password = hashedPW,
Contact = Contact,
};
if (userM.updateClientManager(updateManager, user.ClientManager_Id))
{
return(Json(new { result = true, message = "Bilgileriniz güncellendi." }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { result = false, message = "Bilgileriniz güncellenemedi." }, JsonRequestBehavior.AllowGet));
}
}
else
{
Personal updatePersonal = new Personal
{
Name = Name,
Surname = Surname,
Contact = Contact,
Mail = Email,
Password = hashedPW
};
if (userM.updatePersonal(updatePersonal, user.Personal_Id))
{
return(Json(new { result = true, message = "Bilgileriniz güncellendi." }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { result = false, message = "Bilgileriniz güncellenemedi." }, JsonRequestBehavior.AllowGet));
}
}
}
else
{
return(Json(new { result = false, message = "Bilgileriniz güncellenemedi." }, JsonRequestBehavior.AllowGet));
}
}
else
{
return(Json(new { result = false, message = "Şifreniz zayıf daha güçlü bir şifre giriniz." }, JsonRequestBehavior.AllowGet));
}
}
}
catch (Exception e)
{
return(Json(new { result = false, message = "Hata oluştu" }, JsonRequestBehavior.AllowGet));
}
}
public override bool CreateNewPassword(Password newPassword)
{
if (PasswordWasNotPreviouslyUsed(newPassword) && AllRulesComply(newPassword, PasswordRules.GetPasswordRules()))
{
PreviousPasswords.Add(CurrentPassword);
CurrentPassword = newPassword;
AddEvent(new NewPasswordCreatedDomainEvent(this));
return(true);
}
return(false);
}
public void Setup(PasswordRules ruleSet)
{
}
public void GivenIWantToSetMyPasswordTo(String password)
{
passwordRules = new PasswordRules(password);
}
public Task <PasswordRulesDto> Handle(GetPasswordRulesRequest request, CancellationToken cancellationToken)
{
PasswordRules rules = _authenticationService.GetPasswordRules();
return(Task.FromResult(_mapper.Map <PasswordRulesDto>(rules)));
}
