public bool Verify(string accountId, string password, string otp)
{
var passwordFromDb = _profileDao.GetPassword(accountId);
var hashedPassword = _sha256Adapter.Compute(password);
var currentOtp = _otpService.GetCurrentOtp();
return(passwordFromDb == hashedPassword && otp == currentOtp);
}
public bool IsValid(string account, string password, IProfileDao profile, IRsaToken rsaToken)
{
// 根據 account 取得自訂密碼
var passwordFromDao = profile.GetPassword(account);
// 根據 account 取得 RSA token 目前的亂數
var randomCode = rsaToken.GetRandom(account);
// 驗證傳入的 password 是否等於自訂密碼 + RSA token亂數
var validPassword = passwordFromDao + randomCode;
var isValid = password == validPassword;
return isValid;
}
public bool IsValid(string account, string password, IProfileDao profile, IRsaToken rsaToken)
{
// 根據 account 取得自訂密碼
var passwordFromDao = profile.GetPassword(account);
// 根據 account 取得 RSA token 目前的亂數
var randomCode = rsaToken.GetRandom(account);
// 驗證傳入的 password 是否等於自訂密碼 + RSA token亂數
var validPassword = passwordFromDao + randomCode;
var isValid = password == validPassword;
return(isValid);
}
public bool Verify(string accountId, string password, string otp)
{
var passwordFromDb = _ProfileDao.GetPassword(accountId);
var hashedPassword = _Hash.ComputeHash(password);
var currentOtp = _Otp.GetOtp(accountId);
if (passwordFromDb == hashedPassword && otp == currentOtp)
{
return(true);
}
return(false);
}
public void IsValidTest()
{
//var stubProfile = new StubProfileDao();
IProfileDao stubProfile = Substitute.For <IProfileDao>();
stubProfile.GetPassword("joey").Returns("91");
//var stubToken = new StubTokenDao();
IRsaToken stubToken = Substitute.For <IRsaToken>();
stubToken.GetRandom("").ReturnsForAnyArgs("000000");
var target = new AuthenticationService(stubProfile, stubToken);
var actual = target.IsValid("joey", "91000000");
Assert.IsTrue(actual);
}
public void Test_IsValid_joey_1234666666_Should_Return_True()
{
var target = new AuthService();
var account = "cash";
var password = "******";
IProfileDao stubProfileDao = Substitute.For <IProfileDao>();
stubProfileDao.GetPassword("cash").ReturnsForAnyArgs("1234");
stubProfileDao.GetToken("cash").ReturnsForAnyArgs("666666");
target.MyProfileDao = stubProfileDao;
var actual = target.IsValid(account, password);
var expected = true;
actual.Should().Be(expected);
}
private void GivePassword(string assignPassword)
{
_fakeProfileDao.GetPassword(Arg.Any <string>()).Returns(assignPassword);
}
private void GivenPassword(string accountId, string password)
{
_fakeProfileDao.GetPassword(accountId).Returns(password);
}
private void GivenPassword(string account, string hashedPassword)
{
_ProfileDao.GetPassword(account).Returns(hashedPassword);
}
