public ActionResult Run()
{
string username = Request.Form["usx"];
string password = SecurityPassword.CreateMD5Hash(Request.Form["passx"]);
string guid = Request.Form["guid"];
if (guid == viewModel.CRN)
{
using (b3752Entities db = new b3752Entities())
{
db.Configuration.ProxyCreationEnabled = false;
Guid ID = (from admins in db.Admins
where admins.Username == username
select admins.ID).Single();
Models.Admins admin = (from admins in db.Admins
where admins.ID == ID &&
admins.Password == password
select admins).Single();
if (admin == null)
{
return(Redirect("/Admin/LogIn"));
}
else
{
Session["AdminID"] = admin.ID;
return(Redirect("/Admin/Dashboard"));
}
}
}
else
{
return(Redirect("/Admin/LogIn"));
}
}
/**
* Check if current DatafeedResult contains "Keyword"
* @params: keyword: Search keyword
* @return: True: if it contains, False: if it doesn't contain
* */
public bool Find(string keyword)
{
if ((DatafeedID.Contains(keyword) && CheckStatus.Check_DatafeedID) ||
(Guid.Contains(keyword) && CheckStatus.Check_Guid) ||
(DatafeedName.Contains(keyword) && CheckStatus.Check_DatafeedName) ||
(SecurityUsername.Contains(keyword) && CheckStatus.Check_SecurityUsername) ||
(SecurityPassword.Contains(keyword) && CheckStatus.Check_SecurityPassword) ||
(TransportUsername.Contains(keyword) && CheckStatus.Check_TransportUsername) ||
(TransportPassword.Contains(keyword) && CheckStatus.Check_TransportPassword) ||
(TransportURL.Contains(keyword) && CheckStatus.Check_TransportURL) ||
(TransportInstance.Contains(keyword) && CheckStatus.Check_TransportInstance) ||
(SecurityDomain.Contains(keyword) && CheckStatus.Check_SecurityDomain) ||
(TransportDomain.Contains(keyword) && CheckStatus.Check_TransportDomain) ||
(ProxyOption.Contains(keyword) && CheckStatus.Check_ProxyOption) ||
(ProxyName.Contains(keyword) && CheckStatus.Check_ProxyName) ||
(ProxyPort.Contains(keyword) && CheckStatus.Check_ProxyPort) ||
(ProxyDomain.Contains(keyword) && CheckStatus.Check_ProxyDomain) ||
(ProxyUserName.Contains(keyword) && CheckStatus.Check_ProxyUserName) ||
(ProxyPassword.Contains(keyword) && CheckStatus.Check_ProxyPassword) ||
(TransportPath.Contains(keyword) && CheckStatus.Check_TransportPath) ||
(ConnectionString.Contains(keyword) && CheckStatus.Check_ConnectionString) ||
(SQLQueryUsername.Contains(keyword) && CheckStatus.Check_SQLQueryUsername) ||
(SQLQueryPassword.Contains(keyword) && CheckStatus.Check_SQLQueryPassword)
)
{
return(true);
}
return(false);
}
public void Should_mask_value_when_creating_a_new_password_with_valid_value()
{
var value = this.MockString(8);
var password = new SecurityPassword(value);
Assert.AreNotEqual(value, password.HashValue);
}
public void createUser(User user)
{
SecurityPassword encrPass = new SecurityPassword();
string password = encrPass.Encrypt(user.Password);
try
{
SqlConnection connection = ManageDatabaseConnection("Open");
using (SqlCommand sqlCommand = new SqlCommand("Insert_user1", connection))
{
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.Parameters.Add("@Username_Email", SqlDbType.VarChar).Value = user.Username;
sqlCommand.Parameters.Add("@IdNumber", SqlDbType.Int).Value = user.IdNumber;
sqlCommand.Parameters.Add("@Name", SqlDbType.VarChar).Value = user.Name;
sqlCommand.Parameters.Add("@MidName", SqlDbType.VarChar).Value = user.SecondName;
sqlCommand.Parameters.Add("@Lastname", SqlDbType.VarChar).Value = user.LastName;
sqlCommand.Parameters.Add("@SecondLastname", SqlDbType.VarChar).Value = user.SecondName;
sqlCommand.Parameters.Add("@Celular", SqlDbType.VarChar).Value = user.Cellphone;
sqlCommand.Parameters.Add("@Password_Encr", SqlDbType.VarChar).Value = password;
