//Checks if Password of userId is correct public static bool VerifyPassword(string id, string pw) { var con = new SQLiteConnection("Data Source=DatabaseTicTacTorus.dat"); var s = new SaltedHash(pw); var answer = false; con.Open(); var command = new SQLiteCommand(con) { CommandText = $"select salt,hash from User where loginName ='" + id + "'" }; var reader = command.ExecuteReader(); while (reader.Read()) { if (Equals(reader[0], s.Salt) && Equals(reader[1], s.Hash)) { answer = true; } } con.Close(); return(answer); }
public static void SendLoginRequest(LoginArgsContainer Args) { //Variable length... PacketStream Packet = new PacketStream((byte)PacketType.LOGIN_REQUEST, 0); Packet.WriteByte(0x00); SaltedHash Hash = new SaltedHash(new SHA512Managed(), Args.Username.Length); MemoryStream MemStream = new MemoryStream(); DecryptionArgsContainer DecryptionArgs = Args.Enc.GetDecryptionArgsContainer(); MemStream.WriteByte((byte)Args.Username.Length); MemStream.Write(Encoding.ASCII.GetBytes(Args.Username), 0, Encoding.ASCII.GetBytes(Args.Username).Length); byte[] HashBuf = Hash.ComputePasswordHash(Args.Username, Args.Password); PlayerAccount.Hash = HashBuf; MemStream.WriteByte((byte)HashBuf.Length); MemStream.Write(HashBuf, 0, HashBuf.Length); Packet.WriteUInt16((ushort)(PacketHeaders.UNENCRYPTED + MemStream.ToArray().Length + 4)); Packet.WriteBytes(MemStream.ToArray()); string[] Version = GlobalSettings.Default.ClientVersion.Split('.'); Packet.WriteByte((byte)int.Parse(Version[0])); //Version 1 Packet.WriteByte((byte)int.Parse(Version[1])); //Version 2 Packet.WriteByte((byte)int.Parse(Version[2])); //Version 3 Packet.WriteByte((byte)int.Parse(Version[3])); //Version 4 Args.Client.Send(Packet.ToArray()); }
private GameOperationResponse HandleLoginUser(int sessionId, LoginUser operation) { try { var userData = this.application.UserDatabase.Query <UserData>("UserData/ByUsername") //.Customize(x => x.WaitForNonStaleResultsAsOfNow()) .Select(user => new { user.Username, user.Salt, user.Password }) .FirstOrDefault(user => user.Username.Equals(operation.Username, StringComparison.CurrentCultureIgnoreCase)); if (userData == null) { return(operation.GetErrorResponse((short)ResultCode.IncorrectUsernameOrPassword)); } var passwordHash = SaltedHash.Create(userData.Salt, userData.Password); if (passwordHash.Verify(operation.Password) == false) { return(operation.GetErrorResponse((short)ResultCode.IncorrectUsernameOrPassword)); } // requesting master to authorize client this.peer.SendOperationRequest(new OperationRequest((byte)ServerOperationCode.AckClientUserLogin, new AckClientUserLogin { SessionId = sessionId, Username = userData.Username }), new SendParameters()); return(null); } catch (Exception e) { _logger.Error(e); return(operation.GetErrorResponse((short)ResultCode.Fail)); } }
private void InitBlankRow() { for (int i = 0; i < 5; i++) { _memberCards.Add( new MemberCardModel { MemberCard = new DataModel.Model.MemberCard { MemberType = 0, IsEnable = true, PasswordHash = SaltedHash.Create( ResourcesHelper.SystemSettings[ (short)DataType.SystemSettingCode.DefaultMemberCardPW]).Hash, PasswordSalt = SaltedHash.Create( ResourcesHelper.SystemSettings[ (short)DataType.SystemSettingCode.DefaultMemberCardPW]).Salt, MemberMoney = 0, TotalSurplusMoney = 0, PrincipalSurplusMoney = 0, FavorableSurplusMoney = 0, DispatchDate = DateTime.Now, CreatedBy = ResourcesHelper.CurrentUser.Name, CreatedOn = DateTime.Now, LastModifiedBy = ResourcesHelper.CurrentUser.Name, LastModifiedOn = DateTime.Now, MemberCardNo = ResourcesHelper.MFTMemberCard }, CanUpdate = true }); } }
public UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHA1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; using (var session = _documentStore.OpenSession()) { session.Store(newUser); session.SaveChanges(); } return(newUser); }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; SaveUser(newUser); return(newUser); }
