示例#1
0
        private void BtnClickLogin(object sender, RoutedEventArgs e)
        {
            var userManager           = new UserManager();
            var masterPasswordManager = new MasterPasswordManager();
            var emailController       = new EmailController();

            var user = userManager.Retrieve(EmailTxtBox.Text);

            if (!emailController.IsEmailInUse(EmailTxtBox.Text))
            {
                MessageBox.Show("No Account exists with this email");
                return;
            }

            if (masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(PasswordTxtBox.Password), user.Id))
            {
                MainWindow main = new MainWindow(user.Id);
                _window.Visibility = Visibility.Hidden;
                main.Show();
            }
            else
            {
                MessageBox.Show("Failed to login");
            }
        }
示例#2
0
        private void BtnClickCreate(object sender, RoutedEventArgs e)
        {
            var             userManager           = new UserManager();
            EmailController emailController       = new EmailController();
            var             masterPasswordManager = new MasterPasswordManager();


            var isValidEmail = emailController.IsValidEmail(EmailTxtBox.Text);

            if (isValidEmail)
            {
                MessageBox.Show(emailController.ErrorMessage);
                return;
            }

            if (emailController.IsEmailInUse(EmailTxtBox.Text))
            {
                MessageBox.Show(emailController.ErrorMessage);
                return;
            }

            if (ConfirmPasswordTxtBox.Password != PasswordTxtBox.Password)
            {
                return;
            }

            userManager.Create(FirstNameTxtBox.Text, LastNameTxtBox.Text, EmailTxtBox.Text);
            masterPasswordManager.Create(userManager.Retrieve(EmailTxtBox.Text).Id, PasswordTxtBox.Password);
            MessageBox.Show("Account Created");
            Window.MainLogin.Content = new Login(Window);
        }
示例#3
0
        public ActionResult ConfigureApplication(ConfigurationViewModel model)
        {
            // Double Check - If the Application is alread configured, redirect to home
            if (new MasterPasswordManager().Exists())
            {
                return(Redirect("~/"));
            }

            // ViewModel Validation
            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            // Do Configuration
            MasterPasswordManager mpManager = new MasterPasswordManager();

            // Generate
            string mp = mpManager.Generate(model.Username, model.Password);

            // Save
            mpManager.Save(mp);

            return(Redirect("~/Account/ConfigureApplicationSuccess"));
        }
示例#4
0
        public void ReturnsTrueIfTheHashMatches(string hash, bool expected)
        {
            var masterPasswordManager = new MasterPasswordManager();

            var actual = masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(hash), _testUser.Id);

            Assert.AreEqual(expected, actual);
        }
示例#5
0
        public void ReturnsTheCorrectHash(string password)
        {
            var masterPasswordManager = new MasterPasswordManager();
            var hash = Hash.GenerateHash(Encoding.ASCII.GetBytes(password), _testMPassword.Salt, _testMPassword.Iterations, 16);

            masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(password), _testUser.Id, out byte[] key);

            Assert.AreEqual(true, Hash.CompareHash(hash, key));
        }
示例#6
0
        public void WhenAPasswordIsRetrivedByIdItIsTheCorrectPassword()
        {
            var masterPasswordManager = new MasterPasswordManager();

            using (var db = new PasswordManagerContext())
            {
                var expectedPassword = db.MasterPasswords.Find(_testMPassword.Id);
                var actualPassword   = masterPasswordManager.RetrieveByUserId(_testUser.Id);

                Assert.AreEqual(expectedPassword.Hash, actualPassword.Hash);
            }
        }
示例#7
0
        public void WhenAPasswordIsUpdatedTheDatabaseWillShowTheChange()
        {
            var masterPasswordManager = new MasterPasswordManager();

            using (var db = new PasswordManagerContext())
            {
                var oldHash      = _testMPassword.Hash;
                var salt         = Hash.GenerateSalt(20);
                var hashPassword = Hash.GenerateHash(Encoding.ASCII.GetBytes("ThisIsAStrongPassword123"), salt, 1000, 16);
                masterPasswordManager.Update(_testMPassword.Id, hashPassword, salt);
                Assert.AreEqual(false, Hash.CompareHash(db.MasterPasswords.Find(_testMPassword.Id).Hash, oldHash));
            }
        }
示例#8
0
        public void WhenAPasswordIsDeletedTheDatabaseIsUpdated()
        {
            var masterPasswordManager = new MasterPasswordManager();

            using (var db = new PasswordManagerContext())
            {
                var numberOfPasswordsBefore = db.MasterPasswords.Count();
                masterPasswordManager.Delete(db.MasterPasswords.Where(mp => mp.UserId == _testUser.Id).FirstOrDefault().Id);
                var numberOfPasswordsAfter = db.MasterPasswords.Count();

                Assert.AreEqual(numberOfPasswordsBefore - 1, numberOfPasswordsAfter);
            }
        }
示例#9
0
        public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            // Check If the Application is not Configured
            if (!new MasterPasswordManager().Exists())
            {
                return(Redirect("/Account/ConfigureApplication"));
            }

            // ViewModel Validation
            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            // Validade
            bool isValid = new MasterPasswordManager().Validade(model.Username, model.Password);

            if (isValid)
            {
                // Authenticate
                var ident = new ClaimsIdentity(
                    new[] {
                    new Claim(ClaimTypes.NameIdentifier, model.Username),
                    new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),

                    new Claim(ClaimTypes.Name, model.Username),

                    // Create 2 Claims for UA and IP Security
                    new Claim("UA", this.Request.UserAgent),
                    new Claim("IP", this.Request.UserHostAddress),

                    // optionally you could add roles if any
                    new Claim(ClaimTypes.Role, "Admin"),
                },
                    DefaultAuthenticationTypes.ApplicationCookie);

                HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
                    IsPersistent = false
                }, ident);

                return(Redirect("~/"));
            }
            else
            {
                ModelState.AddModelError("Validation", "Invalid Password");
                ViewBag.Error = "Invalid Password";
                return(View());
            }
        }
示例#10
0
        public void WhenAPasswordIsCreatedTheDatabaseIsUpdated()
        {
            var masterPasswordManager = new MasterPasswordManager();

            using (var db = new PasswordManagerContext())
            {
                db.MasterPasswords.RemoveRange(db.MasterPasswords.Where(mp => mp.UserId == _testUser.Id));
                db.SaveChanges();
                var numberOfUsersBefore = db.MasterPasswords.Count();
                masterPasswordManager.Create(_testUser.Id, "ThisIsAStrongPassword123");
                var numberOfUsersAfter = db.MasterPasswords.Count();

                Assert.AreEqual(numberOfUsersBefore + 1, numberOfUsersAfter);
            }
        }
        private void BtnClickContinue(object sender, RoutedEventArgs e)
        {
            var masterPasswordManager = new MasterPasswordManager();

            if (masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(MPasswordTxtBox.Password), _userId, out byte[] key))