public void HashAndVerifyPassowrd_ShouldVerify(string password)
        {
            //

            var hash         = HashingUtil.HashPasswordWithSalt(password);
            var verifyIsTrue = HashingUtil.VerifyPassword(password, hash);

            Assert.IsTrue(verifyIsTrue);
        }
Exemplo n.º 2
0
        public void ChangePassword(int userId, string oldPassword, string newPassword)
        {
            using (var transaction = new TransactionScope())
            {
                var user = usersDao.SelectByID(userId);
                if (user == null)
                {
                    throw new EntityNotFoundException($"User with ID {userId} was not found", typeof(User));
                }

                if (!HashingUtil.VerifyPassword(oldPassword, user.Password))
                {
                    throw new ValidationFailedException(new ValidationInfo(new ErrorMessage[] { Errors.InvalidPassword() }));
                }

                user.Password = HashingUtil.HashPasswordWithSalt(newPassword);
                usersDao.UpdateUser(user);

                transaction.Complete();
            }
        }
Exemplo n.º 3
0
        /// <summary>
        /// Finalizes registration for user with provided email.
        /// Will perform validations and test if user is not already registered,
        /// if provided token is not expired and if user exists at all
        /// </summary>
        /// <param name="regCredentials">Credentials used to finish registration, also used for validation</param>
        /// <returns>Updated user entity after successfulregistration</returns>
        /// <exception cref="ValidationFailedException">When user registration fails described validations</exception>
        /// <exception cref="EntityNotFoundException">When user with provided email was not found</exception>
        public User FinishRegistration(RegCredentials regCredentials)
        {
            using (var transaction = new TransactionScope())
            {
                var userToUpdate = usersDao.SelectByRegToken(regCredentials.RegistrationToken);
                if (userToUpdate == null)
                {
                    throw new EntityNotFoundException($"User with token {regCredentials.RegistrationToken} was not found", typeof(User));
                }
                var validationInfo = userValidator.ValidateFinishReg(userToUpdate, regCredentials);
                if (!validationInfo.IsValid)
                {
                    throw new ValidationFailedException(validationInfo);
                }

                usersDao.UpdatePasswordClearToken(HashingUtil.HashPasswordWithSalt(regCredentials.PlainPassword), userToUpdate.UserId);
                transaction.Complete();

                userToUpdate.RegistrationToken = null;
                return(userToUpdate);
            }
        }