public void TestTwoHashes()
{
// Arrange
SecurityHandler securityHandler = new SecurityHandler();
User userOne = new User()
{
Email = "*****@*****.**", Password = "******"
};
User userTwo = new User()
{
Email = "*****@*****.**", Password = "******"
};
// Act
string userOnePass = securityHandler.HashPassword(userOne.Password);
string userTwoPass = securityHandler.HashPassword(userOne.Password);
// Assert
Assert.AreNotEqual(userOnePass, userTwoPass);
}
public void TestCompareDifferentPassword()
{
// Arrange
SecurityHandler securityHandler = new SecurityHandler();
User userOne = new User()
{
Email = "*****@*****.**", Password = "******"
};
// Act
string userOnePass = securityHandler.HashPassword(userOne.Password);
bool samePassword = securityHandler.ArePasswordsSame(userOnePass, "def456");
// Assert
Assert.IsFalse(samePassword);
}
// Inserts a user
public string InsertUser(User userObj)
{
string result = "";
SecurityHandler secHandler = new SecurityHandler();
string userPassword = secHandler.HashPassword(userObj.Password);
bool taken = EmailIsTaken(userObj.Email);
if (!taken)
{
try
{
using (SqlConnection con = new SqlConnection(_connectionString))
{
// Insert query
string query = "INSERT INTO users(email,password) VALUES(@email, @password)";
using (SqlCommand cmd = new SqlCommand(query))
{
cmd.Connection = con;
// opening connection
con.Open();
// Passing parameter values
cmd.Parameters.AddWithValue("@email", userObj.Email);
cmd.Parameters.AddWithValue("@password", userPassword);
// Executing insert query
result = cmd.ExecuteNonQuery() >= 1 ? "success" : "failure";
}
}
}
catch
{
return(result = "");
}
}
else
{
result = "email address is taken";
}
return(result);
}
