Пример #1
0
        public Credential Create(Credential cred, User user, string masterCred, string credVal)
        {
            /* Make sure masterCred is not empty */
            if (string.IsNullOrWhiteSpace(masterCred))
            {
                throw new AppException("MasterCred is required");
            }

            /* Make sure credential hint isn't already in use */
            if (_context.Credentials.Any(c => c.UserId == cred.UserId && c.Hint == cred.Hint))
            {
                throw new AppException("This credential hint is already used by another of your credentials");
            }

            MasterCredHelper masterCredHelper = new MasterCredHelper();

            cred = masterCredHelper.EncryptCredential(user, cred, masterCred, credVal);

            /* Make sure credential's domain is lowercase */
            cred.Domain = cred.Domain.ToLower();

            /* Save changes and return */
            _context.Credentials.Add(cred);
            _context.SaveChanges();
            return(cred);
        }
Пример #2
0
        public int Verify(UserVerifyModel model)
        {
            var user = _context.Users.SingleOrDefault(x => x.Username == model.Username);

            if (user == null)
            {
                throw new AppException("Username not found");
            }
            // check if password is correct
            try {
                if (!VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt))
                {
                    throw new AppException("Invalid password");
                }
            }
            catch (ArgumentException) {
                throw new AppException("Issue parsing password");
            }

            MasterCredHelper masterCredHelper = new MasterCredHelper();

            if (model.MasterCred != null)
            {
                if (!masterCredHelper.VerifyMasterCred(user, model.MasterCred))
                {
                    throw new AppException("Invalid master credential");
                }
            }
            return(user.Id);
        }
Пример #3
0
        public string Decrypt(Credential cred, User user, string MasterCred)
        {
            var credential = _context.Credentials.FirstOrDefault(c => c.Id == cred.Id);

            Console.WriteLine(credential.Id);
            MasterCredHelper masterCredHelper = new MasterCredHelper();

            return(masterCredHelper.DecryptCredential(user, credential, MasterCred));
        }
Пример #4
0
        public bool VerifyMasterCred(UserVerifyMasterCredModel model)
        {
            var user = _context.Users.SingleOrDefault(x => x.Id == model.Id);

            if (user == null)
            {
                throw new AppException("Username not found");
            }

            MasterCredHelper masterCredHelper = new MasterCredHelper();

            if (!masterCredHelper.VerifyMasterCred(user, model.MasterCred))
            {
                throw new AppException("Invalid master credential");
            }
            return(true);
        }
Пример #5
0
        public void Create(User user, string password, string masterCred, string role)
        {
            /* Make sure that password is not empty */
            if (string.IsNullOrWhiteSpace(password))
            {
                throw new AppException("Password is required");
            }

            /* Make sure masterCred is not empty */
            if (string.IsNullOrWhiteSpace(masterCred))
            {
                throw new AppException("MasterCred is required");
            }

            /* Make sure that username is not taken */
            if (_context.Users.Any(x => x.Username == user.Username))
            {
                throw new AppException("Username \"" + user.Username + "\" is already taken");
            }

            /* Hash the password */
            byte[] passwordHash, passwordSalt;
            CreatePasswordHash(password, out passwordHash, out passwordSalt);
            user.Role         = role;
            user.PasswordHash = passwordHash;
            user.PasswordSalt = passwordSalt;

            /* Encrypt the master cred  */
            MasterCredHelper masterCredHelper = new MasterCredHelper();

            masterCredHelper.CreateUserMasterCred(user, masterCred);

            /* Save changes in the database and return */
            _context.Users.Add(user);
            _context.SaveChanges();
            return;
        }