public bool IsValidLogin(String userName, String password) { try { bool PasswordMatch = false; /*_________________________________________________________________________ * Compare the user's hash and salt with the password entered. * _________________________________________________________________________*/ SystemUser systemUser = GetSystemUser(userName); if (systemUser != null && systemUser.Hash != null && systemUser.Salt != null) { SaltedHash SH = new SaltedHash(); System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); string dbHash = encoding.GetString(systemUser.Hash); string dbSalt = encoding.GetString(systemUser.Salt); PasswordMatch = SH.VerifyHashString(password, dbHash, dbSalt); } else { PasswordMatch = false; } return(PasswordMatch); } catch (Exception ex) { ExceptionModel.SaveException(ex.Message, System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString(), System.Reflection.MethodInfo.GetCurrentMethod().Name); return(false); } }
/// <summary> /// User clicked button to log in. /// </summary> private void BtnLogin_Click(object sender, EventArgs e) { LoginArgsContainer Args = new LoginArgsContainer(); if (TxtPassword.Text != "" && TxtUsername.Text != "") { NetworkFacade.Client = new NetworkClient(GlobalSettings.Default.LoginServerIP, 2106, GonzoNet.Encryption.EncryptionMode.AESCrypto); NetworkFacade.Client.OnConnected += new OnConnectedDelegate(NetworkController.Client_OnConnected); Args.Username = TxtUsername.Text.ToUpper(); Args.Password = TxtPassword.Text.ToUpper(); SaltedHash Hash = new SaltedHash(new SHA512Managed(), Args.Username.Length); byte[] HashBuf = Hash.ComputePasswordHash(Args.Username.ToUpper(), Args.Password.ToUpper()); Args.Enc = new AESEncryptor(Convert.ToBase64String(HashBuf)); Args.Client = NetworkFacade.Client; PlayerAccount.Username = TxtUsername.Text; LblStatus.Invoke(new MethodInvoker(delegate { LblStatus.Visible = true; })); LblStatus.Invoke(new MethodInvoker(delegate { LblStatus.Text = "Connecting..."; })); NetworkController.OnReceivedCharacters += new OnReceivedCharactersDelegate(NetworkController_OnReceivedCharacters); NetworkFacade.Client.Connect(Args); } else { MessageBox.Show("Please enter a username and password!"); } }
public void SaltedHashTest_Negative(string password) { SaltedHash hasher = new SaltedHash(password); var salt = '+' + hasher.Salt; Assert.False(SaltedHash.Verify(password, hasher.Hash, salt)); }
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; Session.Save(new UserAuthPersistenceDto(newUser)); return(newUser); }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; using (var nhSession = GetCurrentSessionFn(sessionFactory)) { nhSession.Save(new UserAuthNHibernate(newUser)); } return(newUser); }
private void InitBlankRow() { for (int i = 0; i < 5; i++) { _users.Add(new UserModel { User = new DataModel.Model.User { UserType = 0, Enable = true, Login = new Guid().ToString(), PasswordHash = SaltedHash.Create("xislkfweorkdf").Hash, PasswordSalt = SaltedHash.Create("xislkfweorkdf").Salt, UserNo = (int.Parse(_users.Max(x => x.User.UserNo) ?? ResourcesHelper.CoustomUserNoStart) + 1) .ToString(), CreatedBy = ResourcesHelper.CurrentUser.Name, CreatedOn = DateTime.Now, LastModifiedBy = ResourcesHelper.CurrentUser.Name, LastModifiedOn = DateTime.Now, }, MemberCardNo = string.Empty }); } }
public LoginCommandValidator(IRepository repository) { _repository = repository; RuleFor(x => x.Username).NotNull().WithMessage("用户名不能为空"); RuleFor(x => x.Password).NotNull().WithMessage("密码不能为空"); Custom(x => { var user = _repository.Query <User>("SELECT * FROM [User] WHERE Username=@Username", new { x.Username }) .FirstOrDefault(); if (user == null) { return(new ValidationFailure("Username", "用户不存在")); } if (!user.IsEnabled) { return(new ValidationFailure("Username", "用户已失效")); } if (!SaltedHash.Create(user.Salt, user.HashedPassword).Verify(x.Password)) { return(new ValidationFailure("Password", "用户名或密码有误")); } return(null); }); }
