public void CheckMasterPasswordTest()
{
SecureString wrongPassword = new SecureString();
wrongPassword.AppendChar('c');
SecureString passwd = new SecureString();
foreach (char c in masterPassword.ToCharArray())
{
passwd.AppendChar(c);
}
Authentification.NewMasterPassword(passwd, triggerCompleteEvent: true);
PasswordObject oldAppPassword = new PasswordObject();
oldAppPassword.Password = Authentification.AppPassword.Password.Copy();
oldAppPassword.Salt = new byte[Authentification.AppPassword.Salt.Length];
Authentification.AppPassword.Salt.CopyTo(oldAppPassword.Salt, 0);
Assert.IsFalse(Authentification.CheckMasterPassword(wrongPassword));
Assert.IsTrue(Authentification.CheckMasterPassword(passwd));
PasswordObject newAppPassword = new PasswordObject();
newAppPassword.Password = Authentification.AppPassword.Password.Copy();
newAppPassword.Salt = new byte[Authentification.AppPassword.Salt.Length];
Authentification.AppPassword.Salt.CopyTo(newAppPassword.Salt, 0);
Assert.IsTrue(CheckAppPassword(oldAppPassword, newAppPassword));
Assert.IsTrue(Authentification.CheckMasterPassword(passwd, shortCheck: true));
Assert.IsTrue(CheckAppPassword(newAppPassword, Authentification.AppPassword));
}
public static int GuiMail(string title, string content, string toEmail, string ccMail, string bccMail)
{
PasswordObject p = new PasswordObject();
string fromEmail = WebConfigurationManager.AppSettings["CredentialUserName"].ToString();
string fromName = "Hệ thống bán hàng trực tuyến ";
string fromPassword = p.Decode(WebConfigurationManager.AppSettings["CredentialPassword"].ToString());
return vnMail.SendGmail(fromEmail, fromName, fromPassword, toEmail, toEmail.Split("@".ToCharArray(), StringSplitOptions.RemoveEmptyEntries)[0], title, content, ccMail, bccMail);
}
public IActionResult Post([FromBody] PasswordObject passwordObject)
{
if (ModelState.IsValid && passwordObject.password == "123123")
{
return(Ok(new TokenObject("1kj32gasfk123lkxc123")));
}
return(BadRequest(ModelState));
}
public void Post([FromBody] object newPassword)
{
JObject juser = newPassword as JObject;
PasswordObject passwordObject = juser.ToObject <PasswordObject>();
DAL.User user = userController.GetById(passwordObject.userId);
UserProxy.UpdateUser(user.Id);
user.password = passwordObject.newPassword;
userController.EditUser(user.Id, user);
}
private bool CheckAppPassword(PasswordObject oldPasswd, PasswordObject newPasswd)
{
if (!GetSecureStringValue(oldPasswd.Password).Equals(GetSecureStringValue(newPasswd.Password)))
{
return(false);
}
if (oldPasswd.Salt.Length != newPasswd.Salt.Length)
{
return(false);
}
if (!oldPasswd.Salt.OrderBy(s => s).SequenceEqual(newPasswd.Salt.OrderBy(s => s)))
{
return(false);
}
return(true);
}
