public void PasswordHashing_PasswordVerificationWorks()
        {
            var hashed = Passwords.CreateSaltedPasswordHash("test1234");

            Assert.True(Passwords.CheckPassword(hashed, "test1234"));
            Assert.False(Passwords.CheckPassword(hashed, "test12345"));
            Assert.False(Passwords.CheckPassword(hashed, "test123"));
        }
        public async Task Registration_SucceedsAndCreatesUser()
        {
            var csrfValue = "JustSomeRandomString";

            var csrfMock = new Mock <ITokenVerifier>();

            csrfMock.Setup(csrf => csrf.IsValidCSRFToken(csrfValue, null, false))
            .Returns(true).Verifiable();
            var notificationsMock = new Mock <IModelUpdateNotificationSender>();
            var jobClientMock     = new Mock <IBackgroundJobClient>();

            notificationsMock
            .Setup(notifications => notifications.OnChangesDetected(EntityState.Added,
                                                                    It.IsAny <User>(), false)).Verifiable();

            await using var database = new NotificationsEnabledDb(dbOptions, notificationsMock.Object);

            var controller = new RegistrationController(logger, dummyRegistrationStatus, csrfMock.Object, database,
                                                        jobClientMock.Object);

            var result = await controller.Post(new RegistrationFormData()
            {
                CSRF             = csrfValue, Email = "*****@*****.**", Name = "test", Password = "******",
                RegistrationCode = RegistrationCode
            });

            var objectResult = Assert.IsAssignableFrom <ObjectResult>(result);

            Assert.Equal(201, objectResult.StatusCode);

            Assert.NotEmpty(database.Users);
            var user = await database.Users.FirstAsync();

            Assert.Equal("*****@*****.**", user.Email);
            Assert.Equal("test", user.UserName);
            Assert.NotEqual("password12345", user.PasswordHash);
            Assert.True(Passwords.CheckPassword(user.PasswordHash, "password12345"));

            notificationsMock.Verify();
        }
Пример #3
0
        public static bool IsValidUser(string userName, string password)
        {
            userName = userName.GetTrimmed();

            userName.ExcIfNullOrEmpty();
            password.ExcIfNullOrEmpty();

            bool result = false;

            using (TrucksReserveEntities dc = new TrucksReserveEntities())
            {
                User dbUser = dc.Users.FirstOrDefault(u => u.Name == userName);
                if (dbUser != null)
                {
                    dbUser.Password.ExcIfNullOrEmpty();

                    result = Passwords.CheckPassword(password, dbUser.Password);
                }
            }

            return(result);
        }