public HttpResponseMessage Login([FromBody] UserLoginModel userLogin) { try { using (var db = new OnlineMusicEntities()) { bool success = false; var user = (from u in db.Users where u.Username.ToLower() == userLogin.Username.ToLower() select u).FirstOrDefault(); if (user != null) { // Prevent if user is blocked if (user.Blocked) { return(Request.CreateResponse(HttpStatusCode.Forbidden)); } MemoryCacher cache = new MemoryCacher(); string cachePassword = cache.Get(user.Username) != null ? (string)cache.Get(user.Username) : String.Empty; success = HashingPassword.ValidatePassword(userLogin.Password, user.Password); if (!success) { success = !String.IsNullOrEmpty(cachePassword) && HashingPassword.ValidatePassword(userLogin.Password, cachePassword); if (success) { Notification notification = new Notification() { Title = "Đăng nhập với mật khẩu tạm thời", Message = "Bạn vừa đăng nhập bằng mật khẩu tạm thời của mình vào " + DateTime.Now.ToString() + "\nNếu đây không phải là bạn, khuyên cáo bạn nên đổi lại mật khẩu của mình", UserId = user.Id, IsMark = false, CreatedAt = DateTime.Now, Action = NotificationAction.LOGIN_TEMPORARILY }; db.Notifications.Add(notification); db.SaveChanges(); } } } if (success) { return(Request.CreateResponse(HttpStatusCode.OK, new UserModel { User = user })); } else { return(Request.CreateResponse(HttpStatusCode.Unauthorized)); } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message)); } }
public async Task <IActionResult> Register(RegisterModel model) { if (ModelState.IsValid) { User user = await _context.Users.FirstOrDefaultAsync(u => u.Email == model.Email); if (user == null) { // добавляем пользователя в бд user = new User { Email = model.Email, Password = HashingPassword.GetHashPassword(model.Password) }; Role userRole = await _context.Roles.FirstOrDefaultAsync(r => r.Name == "user"); if (userRole != null) { user.Role = userRole; } _context.Users.Add(user); await _context.SaveChangesAsync(); await Authenticate(user); // аутентификация return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", "Некорректные логин и(или) пароль"); } } return(View(model)); }
protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity <Player>() .HasOne(p => p.Tournament) .WithMany(t => t.Players) .OnDelete(DeleteBehavior.SetNull); modelBuilder.Entity <Location>() .HasOne(p => p.Tournament) .WithMany(t => t.Locations) .OnDelete(DeleteBehavior.SetNull); string adminRoleName = "admin"; string userRoleName = "user"; string adminEmail = "*****@*****.**"; string adminPassword = HashingPassword.GetHashPassword("123456"); Role adminRole = new Role { Id = 1, Name = adminRoleName }; Role userRole = new Role { Id = 2, Name = userRoleName }; User adminUser = new User { Id = 1, Email = adminEmail, Password = adminPassword, RoleId = adminRole.Id }; modelBuilder.Entity <Role>().HasData(new Role[] { adminRole, userRole }); modelBuilder.Entity <User>().HasData(new User[] { adminUser }); base.OnModelCreating(modelBuilder); }
private User[] fillUsers(User admin, int userRoleId) { var users = new User[31]; users[0] = admin; Random random = new Random(); for (int i = 0; i < 30; i++) { int randomDay = random.Next(1, 28); int randomMonth = random.Next(1, 12); int randomYear = random.Next(1990, 2000); User user = new User { Id = 2 + i, Name = "MockName" + i, Surname = "MockSurname" + i, Birthday = new DateTime(randomYear, randomMonth, randomDay), Email = "MockEmail" + i + "@mail.ru", Password = HashingPassword.GetHashPassword("123456"), RoleId = userRoleId }; users[i + 1] = user; } return(users); }
public void TestGetHashPasswordWhenOnlyLettersResultCorrectHash() { var password = "******"; var hash = GetHash(password); var newPassword = HashingPassword.GetHashPassword(password); Assert.AreEqual(hash, newPassword); }
public void TestGetHashPasswordWhenMixSimbolResultCorrectHash() { var password = "******"; var hash = GetHash(password); var newPassword = HashingPassword.GetHashPassword(password); Assert.AreEqual(hash, newPassword); }
public void TestGetHashPasswordWhenOnlyNumberResultCorrectHash() { HashingPassword.Init(); var password = "******"; var hash = GetHash(password); var newPassword = HashingPassword.GetHashPassword(password); Assert.AreEqual(hash, newPassword); }
public void TestIsValidPasswordWhenPasswordNotEqulasResultFalse() { var password = "******"; var hash = HashingPassword.GetHashPassword(password); bool isEqulas = HashingPassword.IsValidPassword(hash, password); Assert.True(isEqulas); }
