Exemplo n.º 1
0
        private bool VerifyPassword(User user, string Password)
        {
            CustomPasswordHasher passwordHasher = new CustomPasswordHasher();

            if (passwordHasher.VerifyHashedPassword(user.Password, Password) == PasswordVerificationResult.Success)
            {
                return(true);
            }

            return(false);
        }
Exemplo n.º 2
0
        static void Main(string[] args)
        {
            string password = "******";

            IdentityUser         user   = new IdentityUser();
            CustomPasswordHasher hasher = new CustomPasswordHasher();

            string hashedValue = hasher.HashPassword(user, password);

            Console.WriteLine("HashedValue > " + hashedValue);

            Console.WriteLine("Verify > " + hasher.VerifyHashedPassword(user, hashedValue, password));
        }
        public HttpResponseMessage Login(string LoginType, string UserName, string Password, string PushNotificationID, string MobilePlatform)
        {
            using (DBDataContext db = new DBDataContext())
            {
                List <usp_GetUserInformationResult> res = db.usp_GetUserInformation(LoginType, UserName).ToList();
                if (res.Count() > 0 && LoginType.ToUpper() == "EMAIL" && CustomPasswordHasher.VerifyHashedPassword(res.ElementAt(0).Password, Password))
                {
                    usp_GetUserInformationResult t = res.ElementAt(0);
                    db.usp_UpdateUserMobileDeviceInformation(t.ID, MobilePlatform, PushNotificationID);

                    PenYourPrayerUser user = new PenYourPrayerUser();
                    user.ID                 = t.ID;
                    user.DisplayName        = t.DisplayName;
                    user.LoginType          = t.LoginType;
                    user.UserName           = t.UserName;
                    user.MobilePlatform     = MobilePlatform;
                    user.ProfilePictureURL  = t.ProfilePictureURL;
                    user.PushNotificationID = PushNotificationID;
                    user.HMACHashKey        = t.HMACHashKey;
                    user.EmailVerification  = t.EmailVerification;
                    if (!t.EmailVerification)
                    {
                        user.HMACHashKey = "";
                    }
                    //

                    return(Request.CreateResponse(HttpStatusCode.OK, user));
                }
                //else if (res.Count() > 0 && LoginType.ToUpper() == "FACEBOOK")
                //{
                //    bool result = SocialMediaAuthentication.CheckFacebookAccessToken("CAAXXIYv53qcBABWf4lQvRT0Rm3UgBXcF1foQ4SRTNDp7eaSvDFLe4fZC4BFqsE1YYTcdUQw3UvZCRkmdWZAFbu2hav9UuHZAoE9VcpLkKvsSZC3IfLUrHglCygQ5XbZBcH0ORI9t2QzKAjggPsrORxmVgovoHZCzl4wV56mv9cQPxvZBxTCiOJlrcdbh5JigAxXnQ2h5Yc0WinZAjcypHhrgZAL8BnwiKOECTDNFXgOtfbDQZDZD");