sqlCommand.Parameters.Add("@IdMajor", SqlDbType.Int).Value = user.IdMajor;
sqlCommand.Parameters.Add("@IdUserType", SqlDbType.Int).Value = user.Type;
sqlCommand.Parameters.Add("@HasCertificate", SqlDbType.Bit).Value = "false";
sqlCommand.Parameters.Add("@IsSanctioned", SqlDbType.Bit).Value = "false";
//connection.Open();
sqlCommand.ExecuteNonQuery();
connection = ManageDatabaseConnection("Close");
}
}
catch (SqlException sqlException)
{
throw sqlException;
}
}
public UserQueryBuilderTests()
{
var name = new Name("Fernando", "Seguim");
var email = new Email("*****@*****.**");
var password = new SecurityPassword("12634567890");
this.user = new User(name, email, password);
}
public void Should_return_true_when_comparing_equal_hash_values()
{
var value = this.MockString(8);
var expectedPassword = new SecurityPassword(value);
var salt = expectedPassword.Salt;
var comparedPassword = new SecurityPassword(value, salt);
Assert.IsTrue(SecurityPassword.CompareHashValues(expectedPassword.HashValue, comparedPassword.HashValue));
}
public static User Create(UserCommand command)
{
var name = new Name(command.FirstName, command.LastName);
var email = new Email(command.Email);
var password = new SecurityPassword(command.Password);
var user = new User(name, email, password);
return(user);
}
public void Should_return_false_when_comparing_different_hash_values()
{
var expectedValue = this.MockString(8);
var comparedValue = this.MockString(9);
var expectedPassword = new SecurityPassword(expectedValue);
var comparedPassword = new SecurityPassword(comparedValue);
Assert.IsFalse(SecurityPassword.CompareHashValues(expectedPassword.HashValue, comparedPassword.HashValue));
}
public bool comparesPasswordComingFromUser_toPasswordInDataBase(string username, string password)
{
bool isTheCorrectPassword = false;
SecurityPassword securityPassword = new SecurityPassword();
String encryptedPasswordFromDataBase = bringsEncryptedPasswordFromDataBase_underNameOfUser(username);
String passwordFromUserAferEncryption = securityPassword.Encrypt(password);
if (encryptedPasswordFromDataBase == passwordFromUserAferEncryption)
{
isTheCorrectPassword = true;
}
return isTheCorrectPassword;
}
public override void Register()
{
new ValidationContract <Users>(this)
.HasMaxLenght(x => x.Name, 50, "Nome deve conter até 50 char")
.HasMinLenght(x => x.Name, 5, "Nome deve ter no minimo 5 char")
.IsRequired(x => x.Name, "Nome do Usuario não foi informado")
.IsEmail(x => x.Email, "Email invalido")
.HasMaxLenght(x => x.Password, 32)
.HasMinLenght(x => x.Password, 6)
.IsRequired(x => x.Password, "Senha do Usuario nao informada");
Password = SecurityPassword.Encrypt(Password);
}
public void Should_return_true_when_delete_user_from_database()
{
var name = new Name(this.MockString(), this.MockString());
var email = new Email($"{this.MockString()}@gmail.com");
var password = new SecurityPassword(this.MockString());
var user = new User(name, email, password);
this.repository.Save(user);
var result = this.repository.Delete(user.Id);
Assert.IsTrue(result);
}
public bool comparesPasswordComingFromUser_toPasswordInDataBase(string username, string password)
{
bool isTheCorrectPassword = false;
SecurityPassword securityPassword = new SecurityPassword();
String encryptedPasswordFromDataBase = bringsEncryptedPasswordFromDataBase_underNameOfUser(username);
String passwordFromUserAferEncryption = securityPassword.Encrypt(password);
if (encryptedPasswordFromDataBase == passwordFromUserAferEncryption)
{
isTheCorrectPassword = true;
}
return(isTheCorrectPassword);
}
public void Should_save_the_new_user_in_the_users_table()
{
var name = new Name("Fernando", "Seguim");
