public void is_valid() { _profile.GetPassword(DefaultAccountId).Returns(DefaultPasswordFromDb); _hash.Compute(DefaultPassword).Returns(DefaultPasswordFromDb); _otpService.GetCurrentOtp(DefaultAccountId).Returns(DefaultOtp); var valid = IsValid(DefaultAccountId, DefaultPassword, DefaultOtp); ShouldBeValid(valid); }
public bool Verify(string accountId, string password, string otp) { var isLocked = _failedCounter.GetAccountIsLocked(accountId); if (isLocked) { throw new FailedTooManyTimesException(); } var passwordFromDb = _profile.GetPassword(accountId); var hashedPassword = _hash.Compute(password); var currentOtp = _otpService.GetCurrentOtp(accountId); if (passwordFromDb == hashedPassword && otp == currentOtp) { _failedCounter.Reset(accountId); return(true); } else { _failedCounter.Add(accountId); LogFailCount(accountId); _notification.Send(accountId); return(false); } }
public bool Verify(string account, string password, string otp) { //BaseAuthenticationDecorator.CheckAccountIsLocked(account, _failedCounter); var verifyPasswordFromDb = _profile.GetPassword(account); var verifyPasswordFromHash = _hash.GetHash(password); var verifyOtp = _otpService.GetCurrentOtp(account); #region 驗證成功 if (otp.Equals(verifyOtp) && verifyPasswordFromDb.Equals(verifyPasswordFromHash)) { //ResetFailedCount(account, _failedCounter); return(true); } #endregion //NotificationDecorator.VerifyWithNotification(account, _notification); //_failedCounter.AddFailedCount(account); //LogFailedCountDecorator.LogFailedCount(account, _failedCounter, _logger); return(false); }
/// <summary> /// Step 1 : 取得使用者帳號、密碼、otp /// 2 : 透過帳號去DB撈密碼 /// 3 : 將收到的密碼做Hash /// 4.: 比對密碼及otp是否正確 /// 5 : 若正確Return True , 反之False /// </summary> /// <param name="accountId"></param> /// <param name="password"></param> /// <param name="otp"></param> /// <returns></returns> public bool Verify(string accountId, string password, string otp) { var isLock = _failedCounter.GetAccountIsLock(accountId); if (isLock) { throw new FailedTooManyTimesException(); } var passwordFromDb = _profileDao.GetPasswordFromDb(accountId); var hashedPassword = _sha256Adapter.GetHashedPassword(password); var currentOtp = _otpService.GetCurrentOtp(accountId); if (hashedPassword == passwordFromDb && otp == currentOtp) { _failedCounter.ResetFailedCounter(accountId); return(true); } else { _failedCounter.AddFailedCounter(accountId); var failedCount = _failedCounter.GetFailedCount(accountId); _logger.Info($"accountId:{accountId} failed times:{failedCount}"); _slackAdapter.Notify(accountId); return(false); } }
public bool Verify(string accountId, string password, string otp) { var isLocked = _failedCounter.GetIsLocked(accountId); if (isLocked) { throw new FailedTooManyTimesException(); } var passwordFromDb = _profile.GetPassword(accountId); var hashedPassword = _hash.Compute(password); var currentOtp = _otpService.GetCurrentOtp(accountId); if (hashedPassword == passwordFromDb && otp == currentOtp) { _failedCounter.ResetFailedCount(accountId); return(true); } else { _failedCounter.AddFailedCount(accountId); var failedCount = _failedCounter.GetFailedCount(accountId); _logger.Info($"accountId:{accountId} failed times:{failedCount}"); _notification.Send(accountId); return(false); } }
public bool Verify(string accountId, string password, string otp) { var currentPassword = _profile.GetPassword(accountId); var hashPassword = _hash.Compute(password); var currentOtp = _otpService.GetCurrentOtp(accountId); return(hashPassword == currentPassword && otp == currentOtp); }
public bool Verify(string account, string inputPassword, string otp) { var passwordFromDb = _Profile.GetPassword(account); var hashedPassword = _Hash.ComputeHash(inputPassword); var currentOtp = _OtpService.GetCurrentOtp(account); if (passwordFromDb == hashedPassword && otp == currentOtp) { return(true); } return(false); }
public bool Verify(string accountId, string inputPassword, string otp) { var passwordFromDb = _profile.GetPassword(accountId); var hashedInputPassword = _hash.Compute(inputPassword); var currentOtp = _otpService.GetCurrentOtp(accountId); if (passwordFromDb == hashedInputPassword && otp == currentOtp) { return(true); } else { return(false); } }
public bool Verify(string accountId, string password, string otp) { var passwordFromDb = _profile.GetPassword(accountId); var hashedPassword = _hash.GetHash(password); var currentOtp = _otpService.GetCurrentOtp(accountId); if (hashedPassword == passwordFromDb && otp == currentOtp) { return(true); } else { return(false); } }
public bool Verify(string account, string password, string otp) { //從DB撈使用者密碼 var pwdFromDb = _profile.GetPassword(account); //將使用者輸入的密碼HASH一下 var hashPwd = _hash.Compute(password); //從API取得目前的OTP var otpFromApi = _otpService.GetCurrentOtp(account); //檢查使用者輸入的密碼 & OTP正確性 if (pwdFromDb == hashPwd && otpFromApi == otp) { return(true); } else //驗證失敗 { return(false); } }
private void GivenOtp(string accountId, string otp) { _otpService.GetCurrentOtp(accountId).Returns(otp); }
private void GivenOtp(string account, string otp) { _otpService.GetCurrentOtp(account).ReturnsForAnyArgs(otp); }