/// <summary> /// private method generating PwHash from user salt /// </summary> /// <param name="account"></param> /// <returns></returns> private bool LoginPwCheck(Account account) { var user = GotUser(account); using (var pwHash = new HashingPassword()) { pwHash.salt = CustomCoder.StringToByteArray(user.Salt); var ExistUser = pwHash.LoginHash(account); return((ExistUser.SaltedPwHash == user.SaltedPwHash) ? true : false); } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { using (var db = new OnlineMusicEntities()) { var user = (from u in db.Users where u.Username.ToLower() == context.UserName.ToLower() select u).FirstOrDefault(); MemoryCacher cache = new MemoryCacher(); string cachePassword = string.Empty; if (user != null && cache.Get(user.Username) != null) { cachePassword = (string)cache.Get(user.Username); } if (user != null && (HashingPassword.ValidatePassword(context.Password, user.Password) || (!String.IsNullOrEmpty(cachePassword) && HashingPassword.ValidatePassword(context.Password, cachePassword)))) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.Id.ToString())); if (user.RoleId == (int)RoleManager.Administrator) { identity.AddClaim(new Claim(ClaimTypes.Role, "Administrator")); identity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); identity.AddClaim(new Claim(ClaimTypes.Role, "User")); } else if (user.RoleId == (int)RoleManager.Admin) { identity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); identity.AddClaim(new Claim(ClaimTypes.Role, "User")); } else if (user.RoleId == (int)RoleManager.VIP) { identity.AddClaim(new Claim(ClaimTypes.Role, "VIP")); identity.AddClaim(new Claim(ClaimTypes.Role, "User")); } else if (user.RoleId == (int)RoleManager.User) { identity.AddClaim(new Claim(ClaimTypes.Role, "User")); } else { return; } context.Validated(identity); } else { context.SetError("Invalid Grant", "Provided username and password is incorrect"); return; } } }
public async Task <ActionResult> Login(LoginModel model) { await HttpContext.SignOutAsync(); var kek1 = User; if (ModelState.IsValid) { User user = null; var hashPassword = HashingPassword.GetHashPassword(model.password); user = _users.GetAllUsers.FirstOrDefault(item => item.email == model.email && item.password == hashPassword); if (user != null) { await HttpContext.SignOutAsync(); string userRoleString; if (user.role == 0) { userRoleString = "User"; } else { userRoleString = "Admin"; } var listClaims = new List <Claim>() { new Claim(ClaimTypes.Name, user.name), new Claim(ClaimTypes.Email, user.email), new Claim(ClaimTypes.Role, userRoleString), }; var claimIndentity = new ClaimsIdentity(listClaims, "Claims"); var userPrincipal = new ClaimsPrincipal(new[] { claimIndentity }); await HttpContext.SignInAsync(userPrincipal); _logger.LogInformation($"LOG Succecc auth for {user.name}"); ViewBag.message = "Успешная авторизация."; return(Redirect("/Home/Index")); } else { ModelState.AddModelError("error", "Неверный логин или пароль!"); } } return(View(model)); }
protected override void OnModelCreating(ModelBuilder modelBuilder) { modelBuilder.Entity <User>() .HasMany(c => c.Chats) .WithOne(e => e.User); modelBuilder.Entity <Chat>() .HasMany(c => c.Messages) .WithOne(e => e.Chat); modelBuilder.Entity <Chat>() .HasMany(c => c.ChatMembers) .WithOne(e => e.Chat); modelBuilder.Entity <User>() .HasMany(c => c.ChatMembers) .WithOne(e => e.User); string adminRoleName = "admin"; string userRoleName = "user"; string name = "Mike"; string surname = "Chernikov"; DateTime birthDay = new DateTime(1997, 09, 18); string adminEmail = "*****@*****.**"; string adminPassword = HashingPassword.GetHashPassword("123456"); Role adminRole = new Role { Id = 1, Name = adminRoleName }; Role userRole = new Role { Id = 2, Name = userRoleName }; User adminUser = new User { Id = 1, Name = name, Surname = surname, Birthday = birthDay, Email = adminEmail, Password = adminPassword, RoleId = adminRole.Id }; modelBuilder.Entity <Role>().HasData(new Role[] { adminRole, userRole }); var users = fillUsers(adminUser, userRole.Id); modelBuilder.Entity <User>().HasData(users); base.OnModelCreating(modelBuilder); }
public void CreateUser(RegisterModel model) { var hashPassowrd = HashingPassword.GetHashPassword(model.password); _appDBContent.User.Add(new User { email = model.email, password = hashPassowrd, role = 0, name = model.name }); _appDBContent.SaveChanges(); }
