public async Task <PasswordChangeResult> ChangeAsync(int CompanyId, int LoginUserId, string OldPassword, string NewPassword, CancellationToken token = default(CancellationToken))
{
var policy = await passwordPolicyProcessor.GetAsync(CompanyId, token);
var oldHash = hashAlgorithm.Compute(policy.Convert(OldPassword));
var password = await loginUserPasswordQueryProcessor.GetAsync(CompanyId, LoginUserId, token);
if (password.PasswordHash != oldHash)
{
return(PasswordChangeResult.Failed);
}
var newHash = hashAlgorithm.Compute(policy.Convert(NewPassword));
if (policy.HistoryCount > 0)
{
if (!password.Validate(newHash, policy.HistoryCount))
{
return(PasswordChangeResult.ProhibitionSamePassword);
}
}
var type = typeof(LoginUserPassword);
for (var i = 9; i > 0; i--)
{
var nextHash = type.GetProperty($"PasswordHash{i}");
var prevHash = type.GetProperty($"PasswordHash{(i - 1)}");
var nextValue = policy.HistoryCount <= i
? string.Empty
: prevHash.GetValue(password);
nextHash.SetValue(password, nextValue);
}
if (policy.HistoryCount > 0)
{
password.PasswordHash0 = password.PasswordHash;
}
else
{
password.PasswordHash0 = string.Empty;
}
password.PasswordHash = newHash;
await addLoginUserPasswordQueryProcessor.SaveAsync(password, token);
return(PasswordChangeResult.Success);
}
private async Task InitializeLoginUserPasswordAsync(CompanySource source, LoginUser loginUser, CancellationToken token)
{
var hash = hashAlgorithm.Compute(source.PasswordPolicy.Convert("password"));
var password = new LoginUserPassword
{
LoginUserId = loginUser.Id,
PasswordHash = hash,
};
await addLoginUserPasswordQueryProcessor.SaveAsync(password);
}
public async Task <ProcessResult> AuthenticateAsync(string authenticationKey, string tenantCode, CancellationToken token = default(CancellationToken))
{
var hash = hashAlgorithm.Compute(authenticationKey);
var exists = await authenticationQueryProcessor.ExistsAuthencticationKeyAsync(hash, token);
if (!exists)
{
return new ProcessResult {
ErrorMessage = "認証キーが不正"
}
}
;
var connectionString = await authenticationQueryProcessor.GetConnectionStringAsync(tenantCode, token);
var companyExist = !string.IsNullOrEmpty(connectionString);
if (!companyExist)
{
return new ProcessResult {
ErrorMessage = "テナントコードが不正"
}
}
;
var factory = stringConnectionFactory.Create(connectionString);
var connectable = await authenticationQueryProcessor.IsConnectableAsync(factory, token);
if (!connectable)
{
return new ProcessResult {
ErrorCode = "DB接続に失敗"
}
}
;
return(new ProcessResult {
Result = true
});
}
public async Task <AuthenticationResult> AuthenticateAsync(string authenticationKey, string companyCode, string userCode, CancellationToken token = default(CancellationToken))
{
var hashed = hashAlgorithm.Compute(authenticationKey);
var exist = await authenticationQueryProcessor.ExistsAuthencticationKeyAsync(hashed, token);
if (!exist)
{
return(CreateResult(code: InvalidAuthenticationKey, message: "認証キーが不正です。"));
}
var connectionString = await authenticationQueryProcessor.GetConnectionStringAsync(companyCode, token);
var companyExists = !string.IsNullOrEmpty(connectionString);
if (!companyExists)
{
return(CreateResult(code: InvalidCompanyCode, message: "会社コードが不正です。"));
}
var factory = stringConnectionFactory.Create(connectionString);
var connectable = await authenticationQueryProcessor.IsConnectableAsync(factory, token);
if (!connectable)
{
return(CreateResult(code: CompanyDataBaseConnectionFailure, message: "DB接続に失敗しました。"));
}
var sessionKey = await authenticationQueryProcessor.CreateSessionKeyAsync(connectionString, token);
var persisted = !string.IsNullOrEmpty(sessionKey);
if (!persisted)
{
return(CreateResult(code: SessionKeyCreationFailure, message: "セッションキーの生成に失敗しました。"));
}
return(CreateResult(result: true, sessionKey: sessionKey));
}
public string Create()
{
return(_hashAlgorithm.Compute(_input.ToArray()));
}