var email = new Email("*****@*****.**");
var password = new SecurityPassword("12634567890");
var user = new User(name, email, password);
this.repository.Save(user);
this.Context
.Received()
.Connection
.Execute(
Arg.Is <string>(query => query.Contains("INSERT INTO Users (UserID, Name, Email, PasswordHash, Salt)")),
Arg.Any <object>());
}
public void Update(string name, string email, string password)
{
Name = Helpers.Capitalize(name);
Email = email.ToLower();
Password = password;
new ValidationContract <Users>(this)
.HasMaxLenght(x => x.Name, 50, "Nome deve conter até 50 char")
.HasMinLenght(x => x.Name, 5, "Nome deve ter no minimo 5 char")
.IsRequired(x => x.Name, "Nome do Usuario não foi informado")
.IsEmail(x => x.Email, "Email invalido")
.HasMaxLenght(x => x.Password, 32)
.HasMinLenght(x => x.Password, 6)
.IsRequired(x => x.Password, "Senha do Usuario nao informada");
Password = SecurityPassword.Encrypt(Password);
DateofChange = DateTime.Now;
}
private void CheckLogin()
{
EUser user = new EUser();
user.UserName = txtTaiKhoan.Text.Trim();
string strPassword = txtMatKhau.Text.Trim();
user.Password = SecurityPassword.GetSHA1Password(strPassword);
if (user.UserName == "")
{
MessageBox.Show("Tài khoản không được để trống");
return;
}
if (user.Password == "")
{
MessageBox.Show("Mật khẩu không được để trống");
return;
}
try
{
if (BUser.IsExistsUser(user))
{
Session.UserName = user.UserName;
Session.MaNhanVien = user.MaNhanVien;
if (eventSuccessLogIn != null)
{
eventSuccessLogIn(null);
}
this.Close();
}
else
{
//MessageBox.Show("Tên đăng nhập hoặc tài khoản không chính xác");
MessageBoxEx.Show("Tên đăng nhập hoặc tài khoản không chính xác");
}
}
catch (Exception ex)
{
MessageBox.Show("Lỗi kết nối đến Server:" + ex);
}
}
public User(Name name, Email email, SecurityPassword password)
{
this.Name = name ?? throw new ArgumentNullException($"The user name can not be null");
this.Email = email ?? throw new ArgumentNullException($"The user email can not be null");
this.Password = password ?? throw new ArgumentNullException($"The user password can not be null");
}
public Users GetUserOAuth(string email, string password) => _repository.Authenticate(email.ToLower(), SecurityPassword.Encrypt(password.Trim()));
/**
* Replace DatafeedResult with keyword.
* @params: keyword: Search Keyword, replaceText: Text for Replace
* @return: Replace keyword count
* */
public int Replace(string keyword, string replaceText)
{
int replaceCount = 0;
if (DatafeedID.Contains(keyword) && CheckStatus.Check_DatafeedID)
{
DatafeedID = DatafeedID.Replace(keyword, replaceText);
replaceCount += 1;
}
if (Guid.Contains(keyword) && CheckStatus.Check_Guid)
{
Guid = Guid.Replace(keyword, replaceText);
replaceCount += 1;
}
if (DatafeedName.Contains(keyword) && CheckStatus.Check_DatafeedName)
{
DatafeedName = DatafeedName.Replace(keyword, replaceText);
replaceCount += 1;
}
if (SecurityUsername.Contains(keyword) && CheckStatus.Check_SecurityUsername)
{
SecurityUsername = SecurityUsername.Replace(keyword, replaceText);
replaceCount += 1;
}
if (SecurityPassword.Contains(keyword) && CheckStatus.Check_SecurityPassword)
{
SecurityPassword = SecurityPassword.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportUsername.Contains(keyword) && CheckStatus.Check_TransportUsername)
{
TransportUsername = TransportUsername.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportPassword.Contains(keyword) && CheckStatus.Check_TransportPassword)
{
TransportPassword = TransportPassword.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportURL.Contains(keyword) && CheckStatus.Check_TransportURL)
{
