public async Task <PasswordChangeResult> ChangeAsync(int CompanyId, int LoginUserId, string OldPassword, string NewPassword, CancellationToken token = default(CancellationToken)) { var policy = await passwordPolicyProcessor.GetAsync(CompanyId, token); var oldHash = hashAlgorithm.Compute(policy.Convert(OldPassword)); var password = await loginUserPasswordQueryProcessor.GetAsync(CompanyId, LoginUserId, token); if (password.PasswordHash != oldHash) { return(PasswordChangeResult.Failed); } var newHash = hashAlgorithm.Compute(policy.Convert(NewPassword)); if (policy.HistoryCount > 0) { if (!password.Validate(newHash, policy.HistoryCount)) { return(PasswordChangeResult.ProhibitionSamePassword); } } var type = typeof(LoginUserPassword); for (var i = 9; i > 0; i--) { var nextHash = type.GetProperty($"PasswordHash{i}"); var prevHash = type.GetProperty($"PasswordHash{(i - 1)}"); var nextValue = policy.HistoryCount <= i ? string.Empty : prevHash.GetValue(password); nextHash.SetValue(password, nextValue); } if (policy.HistoryCount > 0) { password.PasswordHash0 = password.PasswordHash; } else { password.PasswordHash0 = string.Empty; } password.PasswordHash = newHash; await addLoginUserPasswordQueryProcessor.SaveAsync(password, token); return(PasswordChangeResult.Success); }
private async Task InitializeLoginUserPasswordAsync(CompanySource source, LoginUser loginUser, CancellationToken token) { var hash = hashAlgorithm.Compute(source.PasswordPolicy.Convert("password")); var password = new LoginUserPassword { LoginUserId = loginUser.Id, PasswordHash = hash, }; await addLoginUserPasswordQueryProcessor.SaveAsync(password); }
public async Task <ProcessResult> AuthenticateAsync(string authenticationKey, string tenantCode, CancellationToken token = default(CancellationToken)) { var hash = hashAlgorithm.Compute(authenticationKey); var exists = await authenticationQueryProcessor.ExistsAuthencticationKeyAsync(hash, token); if (!exists) { return new ProcessResult { ErrorMessage = "認証キーが不正" } } ; var connectionString = await authenticationQueryProcessor.GetConnectionStringAsync(tenantCode, token); var companyExist = !string.IsNullOrEmpty(connectionString); if (!companyExist) { return new ProcessResult { ErrorMessage = "テナントコードが不正" } } ; var factory = stringConnectionFactory.Create(connectionString); var connectable = await authenticationQueryProcessor.IsConnectableAsync(factory, token); if (!connectable) { return new ProcessResult { ErrorCode = "DB接続に失敗" } } ; return(new ProcessResult { Result = true }); }
public async Task <AuthenticationResult> AuthenticateAsync(string authenticationKey, string companyCode, string userCode, CancellationToken token = default(CancellationToken)) { var hashed = hashAlgorithm.Compute(authenticationKey); var exist = await authenticationQueryProcessor.ExistsAuthencticationKeyAsync(hashed, token); if (!exist) { return(CreateResult(code: InvalidAuthenticationKey, message: "認証キーが不正です。")); } var connectionString = await authenticationQueryProcessor.GetConnectionStringAsync(companyCode, token); var companyExists = !string.IsNullOrEmpty(connectionString); if (!companyExists) { return(CreateResult(code: InvalidCompanyCode, message: "会社コードが不正です。")); } var factory = stringConnectionFactory.Create(connectionString); var connectable = await authenticationQueryProcessor.IsConnectableAsync(factory, token); if (!connectable) { return(CreateResult(code: CompanyDataBaseConnectionFailure, message: "DB接続に失敗しました。")); } var sessionKey = await authenticationQueryProcessor.CreateSessionKeyAsync(connectionString, token); var persisted = !string.IsNullOrEmpty(sessionKey); if (!persisted) { return(CreateResult(code: SessionKeyCreationFailure, message: "セッションキーの生成に失敗しました。")); } return(CreateResult(result: true, sessionKey: sessionKey)); }
public string Create() { return(_hashAlgorithm.Compute(_input.ToArray())); }