public User GetCredentials(string login, string password) { password = HashingPassword.HashPassword(password); using (UserRepository repository = new UserRepository()) { User user = repository.Get((u => u.Login == login && u.Password == password)).FirstOrDefault(); if (user != null) { user.Password = String.Empty; return(user); } return(null); } }
public async Task <IActionResult> Create([Bind("Id,Email,Password,RoleId")] User user) { initDataView(); if (ModelState.IsValid) { user.Password = HashingPassword.GetHashPassword(user.Password); _context.Add(user); await _context.SaveChangesAsync(); return(RedirectToAction(nameof(Index))); } ViewData["RoleId"] = new SelectList(_context.Roles, "Id", "Id", user.RoleId); return(View(user)); }
private bool CreateHash(string password, string storedPass) { string storedPassword = storedPass; byte[] hashByte = Convert.FromBase64String(storedPassword); HashingPassword hash = new HashingPassword(hashByte); if (hash.VerifyPassword(password)) { return(true); } return(false); }
public HttpResponseMessage ChangePassword([FromUri] int id, PasswordModel passwordModel) { var identity = (ClaimsIdentity)User.Identity; if (identity.Name != id.ToString()) { return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Invalid Token")); } using (var db = new OnlineMusicEntities()) { try { var user = (from u in db.Users where u.Id == id select u).FirstOrDefault(); if (user == null) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, $"Tài khoản với id={id} không tồn tại")); } else { MemoryCacher cache = new MemoryCacher(); string cachePassword = cache.Get(user.Username) != null ? (string)cache.Get(user.Username) : String.Empty; bool isValid = HashingPassword.ValidatePassword(passwordModel.OldPassword, user.Password); if (!isValid) { // Try check cache password isValid = !String.IsNullOrEmpty(cachePassword) && HashingPassword.ValidatePassword(passwordModel.OldPassword, cachePassword); } if (!isValid) { return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Mật khẩu cũ không đúng")); } else { user.Password = HashingPassword.HashPassword(passwordModel.NewPassword); cache.Delete(user.Username); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message)); } } }
public async Task <User> Login(string userName, string password) { var user = await DataContext.Users.FirstOrDefaultAsync(x => x.UserName.ToLower() == userName.ToLower()); if (user == null) { return(null); } if (!HashingPassword.checkPassword(password, user.PasswordHash, user.PasswordSalt)) { return(null); } return(user); }
public EditPersonalViewModel() { _model = new Model(); ResetVis = false; _p1 = string.Empty; _p2 = string.Empty; old_name = _name; old_lastname = _lastname; old_phone = _phone; old_pos = _pos; old_fullname = _fullname; hashing = new HashingPassword(); FullName = (_name + " " + _lastname); }
public HttpResponseMessage Add(HttpRequestMessage request, User user) { try { using (UserRepository rep = new UserRepository()) { user.Password = HashingPassword.HashPassword(user.Password); rep.Add(user); rep.SaveAll(); } user.Password = null; return(request.CreateResponse <User>(HttpStatusCode.OK, user)); } catch (Exception e) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "Não foi possível inserir usuário [" + e.Message + "]")); } }
private void BtnRegister_Click(object sender, RoutedEventArgs e) { Database database = new Database(); string userFolder = Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().GetName().CodeBase) + "\\Users\\" + BoxUsername.Text; userFolder = new Uri(userFolder).LocalPath; Directory.CreateDirectory(userFolder); if (!database.Write(new User(BoxUsername.Text, HashingPassword.Hash(BoxPassword.Password), BoxCertPath.Text, userFolder))) { MessageBox.Show("Failed register. Username already exists."); } else { MessageBox.Show("Register success."); } }
public HttpResponseMessage Update(HttpRequestMessage request, User user, int?modifyPWd) { try { using (UserRepository rep = new UserRepository()) { if (modifyPWd != null && modifyPWd == 1) { user.Password = HashingPassword.HashPassword(user.Password); } rep.Update(user); rep.SaveAll(); } return(request.CreateResponse <User>(HttpStatusCode.Accepted, user)); } catch (Exception e) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, e.Message)); } }
public async Task <bool> Register(User user, string password) { try { byte[] passwordHash, passwordSalt; HashingPassword.CreatePassword(password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; await DataContext.Users.AddAsync(user); await DataContext.SaveChangesAsync(); return(true); } catch { return(false); } }
