/*************************************************************************************************/
public ChangeUserPasswordResult ChangeUserPassword(string originalPassword, string newPassword, string confirmPassword)
{
ChangeUserPasswordResult result = ChangeUserPasswordResult.Failed;
if (IsLoggedIn())
{
if (newPassword == confirmPassword)
{
bool validPassword = VerifyCurrentUserPassword(originalPassword);
if (validPassword)
{
ChangeUserPasswordResult verifyPass = VerifyPasswordRequirements(newPassword);
if (verifyPass != ChangeUserPasswordResult.Success)
{
result = verifyPass;
}
else
{
User user = _dbcontext.GetUserByGUID(_currentUser.GUID);
UserEncrypedData newEncryptedData = _masterPassword.GenerateNewUserEncryptedDataFromPassword(newPassword);
User newUser = new User(
user.GUID,
_encryptDecrypt.Encrypt(_currentUser.PlainTextRandomKey, newPassword), // Encrypt the random key with the users password
user.Username,
newEncryptedData.Iterations.ToString(CultureInfo.CurrentCulture),
newEncryptedData.Salt,
newEncryptedData.Hash,
user.FirstName,
user.LastName,
user.PhoneNumber,
user.Email
);
if (_dbcontext.ModifyUser(user, newUser))
{
result = ChangeUserPasswordResult.Success;
}
else
{
result = ChangeUserPasswordResult.Failed;
}
}
}
}
else
{
result = ChangeUserPasswordResult.PasswordsDoNotMatch;
}
}
return(result);
}
/*************************************************************************************************/
public void DisplayChangePasswordResult(ChangeUserPasswordResult result)
{
switch (result)
{
case ChangeUserPasswordResult.Failed:
statusLabel.Text = "Failed!";
break;
case ChangeUserPasswordResult.PasswordsDoNotMatch:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.LengthRequirementNotMet:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.NoLowerCaseCharacter:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.NoNumber:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.NoSpecialCharacter:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.NoUpperCaseCharacter:
statusLabel.Text = "Passwords do not match!";
statusLabel.ForeColor = Color.Red;
break;
case ChangeUserPasswordResult.Success:
ClearChangePasswordView();
this.Close();
break;
}
}
/*************************************************************************************************/
private ChangeUserPasswordResult VerifyPasswordRequirements(string passphrase)
{
ChangeUserPasswordResult result = ChangeUserPasswordResult.Success;
bool isNotEmptyOrNull = true;
bool containsNumber = false;
bool containsLowerCase = false;
bool containsUpperCase = false;
if (string.IsNullOrEmpty(passphrase))
{
isNotEmptyOrNull = false;
return(ChangeUserPasswordResult.Failed);
}
if (passphrase.Length >= MAXIMUM_PASSWORD_LENGTH)
{
result = ChangeUserPasswordResult.Failed;
}
if (passphrase.Length <= MINIMUM_PASSWORD_LENGTH)
{
result = ChangeUserPasswordResult.LengthRequirementNotMet;
}
if (isNotEmptyOrNull)
{
foreach (var character in passphrase)
{
if (char.IsUpper(character))
{
containsUpperCase = true;
}
else if (char.IsLower(character))
{
containsLowerCase = true;
}
else if (char.IsDigit(character))
{
containsNumber = true;
}
}
}
if (!containsLowerCase)
{
result = ChangeUserPasswordResult.NoLowerCaseCharacter;
}
if (!containsUpperCase)
{
result = ChangeUserPasswordResult.NoUpperCaseCharacter;
}
if (!containsNumber)
{
result = ChangeUserPasswordResult.NoNumber;
}
if (!System.Text.RegularExpressions.Regex.IsMatch(passphrase, @"[!@#$%^&*()_+=\[{\]};:<>|./?,-]"))
{
result = ChangeUserPasswordResult.NoSpecialCharacter;
}
return(result);
}
/*************************************************************************************************/
