Exemplo n.º 1
0
        public ObjectId ValidateLoginAttempt(string username, byte[] enteredPassword)
        {
            User user = Database.Instance.userCollection.FindOneAs <User>(Query.EQ("username", username));

            if (user != null)
            {
                byte[] saltedHash = Authorize.GenerateSaltedHash(enteredPassword, user.password.salt);

                if (Authorize.IsValidHash(saltedHash, user.password.hash))
                {
                    return(user.id);
                }
                else
                {
                    return(ObjectId.Empty);
                }
            }
            else
            {
                return(ObjectId.Empty);
            }
        }
Exemplo n.º 2
0
        public bool ChangePassword(byte[] newPassword)
        {
            byte[] saltedHash = Authorize.GenerateSaltedHash(newPassword, password.salt);
            if (Authorize.IsValidHash(saltedHash, password.hash))
            {
                return(false);
            }
            foreach (Password prevPass in previousPasswords)
            {
                saltedHash = Authorize.GenerateSaltedHash(newPassword, prevPass.salt);
                if (Authorize.IsValidHash(saltedHash, prevPass.hash))
                {
                    return(false);
                }
            }
            byte[] salt = Authorize.GenerateSalt();
            saltedHash = Authorize.GenerateSaltedHash(newPassword, salt);
            Password newPass = new Password(saltedHash, salt);

            previousPasswords.Add(this.password);
            this.password = newPass;

            return(true);
        }
Exemplo n.º 3
0
        public Tuple <ServerResponse, ObjectId> CreateNewAccount(string username, string password)
        {
            Tuple <ServerResponse, ObjectId> response;

            try
            {
                if (Authorize.PassesGuidelines(password))
                {
                    byte[]   passBytes  = Encoding.UTF8.GetBytes(password);
                    byte[]   salt       = Authorize.GenerateSalt();
                    byte[]   saltedHash = Authorize.GenerateSaltedHash(passBytes, salt);
                    Password pass       = new Password(saltedHash, salt);
                    User     newUser    = new User(username.ToLower(), pass);
                    try
                    {
                        UserManager.Instance.SaveUser(newUser);
                        response = new Tuple <ServerResponse, ObjectId>(ServerResponse.Success, newUser.id);
                    }
                    catch (MongoWriteConcernException ex)
                    {
                        WriteLog(ex);
                        response = new Tuple <ServerResponse, ObjectId>(ServerResponse.UsernameAlreadyExists, ObjectId.Empty);
                    }
                }
                else
                {
                    response = new Tuple <ServerResponse, ObjectId>(ServerResponse.UsernameAlreadyExists, ObjectId.Empty);
                }
            }
            catch (Exception ex)
            {
                WriteLog(ex);
                response = new Tuple <ServerResponse, ObjectId>(ServerResponse.ServerError, ObjectId.Empty);
            }
            return(response);
        }