                //}
                //else if (res.Count() > 0 && LoginType.ToUpper() == "TWITTER")
                //{
                //    bool result = SocialMediaAuthentication.checkTwitterAccessToken(UserName, "806837785-trTr0ObdqaW0owy1N0WXJFh6OGSlgUH74nh3qoHO", "w5j7WPwHWwY4DSfJ82tRVZF7SBogZJ6XABptVt431uOowvwFKC");
                //}
                //else if (res.Count() > 0 && LoginType.ToUpper() == "GOOGLEPLUS")
                //{
                //    bool result = SocialMediaAuthentication.CheckGooglePlusAccessToken("eyJhbGciOiJSUzI1NiIsImtpZCI6Ijk2MmM2NTc0MjVhNGE3YWE0ZGFhM2FiNGNlNjU0NWZhOGM0ZTAxYmYifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiYXVkIjoiMTAzNjE4MjAxODU4OS1xcTVlNDlhNzNzYzRwMHE5ZjAyaXNmaW41NnNuYmNzZC5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsInN1YiI6IjExNzg4NzA0NTM3ODc4ODY4NTMyOCIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhenAiOiIxMDM2MTgyMDE4NTg5LWtxMjZmMnFpM2dhZGlvMWFnZ3QwcWFvYzEzZ3Z2NjQ2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiZW1haWwiOiJ6bml0ZXI4MUBnbWFpbC5jb20iLCJpYXQiOjE0NDYxNzcxMDgsImV4cCI6MTQ0NjE4MDcwOCwibmFtZSI6IktpYW4gU2VuZyIsInBpY3R1cmUiOiJodHRwczovL2xoNi5nb29nbGV1c2VyY29udGVudC5jb20vLWNKRVp5aUk5N05VL0FBQUFBQUFBQUFJL0FBQUFBQUFBQnkwLzdGU2dMYmIxd21ZL3M5Ni1jL3Bob3RvLmpwZyIsImdpdmVuX25hbWUiOiJLaWFuIiwiZmFtaWx5X25hbWUiOiJTZW5nIn0.Ja-18lzCKorBORYExsjLcZpjhgMzYKLB4Vx9QCzyEt1dqPlg7uzAVmqy0O6i3CzKB2i5bt6jCarBTh5Vnt4OdaVjeDyqAu1sz1v9r6VBCzqmtgDsJa1HLs_NZUK19uLPIIIPobAlAcryPGIDBsnIoDe0sVcs57dkbZXjpohnc8M8nnPNrYkFMQaG1yEuz8MwbgoXRqEKjt0gCetavSU2stAR21QrC4ojfXeAcF1EHvrZgv3UceejtI5Qu3ytajc2YYPCvRcPX6iE5JJUz4sHIu0GMfG-fri5CLgP9PkgpH36-uJpo14gqFMSeg21yXBJnQBhCDmrc4MLm0-I-w9E_g");

                //}

                return(Request.CreateResponse(HttpStatusCode.BadRequest, new CustomResponseMessage()
                {
                    StatusCode = (int)HttpStatusCode.BadRequest, Description = "Invalid UserID/Password"
                }));
            }
        }
        public IActionResult Login([FromBody] MemberDTO user)
        {
            CustomPasswordHasher ph = new CustomPasswordHasher();

            if (user == null)
            {
                return(BadRequest("Invalid client request"));
            }
            //Lookup user by given username
            MemberDTO DbUser = MembersManager.GetMemberByUsername(user.Username);

            if (DbUser != null)
            {
                //Check if given password matches
                if (ph.VerifyHashedPassword(DbUser.PasswordHash, user.Password, DbUser.PasswordSalt) == PasswordVerificationResult.Success)
                {
                    //Create token
                    var secretKey         = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("keycryptstring123"));
                    var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);

                    var tokeOptions = new JwtSecurityToken(
                        issuer: "https://localhost:44398",
                        audience: "https://localhost:44398",
                        claims: new List <Claim>(),
                        expires: DateTime.Now.AddMinutes(5),
                        signingCredentials: signinCredentials
                        );

                    var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
                    return(Ok(new { Token = tokenString }));
                }
                else
                {
                    return(Unauthorized());
                }
            }
            return(NotFound());
        }
Exemplo n.º 5
0
        //Login lan dau
        public bool IsValidUser(UserAuthen user, bool isLogined)
        {
            //Check User
            bool isValid = false;
            string cacheKey = GetCacheKey(user.UserName);
            if (CacheUser.Contain(cacheKey))
            {
                var uc = CacheUser.Get<User>(cacheKey);

                if (isLogined)
                {
                    //Fast check
                    isValid = uc.PasswordHash == user.PasswordHash;
                }
                else
                {
                    //Very slow
                    var passHash = new CustomPasswordHasher();
                    isValid = passHash.VerifyHashedPassword(uc.PasswordHash, user.Password) == PasswordVerificationResult.Success;
                    if (isValid)
                        user.PasswordHash = uc.PasswordHash;
                }
            }
            else
            {
                //Check User
                var userDB = UserManager.Find(user.UserName, user.Password);
                //Check User
                if (userDB != null)
                {
                    SetUserToCache(userDB, cacheKey);
                    user.PasswordHash = userDB.PasswordHash;
                    isValid = true;
                }
            }
            return isValid;
        }