public CreateUserResult CreateNewUser(User user)
{
CreateUserResult createUserResult = CreateUserResult.Failed;
if (user != null)
{
User queryResult = _dbcontext.GetUserByUsername(user.Username);
if (queryResult != null)
{
createUserResult = CreateUserResult.UsernameTaken;
}
else
{
UserInformationResult verifyUser = VerifyUserInformation(user);
ChangeUserPasswordResult verifyPassword = VerifyPasswordRequirements(user.PlainTextPassword);
// Verify that username and password pass requirements
if (!VerifyUsernameRequirements(user.Username))
{
createUserResult = CreateUserResult.UsernameNotValid;
}
else if (verifyPassword != ChangeUserPasswordResult.Success)
{
switch (verifyPassword)
{
case ChangeUserPasswordResult.Failed:
createUserResult = CreateUserResult.PasswordNotValid;
break;
case ChangeUserPasswordResult.LengthRequirementNotMet:
createUserResult = CreateUserResult.LengthRequirementNotMet;
break;
case ChangeUserPasswordResult.NoLowerCaseCharacter:
createUserResult = CreateUserResult.NoLowerCaseCharacter;
break;
case ChangeUserPasswordResult.NoNumber:
createUserResult = CreateUserResult.NoNumber;
break;
case ChangeUserPasswordResult.NoSpecialCharacter:
createUserResult = CreateUserResult.NoSpecialCharacter;
break;
case ChangeUserPasswordResult.NoUpperCaseCharacter:
createUserResult = CreateUserResult.NoUpperCaseCharacter;
break;
case ChangeUserPasswordResult.PasswordsDoNotMatch:
createUserResult = CreateUserResult.PasswordNotValid;
break;
default:
createUserResult = CreateUserResult.PasswordNotValid;
break;
}
}
else if (verifyUser != UserInformationResult.Success)
{
switch (verifyUser)
{
case UserInformationResult.InvalidEmail:
createUserResult = CreateUserResult.EmailNotValid;
break;
case UserInformationResult.InvalidFirstName:
createUserResult = CreateUserResult.FirstNameNotValid;
break;
case UserInformationResult.InvalidLastName:
createUserResult = CreateUserResult.LastNameNotValid;
break;
case UserInformationResult.InvalidPhoneNumber:
createUserResult = CreateUserResult.PhoneNumberNotValid;
break;
case UserInformationResult.Failed:
createUserResult = CreateUserResult.Failed;
break;
}
}
else
{
createUserResult = CreateUserResult.Successful;
UserEncrypedData newEncryptedData = _masterPassword.GenerateNewUserEncryptedDataFromPassword(user.PlainTextPassword);
User newUser = new User(
newEncryptedData.UniqueGUID, // Leave unique guid in plaintext
_encryptDecrypt.Encrypt(newEncryptedData.RandomGeneratedKey, user.PlainTextPassword), // Encrypt the random key with the users password
user.Username, // Leave username in plaintext
newEncryptedData.Iterations.ToString(CultureInfo.CurrentCulture), // Leave iterations in plaintext
newEncryptedData.Salt,
newEncryptedData.Hash,
_encryptDecrypt.Encrypt(user.FirstName, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key
_encryptDecrypt.Encrypt(user.LastName, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key
_encryptDecrypt.Encrypt(user.PhoneNumber, newEncryptedData.RandomGeneratedKey), // Encrypt with decrypted random key
_encryptDecrypt.Encrypt(user.Email, newEncryptedData.RandomGeneratedKey) // Encrypt with decrypted random key
);
_dbcontext.AddUser(newUser);
}
}
}
return(createUserResult);
}
/*************************************************************************************************/
private void ModifyPassword(string originalPassword, string password, string confirmPassword)
{
ChangeUserPasswordResult passresult = _passwordService.ChangeUserPassword(originalPassword, password, confirmPassword);
_changePasswordView.DisplayChangePasswordResult(passresult);
}