private static void RunAsClient() { GonzoNet.PacketHandlers.Register(0x02, false, 0, new OnPacketReceive(PacketHandlers.HandleServerChallenge)); //GonzoNet requires a log output stream to function correctly. This is built in behavior. GonzoNet.Logger.OnMessageLogged += new MessageLoggedDelegate(Logger_OnMessageLogged); NetworkFacade.Client = new NetworkClient("127.0.0.1", 12345); NetworkFacade.Client.OnConnected += new OnConnectedDelegate(m_Client_OnConnected); LoginArgsContainer LoginArgs = new LoginArgsContainer(); LoginArgs.Enc = new AESEncryptor("test"); LoginArgs.Username = "******"; LoginArgs.Password = "******"; LoginArgs.Client = NetworkFacade.Client; SaltedHash Hash = new SaltedHash(new SHA512Managed(), LoginArgs.Username.Length); PacketHandlers.PasswordHash = Hash.ComputePasswordHash(LoginArgs.Username, LoginArgs.Password); NetworkFacade.Client.Connect(LoginArgs); while (true) { Thread.Sleep(1000); } }
public ActionResult Add(AddUserViewModel model) { /* * User submitted user creation data */ try { // validate input data if (ModelState.IsValid == false) { ModelState.AddModelError(string.Empty, "Thông tin tạo tài khoản không hợp lệ"); return(View(model)); } // hash password SaltedHash sh = new SaltedHash(model.Password); // create new user info User userInfo = new User(); userInfo.Username = model.Username; userInfo.Salt = sh.Salt; userInfo.Password = sh.Hash; userInfo.FirstName = model.FirstName; userInfo.LastName = model.LastName; userInfo.Email = model.Email; userInfo.CreateDate = DateTime.Now; userInfo.IsActive = model.IsActive; // add user's roles userInfo.Roles = new List <Role>(); foreach (var userRoleSelectedModel in model.SelectedRoleModels) { if (userRoleSelectedModel.IsSelected == true) { // get selected role var selectedRole = db.Roles .Where(r => r.RoleId == userRoleSelectedModel.RoleId) .FirstOrDefault(); if (selectedRole != null) { userInfo.Roles.Add(selectedRole); } } } // save new user info db.Users.Add(userInfo); db.SaveChanges(); return(RedirectToAction("Index")); } catch (ArgumentNullException ex) { return(RedirectToAction("ErrorMessage", "Admin", new RouteValueDictionary( new { message = ex.Message }))); } }
public async Task Seed() { string hashedPassword, salt; var hasher = new SaltedHash(); hasher.GetHashAndSaltString("p@ssw0rd", out hashedPassword, out salt); await new AddUserCommandHandler().HandleAsync(new AddUserCommand() { Email = "*****@*****.**", FirstName = "Abdul Jabbar", LastName = "Zaffar", HashedPassword = hashedPassword, PasswordSalt = salt, Role = (int)Role.Admin }); await new AddUserCommandHandler().HandleAsync(new AddUserCommand() { Email = "*****@*****.**", FirstName = "Abdul Qudoos", LastName = "Chaudhry", HashedPassword = hashedPassword, PasswordSalt = salt, Role = (int)Role.Admin }); }
public ActionResult Details(UserProfileViewModel model) { if (ModelState.IsValid) { // get user info var user = Context.Users.Where(u => u.UserId == model.UserId).FirstOrDefault(); if (user == null) { return(HttpNotFound(String.Format("Tài khoản #{0} không tồn tại", model.UserId))); } // verify current password if (!SaltedHash.Verify(user.Salt, user.Password, model.CurrentPassword)) { ModelState.AddModelError("", "Mật khẩu hiện tại không hợp lệ"); return(View(model)); } // update user password SaltedHash sh = new SaltedHash(model.Password); user.Password = sh.Hash; user.Salt = sh.Salt; Context.SaveChanges(); FormsAuthentication.SignOut(); return(RedirectToAction("Login", "User")); } else { ModelState.AddModelError("", "Dữ liệu không hợp lệ"); return(View(model)); } }