TransportURL = TransportURL.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportInstance.Contains(keyword) && CheckStatus.Check_TransportInstance)
{
TransportInstance = TransportInstance.Replace(keyword, replaceText);
replaceCount += 1;
}
if (SecurityDomain.Contains(keyword) && CheckStatus.Check_SecurityDomain)
{
SecurityDomain = SecurityDomain.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportDomain.Contains(keyword) && CheckStatus.Check_TransportDomain)
{
TransportDomain = TransportDomain.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyOption.Contains(keyword) && CheckStatus.Check_ProxyOption)
{
ProxyOption = ProxyOption.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyName.Contains(keyword) && CheckStatus.Check_ProxyName)
{
ProxyName = ProxyName.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyPort.Contains(keyword) && CheckStatus.Check_ProxyPort)
{
ProxyPort = ProxyPort.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyDomain.Contains(keyword) && CheckStatus.Check_ProxyDomain)
{
ProxyDomain = ProxyDomain.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyUserName.Contains(keyword) && CheckStatus.Check_ProxyUserName)
{
ProxyUserName = ProxyUserName.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ProxyPassword.Contains(keyword) && CheckStatus.Check_ProxyPassword)
{
ProxyPassword = ProxyPassword.Replace(keyword, replaceText);
replaceCount += 1;
}
if (TransportPath.Contains(keyword) && CheckStatus.Check_TransportPath)
{
TransportPath = TransportPath.Replace(keyword, replaceText);
replaceCount += 1;
}
if (ConnectionString.Contains(keyword) && CheckStatus.Check_ConnectionString)
{
ConnectionString = ConnectionString.Replace(keyword, replaceText);
replaceCount += 1;
}
if (SQLQueryUsername.Contains(keyword) && CheckStatus.Check_SQLQueryUsername)
{
SQLQueryUsername = SQLQueryUsername.Replace(keyword, replaceText);
replaceCount += 1;
}
if (SQLQueryPassword.Contains(keyword) && CheckStatus.Check_SQLQueryPassword)
{
SQLQueryPassword = SQLQueryPassword.Replace(keyword, replaceText);
replaceCount += 1;
}
return(replaceCount);
}
public UserTests()
{
this.name = new Name("Fernando", "Seguim");
this.email = new Email("*****@*****.**");
this.password = new SecurityPassword(this.MockString());
}
public void createUser(User user)
{
SecurityPassword encrPass = new SecurityPassword();
string password = encrPass.Encrypt(user.Password);
try
{
SqlConnection connection = ManageDatabaseConnection("Open");
using (SqlCommand sqlCommand = new SqlCommand("Insert_user1", connection))
{
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.Parameters.Add("@Username_Email", SqlDbType.VarChar).Value = user.Username;
sqlCommand.Parameters.Add("@IdNumber", SqlDbType.Int).Value = user.IdNumber;
sqlCommand.Parameters.Add("@Name", SqlDbType.VarChar).Value = user.Name;
sqlCommand.Parameters.Add("@MidName", SqlDbType.VarChar).Value = user.SecondName;
sqlCommand.Parameters.Add("@Lastname", SqlDbType.VarChar).Value = user.LastName;
sqlCommand.Parameters.Add("@SecondLastname", SqlDbType.VarChar).Value = user.SecondName;
sqlCommand.Parameters.Add("@Celular", SqlDbType.VarChar).Value = user.Cellphone;
sqlCommand.Parameters.Add("@Password_Encr", SqlDbType.VarChar).Value = password;
sqlCommand.Parameters.Add("@IdMajor", SqlDbType.Int).Value = user.IdMajor;
sqlCommand.Parameters.Add("@IdUserType", SqlDbType.Int).Value = user.Type;
sqlCommand.Parameters.Add("@HasCertificate", SqlDbType.Bit).Value = "false";
sqlCommand.Parameters.Add("@IsSanctioned", SqlDbType.Bit).Value = "false";
//connection.Open();
sqlCommand.ExecuteNonQuery();
connection = ManageDatabaseConnection("Close");
}
}
catch (SqlException sqlException)
{
throw sqlException;
}
}