public void HashPassword_GeneratesSaltedPassword()
{
string password = "******";
IPasswordHasher subject = new SimplePasswordHasher("userName");
Assert.That(subject.HashPassword(password), Is.Not.EqualTo(password));
}
public void CheckPassword_AnotherSaltedPassword_False()
{
string password = "******";
IPasswordHasher subject = new SimplePasswordHasher("userName");
string hashed = subject.HashPassword("anotherPassword");
Assert.That(subject.CheckPassword(password, hashed), Is.False);
}
public void CheckPassword_SameSaltedPassword_True()
{
string password = "******";
IPasswordHasher subject = new SimplePasswordHasher("userName");
string hashed = subject.HashPassword(password);
Assert.That(subject.CheckPassword(password, hashed), Is.True);
}
public void CheckPassword_DifferentUserPassword_False()
{
string password = "******";
IPasswordHasher oneHasher = new SimplePasswordHasher("user1"),
twoHasher = new SimplePasswordHasher("user2");
string hashedWithOne = oneHasher.HashPassword(password);
Assert.That(twoHasher.CheckPassword(password, hashedWithOne), Is.False);
}
public PortalLoginDto CreatePortalLogin(string username, string password, IEnumerable <string> roleIds, bool isPasswordToChange)
{
var login = new PortalLogin()
{
Id = IdHelper.NewId(),
Username = username,
PasswordHash = _passwordHasher.HashPassword(password),
IsPasswordToChange = isPasswordToChange,
IsLocked = false,
CreationTime = DateTime.UtcNow,
CreatorId = CurrentUserId,
EditorId = null,
LastEditTime = null,
IsValid = true,
};
var columnsCommand = @"
SELECT l.Id, l.Username, l.PasswordHash, l.IsPasswordToChange, l.CreatorId, l.CreationTime, l.EditorId, l.LastEditTime, l.IsValid,
STUFF((
SELECT ','+r.Name
FROM PortalRoles r INNER JOIN PortalLoginRoles lr on lr.RoleId=r.Id
WHERE lr.LoginId=l.Id
FOR XML PATH('')
), 1, 1, '') as Roles";
var queryCommand = @"
FROM [PortalLogins] l
WHERE l.Id=@Id";
using (var connection = GetConnection())
{
connection.Open();
using (var transcation = connection.BeginTransaction())
{
try
{
connection.Insert(login, transcation);
foreach (var r in roleIds)
{
var role = new PortalLoginRole()
{
LoginId = login.Id,
RoleId = r
};
connection.Insert(role, transcation);
}
var dto = connection.QueryFirstOrDefault <PortalLoginDto>($@"{columnsCommand} {queryCommand}", new { Id = login.Id }, transcation);
transcation.Commit();
return(dto);
}
catch (Exception e)
{
_logger.LogError(e.Message);
transcation.Rollback();
return(null);
}
}
}
}
public override TenantDto Create(TenantDto dto)
{
using (var connection = GetConnection())
{
connection.Open();
using (var transaction = connection.BeginTransaction())
{
try
{
var timestamp = DateTime.UtcNow;
var tenant = _mapper.Map <Tenant>(dto);
connection.MonitorInsert(CurrentUserId, timestamp, tenant, transaction);
if (_config.InitTenantAdmin)
{
var admin = new Account()
{
DefaultTenantId = tenant.Id,
Name = _config.AdminName,
Username = $"{_config.AdminUsername}@{tenant.Domain}",
PwdHash = _passwordHasher.HashPassword(_config.AdminPassword),
IsPwdNeedChange = true,
AvatarUrl = null,
Email = null,
};
connection.MonitorInsert(CurrentUserId, timestamp, admin, transaction);
var tenantAccout = new TenantAccount()
{
TenantId = tenant.Id,
AccountId = admin.Id,
//AccessStartTime = null,
//AccessEndTime = null
};
connection.MonitorInsert(CurrentUserId, timestamp, tenantAccout, transaction);
// assign tenant admin role
var tenantAdminRole = new AccountRole()
{
AccountId = admin.Id,
RoleId = AppRoleCode.TenantAdmin.Code()
};
connection.MonitorInsert(CurrentUserId, timestamp, tenantAdminRole, transaction);
// assign tenant operator role
var tenantOperatorRole = new AccountRole()
{
AccountId = admin.Id,
RoleId = AppRoleCode.TenantOperator.Code()
};
connection.MonitorInsert(CurrentUserId, timestamp, tenantOperatorRole, transaction);
}
TenantService ts = new TenantService()
{
TenantId = tenant.Id,
ServiceCode = ((int)AppServiceCode.Basic).ToString(),
AccessStartTime = DateTime.UtcNow.Date,
AccessEndTime = DateTime.UtcNow.Date.AddYears(1)
};
connection.MonitorInsert(CurrentUserId, timestamp, ts, transaction);
var result = connection.QueryFirstOrDefault <TenantDto>(SINGLE_QUERY_COMMAND, new { Id = tenant.Id }, transaction);
transaction.Commit();
return(result);
}
catch (Exception e)
{
transaction.Rollback();
_logger?.LogError(e.Message);
return(null);
}
}
}
}
