public async Task <string> Login(Credential credential)
{
await DatabaseFunctions.InitializeStaticStorage(_db).ConfigureAwait(false);
if (credential is null)
{
return("false");
}
credential.CredentialsUsername = credential.CredentialsUsername.ToLower();
var credentialQueryingList = await DatabaseFunctions.GetCredentials(_db, credential).ConfigureAwait(false);
if (credentialQueryingList.Count == 0)
{
return("false");
}
var passwordSalt = await DatabaseFunctions.GetPasswordSalt(_db, credential).ConfigureAwait(false);
var passwordInDatabase = await DatabaseFunctions.GetPasswordFromDb(_db, credential).ConfigureAwait(false);
var decryptPassword = HashServices.Decrypt(passwordSalt, credential.CredentialsPassword);
return(!decryptPassword.Equals(passwordInDatabase) ? "false" : GenerateToken.Generate(credential.CredentialsUsername, _jwtSettings));
}
public async Task <bool> ChangePassword(ChangePasswordInfo changePasswordInfo)
{
await DatabaseFunctions.InitializeStaticStorage(_db).ConfigureAwait(false);
try
{
changePasswordInfo.CredentialUsername = changePasswordInfo.CredentialUsername.ToLower();
var credential = new Credential()
{
CredentialsPassword = changePasswordInfo.OldPassword,
CredentialsUsername = changePasswordInfo.CredentialUsername
};
var passwordSalt = await DatabaseFunctions.GetPasswordSalt(_db, credential).ConfigureAwait(false);
var passwordInDatabase = await DatabaseFunctions.GetPasswordFromDb(_db, credential).ConfigureAwait(false);
var decryptPassword = HashServices.Decrypt(passwordSalt, credential.CredentialsPassword);
if (!decryptPassword.Equals(passwordInDatabase))
{
return(false);
}
await DatabaseFunctions.ChangePasswordInDb(changePasswordInfo.CredentialUsername, changePasswordInfo.NewPassword,
_db);
return(true);
}
catch (Exception e)
{
Console.WriteLine(e);
return(false);
}
}
private async void OnGenerateTokenButtonClicked(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(this.CPFTextBox.Text))
{
await new MessageDialog("Você precisa digitar seu CPF!", "CPF inválido").ShowAsync();
return;
}
if (string.IsNullOrEmpty(this.PassTextBox.Password))
{
await new MessageDialog("Você precisa digitar sua senha!", "Senha inválida").ShowAsync();
return;
}
string token;
string cpf = this.CPFTextBox.Text;
string rawPass = this.PassTextBox.Password;
token = await Task.Run(() =>
{
string pass = HashServices.HashPassword(rawPass, cpf);
return(TokenGeneratorService.GenerateToken(pass));
});
this.TokenTextBlock.Text = token;
this.TokenExpirationTextBlock.Text = "Válido por " + TokenExpirationTimeSeconds + " segundos";
this.cleanTimer.Start();
}
public async Task GivenAValidUser_ShouldAuthenticateAsync()
{
var password = "******";
var passwordEncrypted = HashServices.CreatePasswordEncrypted(password);
var userModel = _fixture.Build <AuthenticateUser>()
.With(u => u.Password, password)
.Create();
var user = _fixture.Build <User>()
.With(u => u.PasswordHash, passwordEncrypted.passwordHash)
.With(u => u.PasswordSalt, passwordEncrypted.passwordSalt)
.Create();
var userDAOMock = new Mock <IUserDAO>();
userDAOMock.Setup(m => m.BuscarPorUsername(It.IsAny <string>())).Returns(Task.FromResult(user));
var _userAuthenticateService = new UserAuthenticateService(userDAOMock.Object);
UserSensitive userResponse = await _userAuthenticateService.AuthenticateAsync(userModel);
userResponse.Should().NotBeNull();
userResponse.Username.Should().Be(user.Username);
}
private static IList <User> CreateUsers()
{
IList <User> UsersList = new List <User>();
var passwordEncrypted = HashServices.CreatePasswordEncrypted("senha1");
var user1 = new User {
FirstName = "Daniel", LastName = "Souza", Username = "******", PasswordHash = passwordEncrypted.passwordHash, PasswordSalt = passwordEncrypted.passwordSalt
};
UsersList.Add(user1);
passwordEncrypted = HashServices.CreatePasswordEncrypted("senha1");
var user2 = new User {
FirstName = "Izabela", LastName = "Souza", Username = "******", PasswordHash = passwordEncrypted.passwordHash, PasswordSalt = passwordEncrypted.passwordSalt
};
UsersList.Add(user2);
passwordEncrypted = HashServices.CreatePasswordEncrypted("senha2");
var user3 = new User {
FirstName = "Carlos", LastName = "Oliveira", Username = "******", PasswordHash = passwordEncrypted.passwordHash, PasswordSalt = passwordEncrypted.passwordSalt
};
UsersList.Add(user3);
_usersList = UsersList;
return(UsersList);
}
private User CreateUserModel()
{
var password = _fixture.Create <string>();
var passwordEncrypted = HashServices.CreatePasswordEncrypted(password);
var user = _fixture.Build <User>()
.With(u => u.PasswordHash, passwordEncrypted.passwordHash)
.With(u => u.PasswordSalt, passwordEncrypted.passwordSalt)
.Without(u => u.Id)
.Create();
return(user);
}
// This method is private because only authenticated users can see this view.
