public void TestTwoHashes() { // Arrange SecurityHandler securityHandler = new SecurityHandler(); User userOne = new User() { Email = "*****@*****.**", Password = "******" }; User userTwo = new User() { Email = "*****@*****.**", Password = "******" }; // Act string userOnePass = securityHandler.HashPassword(userOne.Password); string userTwoPass = securityHandler.HashPassword(userOne.Password); // Assert Assert.AreNotEqual(userOnePass, userTwoPass); }
public void TestCompareDifferentPassword() { // Arrange SecurityHandler securityHandler = new SecurityHandler(); User userOne = new User() { Email = "*****@*****.**", Password = "******" }; // Act string userOnePass = securityHandler.HashPassword(userOne.Password); bool samePassword = securityHandler.ArePasswordsSame(userOnePass, "def456"); // Assert Assert.IsFalse(samePassword); }
// Inserts a user public string InsertUser(User userObj) { string result = ""; SecurityHandler secHandler = new SecurityHandler(); string userPassword = secHandler.HashPassword(userObj.Password); bool taken = EmailIsTaken(userObj.Email); if (!taken) { try { using (SqlConnection con = new SqlConnection(_connectionString)) { // Insert query string query = "INSERT INTO users(email,password) VALUES(@email, @password)"; using (SqlCommand cmd = new SqlCommand(query)) { cmd.Connection = con; // opening connection con.Open(); // Passing parameter values cmd.Parameters.AddWithValue("@email", userObj.Email); cmd.Parameters.AddWithValue("@password", userPassword); // Executing insert query result = cmd.ExecuteNonQuery() >= 1 ? "success" : "failure"; } } } catch { return(result = ""); } } else { result = "email address is taken"; } return(result); }