public ActionResult Edit(EditUser model) { try { if (ModelState.IsValid) { // get edited user var user = db.Users.Where(u => u.UserId == model.UserId).FirstOrDefault(); if (user != null) { // update password if (!string.IsNullOrWhiteSpace(model.Password)) { SaltedHash sh = new SaltedHash(model.Password); user.Password = sh.Hash; user.Salt = sh.Salt; } // update user info user.FullName = model.FullName; user.Phone = model.Phone; user.Email = model.Email; user.IsActive = model.IsActive; // update user's role user.Roles.Clear(); foreach (var roleCB in model.RoleCheckBoxes) { if (roleCB.Selected) { var roleSelected = db.Roles.Where(r => r.RoleId == roleCB.RoleId).FirstOrDefault(); if (roleSelected != null) { user.Roles.Add(roleSelected); } } } db.SaveChanges(); return(RedirectToAction("Index")); } else { ModelState.AddModelError("", "Không tìm thấy thông tin tài khoản!"); } } } catch (Exception ex) { ModelState.AddModelError("", ex.Message); // Write error log var log = new Log(); log.LogDate = DateTime.Now; log.Action = "User - Edit()"; log.Tags = "Error"; log.Message = ex.ToString(); db.Logs.Add(log); db.SaveChanges(); } return(View(model)); }
public ActionResult Login(LoginViewModel model) { var actionLogData = ""; try { if (ModelState.IsValid) { // get user info var userLogin = db.Users.Where(u => String.Compare(u.Username, model.UserName, true) == 0).FirstOrDefault(); if (userLogin != null) { // verify user password var loginSuccess = SaltedHash.Verify(userLogin.Salt, userLogin.Password, model.Password); if (loginSuccess) { BizManPrincipalSerialize principal = new BizManPrincipalSerialize(); principal.UserId = userLogin.UserId; principal.FirstName = userLogin.FirstName; principal.LastName = userLogin.LastName; principal.CreationDate = userLogin.CreateDate; principal.Roles = userLogin.Roles.Select(r => r.RoleName).ToArray(); string jsonPrincipal = JsonConvert.SerializeObject(principal); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, userLogin.Username, DateTime.Now, DateTime.Now.AddDays(7), model.RememberMe, jsonPrincipal); string ticketEncrypted = FormsAuthentication.Encrypt(ticket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted); Response.Cookies.Add(faCookie); // Write action log actionLogData = "user:"******", success"; ActionLog.WriteLog(ActionLog.LOGIN, actionLogData, userLogin.Username, Request.ServerVariables["REMOTE_ADDR"]); return(RedirectToAction("Index", "Home")); } } } ModelState.AddModelError("", "Sai tên đăng nhập hoặc mật khẩu!"); } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } // Write action log actionLogData = "user:"******", fail"; ActionLog.WriteLog(ActionLog.LOGIN, actionLogData, model.UserName, Request.ServerVariables["REMOTE_ADDR"]); return(View(model)); }
private void MakeFail(string strData, string testValue, int saltLength) { string strHash, strSalt; SaltedHash sh = new SaltedHash(new SHA256Managed(), saltLength); sh.GetHashAndSalt(strData, out strHash, out strSalt); Assert.IsFalse(sh.VerifyHash(testValue, strHash, strSalt), "Should not verify"); }
public HumanPlayer(string id, string inGameName, Color plrColor, byte symbol, string pwd) : this(id, inGameName, plrColor, symbol) { SaltedHash s = new SaltedHash(pwd); // Besprechen Hash = s.Hash; // Besprechen Salt = s.Salt; // Besprechen }
protected void cmdSave_Click(object sender, EventArgs e) { try { string user = VatLid.Utils.KillChars(txtName.Text.Trim()); user = VatLid.Utils.ValidateXSS(user); user = VatLid.Utils.safeString(user); string passNew = txtNewPw.Text.Trim(); string passConfirm = txtConfirmPw.Text.Trim(); if (txtNewPw.Text.Length < 8) { Response.Redirect(VatLid.Variables.sWebRoot + "error_info.aspx?err=31"); } else if (IsNumber(txtNewPw.Text)) { Response.Redirect(VatLid.Variables.sWebRoot + "error_info.aspx?err=31"); } else if (!checkMumber(txtNewPw.Text)) { Response.Redirect(VatLid.Variables.sWebRoot + "error_info.aspx?err=31"); } else if (!Utils.isSpecial_Characters(txtNewPw.Text)) { Response.Redirect(VatLid.Variables.sWebRoot + "error_info.aspx?err=31"); } string SQL = "SELECT ID From Users WHERE UserName='******'"; ArrayList al = DAL.GetDataReaderToArrayList(SQL); if (al.Count == 0) { lblError.Text = "User không tồn tại trong CSDL"; } else if (txtNewPw.Text != txtConfirmPw.Text) { lblError.Text = "Mật khẩu mới Confirm sai"; } else { SqlCommand