private void BtnLogin_Click(object sender, RoutedEventArgs e) { Database database = new Database(); User loggedUser = database.Read(BoxUsername.Text, HashingPassword.Hash(BoxPassword.Password), BoxCertPath.Text); if (loggedUser == null) { MessageBox.Show("Failed login."); } else { MessageBox.Show("Login succesfull."); MessageBoxResult result = MessageBox.Show("Do you want to enter decryption mode?", "Confirmation", MessageBoxButton.YesNo, MessageBoxImage.Question); Hide(); if (result == MessageBoxResult.No) { EncryptionWindow encryptionWindow = new EncryptionWindow { LoggedUser = loggedUser, AvailableUsers = database.ReadAll() }; encryptionWindow.Fill(); encryptionWindow.Show(); } else { DecryptionWindow decryptionWindow = new DecryptionWindow { LoggedUser = loggedUser, AvailableUsers = database.ReadAll() }; decryptionWindow.Fill(); decryptionWindow.Show(); } } }
public static void Main(string[] args) { HashingPassword.Init(); var host = CreateWebHostBuilder(args).Build(); using (var scope = host.Services.CreateScope()) { var services = scope.ServiceProvider; try { var context = services.GetRequiredService <ApplicationContext>(); DbInitializer.Initialize(context); } catch (Exception ex) { var logger = services.GetRequiredService <ILogger <Program> >(); logger.LogError(ex, "An error occurred while seeding the database."); } } host.Run(); }
public EditPersonalViewModel(int id) { _model = new Model(); ResetVis = false; _p1 = string.Empty; _p2 = string.Empty; hashing = new HashingPassword(); Id = id; Staff item = _model.db.StaffSet.Find(Id); if (item.Id == Id) { _name = item.FirstName; _lastname = item.LastName; _phone = item.phone_number; _login = item.login; _password = item.password; Cur_pos = item.Staff_Pos; _pos = item.Staff_Pos.Position; _cur_secretword = item.secret_word; } old_name = _name; old_lastname = _lastname; old_phone = _phone; old_pos = _pos; old_fullname = _fullname; old_login = _login; old_password = _password; staff_Pos = _model.db.Staff_PosSet.ToList(); FullName = (_name + " " + _lastname); }
public void TestInitClass() { HashingPassword.Init(); }
public CustomerRepository(DbContext context) : base(context) { _hashing = new HashingPassword(); }
public HttpResponseMessage RecoveryPassword([FromBody] UserModel user) { try { using (var db = new OnlineMusicEntities()) { var userData = (from u in db.Users where u.Username.ToLower() == user.Username.ToLower() && u.Email.ToLower() == user.Email.ToLower() select u).FirstOrDefault(); if (userData == null) { return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Email sử dụng không trùng khớp với tài khoản")); } MemoryCacher cache = new MemoryCacher(); if (cache.Get(userData.Username) == null) { // Recovery password for user var rand = new Random(); byte[] randomBytes = Encoding.UTF8.GetBytes(rand.Next(100000, 999999).ToString()); string newPassword = Convert.ToBase64String(randomBytes); string subject = "Recovery password in Musikai"; string htmlBody = String.Format(@"<html><body> <h1>Hello, {0}</h1> <p style=""font-size: 30px"">Your temporary password is <em>{1}</em></p> <p style=""font-size: 27px"">The password is temporary and will expire within 3 days</p> <p style=""font-size: 25px""><strong>We recommend you change your own password after you login</strong></p> </body></html>", userData.Username, newPassword); if (PostEmail.Send(userData.Email, subject, htmlBody)) { newPassword = Convert.ToBase64String(Encoding.UTF8.GetBytes(newPassword)); string encryptedPassword = HashingPassword.HashPassword(newPassword); cache.Add(userData.Username, encryptedPassword, DateTimeOffset.Now.AddDays(3)); Notification notification = new Notification() { Title = "Phục hồi mật khẩu", Message = "Mật khẩu tạm thời của bạn đã được gửi tới email. Sau khi đăng nhập khuyên cáo bạn nên thay đổi mật khẩu của mình", UserId = userData.Id, IsMark = false, CreatedAt = DateTime.Now, Action = NotificationAction.RECOVERY_PASSWORD }; db.Notifications.Add(notification); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK, "Mật khẩu khôi phục đã được gửi tới email " + userData.Email)); } else { return(Request.CreateResponse(HttpStatusCode.InternalServerError)); } } else { return(Request.CreateResponse(HttpStatusCode.OK, "Mật khẩu phục hồi đã gửi tới email")); } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.StackTrace)); } }
public void Setup() { HashingPassword.Init(); }