public void Should_Create_New_Salt_For_Each_Password()
{
// Given
var encryptor = new PasswordEncryptor();
var passwordPhrase = "MijnGeheim";
// When
var password1 = encryptor.EncryptPassword(passwordPhrase);
var password2 = encryptor.EncryptPassword(passwordPhrase);
// Then
Assert.AreNotEqual(password1.Salt, password2.Salt);
}
public void TestEncryptPasswordReturnsCorrectHash()
{
string password = "******";
string hash = PasswordEncryptor.EncryptPassword(password);
Assert.AreEqual("21232F297A57A5A743894A0E4A801FC3", hash);
}
public void Execute()
{
try
{
viewModel.Admin.Name = viewModel.Name;
viewModel.Admin.PasswordHash = PasswordEncryptor.EncryptPassword(viewModel.Password);
viewModel.Admin.IsActive = true;
viewModel.Project.IsActive = true;
if (viewModel.Project.WorkstationType != Domain.Entity.Setup.WorkstationType.Mill)
{
viewModel.MillPipeNumberMask = string.Empty;
}
firstSetupRepo.BeginTransaction();
firstSetupRepo.RoleRepo.Save(viewModel.SuperUser);
firstSetupRepo.UserRepo.Save(viewModel.Admin);
firstSetupRepo.ProjectRepo.Save(viewModel.Project);
firstSetupRepo.Commit();
firstSetupRepo.RoleRepo.Evict(viewModel.SuperUser);
firstSetupRepo.UserRepo.Evict(viewModel.Admin);
firstSetupRepo.ProjectRepo.Evict(viewModel.Project);
viewModel.IsSaved = true;
var seeder = new InnitialDataSeeder(viewModel);
seeder.Seed(Program.IsSeed);
}
catch (RepositoryException ex)
{
log.Error(ex.Message);
}
}
private void btnOk_Click(object sender, EventArgs e)
{
string oldPasswordHash = PasswordEncryptor.EncryptPassword(txtOldPass.Text);
string newPasswordHash = PasswordEncryptor.EncryptPassword(txtNewPass.Text);
string confirmPasswordHash = PasswordEncryptor.EncryptPassword(txtConfirm.Text);
if (txtOldPass.Enabled)
{
if (oldPasswordHash != passwordHash)
{
MessageBox.Show(Program.LanguageManager.GetString(StringResources.PassChange_InvalidOldPassword));
DialogResult = System.Windows.Forms.DialogResult.None;
return;
}
}
if (newPasswordHash != confirmPasswordHash)
{
MessageBox.Show(Program.LanguageManager.GetString(StringResources.PassChange_PasswordsNotMatch));
DialogResult = System.Windows.Forms.DialogResult.None;
return;
}
NewPasswordHash = newPasswordHash;
DialogResult = System.Windows.Forms.DialogResult.OK;
}
public Task <UserInteractionResults> CreateAsync(User user, string userPWD)
{
try
{
var passwordEncrypted = Convert.ToBase64String(_passwordEncryptor.EncryptPassword(userPWD, _passwordEncryptor.masterStore.Key));
user.Password = passwordEncrypted;
_unitOfWork._userRepository.Insert(user);
_unitOfWork.SaveChanges();
return(Task.FromResult(UserInteractionResults.Succeeded));
}
catch (Exception e)
{
return(Task.FromResult(UserInteractionResults.Failed));
}
}
public static bool RegisterUser(IAccountAccess accountAccess, string username, string email, string password)
{
EncryptedPassword encryptedPassword = PasswordEncryptor.EncryptPassword(password);
return(accountAccess.CreateUserAccount(username, email, encryptedPassword.PasswordKey, encryptedPassword.PasswordSalt));
}
public string Encrypt(string password)
{
var encryptor = new PasswordEncryptor(defaultPassword, secret, salt);
return(encryptor.EncryptPassword(password));
}
private EncryptedPassword CreatePassword(string password)
{
return(PasswordEncryptor.EncryptPassword(password));
}
public int ChangePassword(User user, string newPassword)
{
user.Password = PasswordEncryptor.EncryptPassword(user.Password);
newPassword = PasswordEncryptor.EncryptPassword(newPassword);
return(context.ChangePassword(user, newPassword));
}
public int LoginUser(User user)
{
user.Password = PasswordEncryptor.EncryptPassword(user.Password);
return(context.LoginUser(user));
}
public int RegisterUser(User user)
{
user.Password = PasswordEncryptor.EncryptPassword(user.Password);
return(context.RegisterUser(user));
}
/// <summary>
/// Try to log in
/// </summary>
/// <param name="failMessage">message for user, when login has been failed</param>
/// <returns>status of logging in attempt</returns>
private static LoginResult Login(ref string failMessage)
{
failMessage = Program.LanguageManager.GetString(StringResources.Message_AuthentificationFailed);
LoginForm dlg = new LoginForm();
if (dlg.ShowDialog() == DialogResult.OK)
{
string login = dlg.Login;
string password = dlg.Password;
#if DEBUG
if (string.IsNullOrWhiteSpace(dlg.Login) && string.IsNullOrWhiteSpace(dlg.Password))
{
login = "******";
password = "******";
}
#endif
User user = new User()
{
IsActive = false, Login = "******"
};
IUserRepository userRepo;
using (userRepo = Kernel.Get <IUserRepository>())
{
user = userRepo.FindByLogin(login);
if (user == null)
{
return(LoginResult.Failed);
}
if (!user.IsActive)
{
failMessage = string.Format(
Program.LanguageManager.GetString(StringResources.Message_AuthentificationFailedUserInactive), login);
return(LoginResult.FailedUserInactive);
}
}
userRepo = (UserRepository)Program.Kernel.GetService(typeof(UserRepository));
string hash = PasswordEncryptor.EncryptPassword(password);
if (user.PasswordHash != hash)
{
return(LoginResult.Failed);
}
if (user.PasswordExpires != null && user.PasswordExpires < DateTime.Now)
{
PasswordChangeDialog dlgPassChange = new PasswordChangeDialog();
if (dlgPassChange.ShowPasswordDialog(user.PasswordHash) ==
System.Windows.Forms.DialogResult.OK)
{
try
{
user.PasswordHash = dlgPassChange.NewPasswordHash;
user.PasswordExpires = DateTime.Now.AddMonths(monthsCountPasswordProlongation);
userRepo.BeginTransaction();
userRepo.SaveOrUpdate(user);
userRepo.Commit();
userRepo.Evict(user);
}
catch (RepositoryException ex)
{
log.Error(ex.Message);
}
}
else
{
return(LoginResult.Failed);
}
}
ISecurityContext ctx = Kernel.Get <ISecurityContext>();
ctx.LoggedUser = user;
HibernateUtil.CurrentUser = ctx.LoggedUser;
return(LoginResult.LoggedIn);
}
else
{
System.Environment.Exit(0);
}
return(LoginResult.Failed);
}