cmd = new SqlCommand(); cmd.Parameters.AddWithValue("@UserName", user); cmd.Parameters.AddWithValue("@UserPw", SaltedHash.EncodeMD5(passNew)); cmd.Parameters.AddWithValue("@UserPwN", passNew); VatLid.DAL.GetDataSet("cms_changepass", VatLid.DAL.getConnectionString1(), cmd); VatLid.DAL.INSERT_USER_LOG_NEW(VatLid.Utils.getUserId(Session).ToString(), VatLid.LogType.ChangerPw.ToString(), VatLid.DAL.getCategoryID(FileName), "OK", user, VatLid.Utils.GetIP()); lblError.Text = "Đổi mật khẩu thành công"; } } catch (Exception err) { lblError.Text = "Đổi mật khẩu không thành công"; VatLid.DAL.ExceptionProcess(err); } }
public ActionResult ChangePass(ChangePassViewModel model) { try { if (ModelState.IsValid) { // get current user info var userInfo = db.Users.Where(u => u.UserId == model.UserId).FirstOrDefault(); if (userInfo == null) { return(RedirectToAction("Login", "Auth")); } // verify old password var isCorrectOldPass = SaltedHash.Verify(userInfo.Salt, userInfo.Password, model.OldPassword); if (isCorrectOldPass) { // new password must be different to old passowrd if (String.Compare(userInfo.Password, SaltedHash.ComputeHash(userInfo.Salt, model.NewPassword), false) != 0) { // update new user password SaltedHash sh = new SaltedHash(model.NewPassword); userInfo.Salt = sh.Salt; userInfo.Password = sh.Hash; userInfo.FirstName = model.FirstName; userInfo.LastName = model.LastName; userInfo.Email = model.Email; db.SaveChanges(); // write action log string actionLogData = "username="******"REMOTE_ADDR"]); return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", "Mật khẩu mới không được trùng mật khẩu cũ"); } } else { ModelState.AddModelError("", "Mật khẩu cũ chưa chính xác"); } } else { ModelState.AddModelError("", "Thông tin đổi mật khẩu không hợp lệ!"); } } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } return(View(model)); }
public void Verify_salted_password_is_verified() { for (int i = 0; i < 50; i++) { string password = PasswordGenerator.Generate(32); SaltedHash saltedHash = SaltedHash.Compute(password); Assert.True(SaltedHash.Verify(password, saltedHash.PasswordHash, saltedHash.Salt)); } }
public void Verify_salted_password_is_verified() { for (var i = 0; i < 50; i++) { var password = PasswordGenerator.Generate(32); var saltedHash = SaltedHash.Compute(password); Assert.True(SaltedHash.Verify(password, saltedHash.Hash, saltedHash.Salt)); } }
public ActionResult Create(UserViewModel model) { if (ModelState.IsValid) { // check user exists var newUser = Context.Users.Where(u => u.Username.CompareTo(model.Username) == 0).FirstOrDefault(); var userExisted = (newUser != null) ? true : false; if (!userExisted) { // add user info newUser = new User(); newUser.Username = model.Username; SaltedHash sh = new SaltedHash(model.Username); newUser.Password = sh.Hash; newUser.Salt = sh.Salt; newUser.FirstName = model.FirstName; newUser.LastName = model.LastName; newUser.IsActive = model.IsActive; newUser.Email = model.Email; newUser.CreateDate = DateTime.Now; newUser.Roles = new List <Role>(); Context.Users.Add(newUser); // add user's roles foreach (RoleSelectViewModel item in model.RoleSelectViewModels) { if (item.IsSeleced) { var role = Context.Roles.Where(r => r.RoleId == item.RoleId).FirstOrDefault(); if (role != null) { newUser.Roles.Add(role); } } } // save changes Context.SaveChanges(); return(RedirectToAction("Index", "User")); } else { // user exists ModelState.AddModelError("", String.Format("Tài khoản {0} đã tồn tại trong hệ thống", model.Username)); return(View(model)); } } else { ModelState.AddModelError("", "Thông tin tài khoản không hợp lệ!"); return(View(model)); } }
public UserController( UserRepository repository, MemberRepository memberRepository, ISessionContext sessionContext, SaltedHash saltedHash) { _repository = repository; _memberRepository = memberRepository; _sessionContext = sessionContext; _saltedHash = saltedHash; }
