/*************************************************************************************************/ public string GetFormattedString(UserEncrypedData data) { string formatted = ""; formatted = string.Format(CultureInfo.CurrentCulture, "{0},{1},{2},{3},{4}", data.UniqueGUID, data.RandomGeneratedKey, data.Iterations, data.Salt, data.Hash); return(formatted); }
/*************************************************************************************************/ public ChangeUserPasswordResult ChangeUserPassword(string originalPassword, string newPassword, string confirmPassword) { ChangeUserPasswordResult result = ChangeUserPasswordResult.Failed; if (IsLoggedIn()) { if (newPassword == confirmPassword) { bool validPassword = VerifyCurrentUserPassword(originalPassword); if (validPassword) { ChangeUserPasswordResult verifyPass = VerifyPasswordRequirements(newPassword); if (verifyPass != ChangeUserPasswordResult.Success) { result = verifyPass; } else { User user = _dbcontext.GetUserByGUID(_currentUser.GUID); UserEncrypedData newEncryptedData = _masterPassword.GenerateNewUserEncryptedDataFromPassword(newPassword); User newUser = new User( user.GUID, _encryptDecrypt.Encrypt(_currentUser.PlainTextRandomKey, newPassword), // Encrypt the random key with the users password user.Username, newEncryptedData.Iterations.ToString(CultureInfo.CurrentCulture), newEncryptedData.Salt, newEncryptedData.Hash, user.FirstName, user.LastName, user.PhoneNumber, user.Email ); if (_dbcontext.ModifyUser(user, newUser)) { result = ChangeUserPasswordResult.Success; } else { result = ChangeUserPasswordResult.Failed; } } } } else { result = ChangeUserPasswordResult.PasswordsDoNotMatch; } } return(result); }
/*************************************************************************************************/ public CreateUserResult CreateNewUser(User user) { CreateUserResult createUserResult = CreateUserResult.Failed; if (user != null) { User queryResult = _dbcontext.GetUserByUsername(user.Username); if (queryResult != null) { createUserResult = CreateUserResult.UsernameTaken; } else { UserInformationResult verifyUser = VerifyUserInformation(user); ChangeUserPasswordResult verifyPassword = VerifyPasswordRequirements(user.PlainTextPassword); // Verify that username and password pass requirements if (!VerifyUsernameRequirements(user.Username)) { createUserResult = CreateUserResult.UsernameNotValid; } else if (verifyPassword != ChangeUserPasswordResult.Success) { switch (verifyPassword) { case ChangeUserPasswordResult.Failed: createUserResult = CreateUserResult.PasswordNotValid; break; case ChangeUserPasswordResult.LengthRequirementNotMet: createUserResult = CreateUserResult.LengthRequirementNotMet; break; case ChangeUserPasswordResult.NoLowerCaseCharacter: createUserResult = CreateUserResult.NoLowerCaseCharacter; break; case ChangeUserPasswordResult.NoNumber: createUserResult = CreateUserResult.NoNumber; break; case ChangeUserPasswordResult.NoSpecialCharacter: createUserResult = CreateUserResult.NoSpecialCharacter; break; case ChangeUserPasswordResult.NoUpperCaseCharacter: createUserResult = CreateUserResult.NoUpperCaseCharacter; break; case ChangeUserPasswordResult.PasswordsDoNotMatch: createUserResult = CreateUserResult.PasswordNotValid; break; default: createUserResult = CreateUserResult.PasswordNotValid; break; } } else if (verifyUser != UserInformationResult.Success) { switch (verifyUser) { case UserInformationResult.InvalidEmail: createUserResult = CreateUserResult.EmailNotValid; break; case UserInformationResult.InvalidFirstName: createUserResult = CreateUserResult.FirstNameNotValid; break; case UserInformationResult.InvalidLastName: createUserResult = CreateUserResult.LastNameNotValid; break; case UserInformationResult.InvalidPhoneNumber: createUserResult = CreateUserResult.PhoneNumberNotValid; break; case UserInformationResult.Failed: createUserResult = CreateUserResult.Failed; break; } } else { createUserResult = CreateUserResult.Successful; UserEncrypedData newEncryptedData = _masterPassword.GenerateNewUserEncryptedDataFromPassword(user.PlainTextPassword); User newUser = new User( newEncryptedData.UniqueGUID, // Leave unique guid in plaintext _encryptDecrypt.Encrypt(newEncryptedData.RandomGeneratedKey, user.PlainTextPassword), // Encrypt the random key with the users password user.Username, // Leave username in plaintext newEncryptedData.Iterations.ToString(CultureInfo.CurrentCulture), // Leave iterations in plaintext newEncryptedData.Salt, newEncryptedData.Hash, _encryptDecrypt.Encrypt(user.FirstName, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key _encryptDecrypt.Encrypt(user.LastName, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key _encryptDecrypt.Encrypt(user.PhoneNumber, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key _encryptDecrypt.Encrypt(user.Email, newEncryptedData.RandomGeneratedKey) // Encrypt with decrypted random key ); _dbcontext.AddUser(newUser); } } } return(createUserResult); }