public ActionResult Index()
{
if (BusinessManager.Instance.GlobalManagers.FindAll().Count == 0)
{
ApplicationUserManager userManager = HttpContext.GetOwinContext().GetUserManager <ApplicationUserManager>();
ApplicationUser user;
if ((user = userManager.FindByEmail("*****@*****.**")) == null)
{
user = new ApplicationUser
{
Email = "*****@*****.**",
FirstName = "Ricardo",
LastName = "Souza",
EmailConfirmed = true,
UserName = "******",
PhoneNumber = "(19) 99856-0989",
UserType = UserType.GlobalAdmin
};
userManager.Create(user, "Ricardo12__");
}
string cpf = "000.000.000-00";
Address address = new PostalCodeService().GetAdrressFromPostalCode("13024-420").Address;
address.State = Common.StateTranslator.GetStateName(address.State);
GlobalManager globalManager = new GlobalManager
{
Address = address,
FirstName = user.FirstName,
LastName = user.LastName,
CPF = cpf,
Email = user.Email,
Password = user.PasswordHash,
Telephone = user.PhoneNumber,
TokenHash = HashServices.HashPassword("547458", cpf),
StreetNumber = 123
};
BusinessManager.Instance.GlobalManagers.Add(globalManager);
}
if (!Request.IsAuthenticated)
{
return(RedirectToAction("Login", "Account"));
}
return(View());
}
public async Task <bool> ResetPcCredentialPassword(Credential credential)
{
await DatabaseFunctions.InitializeStaticStorage(_db).ConfigureAwait(false);
try
{
credential.CredentialsUsername = credential.CredentialsUsername.ToLower();
var credentialFromDb = await _db.Credentials
.Where(c => c.CredentialsUsername.Equals(credential.CredentialsUsername)).FirstOrDefaultAsync()
.ConfigureAwait(false);
if (credentialFromDb == null)
{
return(false);
}
var passwordSalt = await DatabaseFunctions.GetPasswordSalt(_db, credential).ConfigureAwait(false);
var passwordInDatabase = await DatabaseFunctions.GetPasswordFromDb(_db, credential).ConfigureAwait(false);
var decryptPassword = HashServices.Decrypt(passwordSalt, credential.CredentialsPassword);
if (!decryptPassword.Equals(passwordInDatabase))
{
return(false);
}
credentialFromDb.PcCredentialPassword = ModelCreation.GenerateRandomString();
StaticStorageServices.AdminMapper[credential.CredentialsUsername] = credentialFromDb.PcCredentialPassword;
await EmailServices.SendEmail(credential.CredentialsUsername, $"New Pc Credential Password: {credentialFromDb.PcCredentialPassword}");
await _db.SaveChangesAsync();
return(true);
}
catch (Exception e)
{
Console.WriteLine(e);
return(false);
}
}
public void CRC32Test()
{
LogStart("CRC32Test");
Action <uint, uint> testReverse = (uint original, uint expected) => { Assert.IsTrue(HashServices.ReverseBits(original) == expected); };
Action <string, uint> testCRC32 = (string data, uint expected) =>
{
byte[] crc = HashServices.CRC32(Encoding.ASCII.GetBytes(data));
uint crcValue = BitConverter.ToUInt32(crc, 0);
Assert.IsTrue(crcValue == expected);
};
testReverse(0x1, 0x80000000u);
testReverse(0x2, 0x40000000u);
testReverse(0x4, 0x20000000u);
testReverse(0x8, 0x10000000u);
testReverse(0xd2d15a39u, 0x9c5a8b4bu);
Assert.IsFalse(HashServices.ReverseBits(0xd2d15a39u) == 0x9c5b8b4bu);
testCRC32("123456789", 0xcbf43926u);
testCRC32("A", 0xd3d99e8bu);
testCRC32("0", 0xf4dbdf21u);
testCRC32("This is just a test string that should be long enough and weird enough to catch ERRORS!", 0x6684ac42u);
DateTime start;
uint result;
//And now the big one: will a huge file still produce the right crc32 using the stream method?