public void Handle(ResetPasswordCommand command) { var user = _repository.Get <User>(command.UserId); SaltedHash saltedHash = SaltedHash.Create("123456"); user.Salt = saltedHash.Salt; user.HashedPassword = saltedHash.Hash; _repository.Update(user); }
public UserModel Save(UserModel user, bool updatePassword = false) { var obj = new UserModel(); var hashedPassword = user.Password; if (updatePassword) { var salt = SaltedHash.CreateSalt(user.Email); hashedPassword = SaltedHash.HashPassword(salt, user.Password); } Run(cmd => { cmd.CommandType = CommandType.StoredProcedure; cmd.CommandText = "[dbo].[SaveUser]"; var dtUtc = DateTime.UtcNow; RepositoryHelper.PopulateDefaultParametersDatesAndBy(user); cmd.AddParameter("@email", user.Email); cmd.AddParameter("@city", user.City ?? "Alexandria"); cmd.AddParameter("@country", user.Country ?? "Canada"); cmd.AddParameter("@culture", user.Culture ?? "en-CA"); cmd.AddParameter("@dateModified", dtUtc); cmd.AddParameter("@firstName", user.FirstName ?? ""); cmd.AddParameter("@isActive", user.IsActive); cmd.AddParameter("@isPublic", user.IsPublic); cmd.AddParameter("@isDeleted", user.IsDeleted); cmd.AddParameter("@lastName", user.LastName ?? ""); cmd.AddParameter("@optIn", user.OptIn); cmd.AddParameter("@phoneNumber", user.PhoneNumber ?? ""); cmd.AddParameter("@postalCode", user.PostalCode ?? "K0C1A0"); cmd.AddParameter("@province", user.Province ?? "Ontario"); cmd.AddParameter("@streetName", user.StreetName ?? ""); cmd.AddParameter("@streetNumber", user.StreetNumber ?? ""); cmd.AddParameter("@updatedBy", user.UpdatedBy); cmd.AddParameter("@type", (int)user.Type); cmd.AddParameter("@dateCreated", user.DateCreated); cmd.AddParameter("@id", user.Id); cmd.AddParameter("@password", hashedPassword); cmd.AddParameter("@accessLevel", user.AccessLevel); cmd.AddParameter("@createdBy", user.CreatedBy); using (var reader = cmd.ExecuteReader()) while (reader.Read()) { obj = MapObject(reader); } }); return(obj); }
/// <summary> /// Creates a hash for the password of the user /// </summary> /// <param name="user">the user</param> /// <param name="password">password of the user</param> /// <returns>hash for the password of the user</returns> public string HashPassword(UserIdentityData user, string password) { if (user == null) { throw new ArgumentNullException(nameof(user)); } var saltedHash = new SaltedHash(password); return(saltedHash.Hash); }
public void CreateAccount(AccountManagement.Account account, SaltedHash passwordHash, UserId userId) { Contract.Assert(account.AccountId.IsNew); using (var db = new THCard()) { using (var transaction = new TransactionScope()) { var dbAccount = new Account { Username = account.Username.ToString(), UserId = userId.ToGuid(), AccountPassword = new AccountPassword { PasswordHash = passwordHash.Hash, Salt = passwordHash.Salt } }; db.Accounts.Add(dbAccount); db.SaveChanges(); transaction.Complete(); account.AccountId = new AccountId(dbAccount.AccountId); } } }
public static bool AuthenticateUser(string userName, string password) { Core.Database.User dbUser = GetByUsernameInternal(userName).FirstOrDefault(); if (dbUser == null) return false; if (dbUser.IsEncrypted) { SaltedHash hash = new SaltedHash(); return hash.VerifyHashString(password, dbUser.Password, dbUser.Salt); } else { return (string.Compare(password, dbUser.Password, false) == 0); } }
public bool TryAuthenticate(string userName, string password, out IUserAuth userAuth) { //userId = null; userAuth = GetUserAuthByUserName(userName); if (userAuth == null) return false; var saltedHash = new SaltedHash(); if (saltedHash.VerifyHashString(password, userAuth.PasswordHash, userAuth.Salt)) { //userId = userAuth.Id.ToString(CultureInfo.InvariantCulture); return true; } userAuth = null; return false; }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; SaveUser(newUser); return newUser; }
public IUserAuth CreateUserAuth(IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; SaveUser(newUser); return newUser; }