using (FileStream f = new FileStream("MediaCreationTool.exe", FileMode.Open))
{
start = DateTime.Now;
result = BitConverter.ToUInt32(HashServices.CRC32(f), 0);
Logger.Info($"CRC32 of 17.7mb file took {(DateTime.Now - start).ToSimplePhrase()}");
Assert.IsTrue(result == 0x5a2DD3B4);
}
//Oh and might as well test time for normal... crc
//start = DateTime.Now;
//result = BitConverter.ToUInt32(NetworkServices.CRC32(File.ReadAllBytes("MediaCreationTool.exe")), 0);
//Logger.Info($"CRC32 of 17.7mb file took {(DateTime.Now - start).ToSimplePhrase()}");
//Assert.IsTrue(result == 0x5a2DD3B4);
}
private static MTProtoClientBuilder CreateDefault()
{
var clientTransportFactory = new ClientTransportFactory();
var tlRig = new TLRig();
var messageIdGenerator = new MessageIdGenerator();
var hashServices = new HashServices();
var encryptionServices = new EncryptionServices();
var randomGenerator = new RandomGenerator();
var messageCodec = new MessageCodec(tlRig, hashServices, encryptionServices, randomGenerator);
var keyChain = new KeyChain(tlRig, hashServices);
var nonceGenerator = new NonceGenerator();
return new MTProtoClientBuilder(clientTransportFactory,
tlRig,
messageIdGenerator,
messageCodec,
hashServices,
encryptionServices,
nonceGenerator,
keyChain);
}
public async Task <ActionResult> SaveChanges(EditGlobalAdminViewModel model)
{
var userManager = HttpContext.GetOwinContext().GetUserManager <ApplicationUserManager>();
if (ModelState.IsValid)
{
ApplicationUser user = await userManager.FindByEmailAsync(model.Email);
bool error = false;
string tokenHash = null;
if (!string.IsNullOrEmpty(model.NewPassword))
{
var result = userManager.ChangePassword(user.Id, model.Password, model.NewPassword);
if (!result.Succeeded)
{
ModelState["Password"].Errors.Add("Senha incorreta");
error = true;
}
}
if (!string.IsNullOrEmpty(model.Token))
{
if (string.IsNullOrEmpty(model.Password))
{
ModelState["Token"].Errors.Add("O token só pode ser alterado se a senha for digitada");
error = true;
}
else
{
if (!userManager.CheckPassword(user, model.Password))
{
ModelState["Password"].Errors.Add("Senha incorreta");
error = true;
}
else
{
tokenHash = HashServices.HashPassword(model.Token, model.CPF);
}
}
}
if (!error)
{
user = await userManager.FindByEmailAsync(model.Email);
if (tokenHash == null)
{
tokenHash = BusinessManager.Instance.GlobalManagers.FindAll().SingleOrDefault(g => g.Email == user.Email).TokenHash;
}
GlobalManager globalAdmin = model.ToGlobalManager(user.PasswordHash, tokenHash);
BusinessManager.Instance.GlobalManagers.Update(globalAdmin);
return(RedirectToAction("Index", "GlobalAdmin"));
}
}
return(View("Edit", model));
}
