public async Task <IAccountResponse> ResetPassword(ResetPassword view) { try { logger.Info($"{ GetType().Name} { ExtensionUtility.GetCurrentMethod() } input : {view.ToJsonString()} UserIPAddress: { _userIPAddress.GetUserIP().Result }"); var userInfo = await _appDbContext.UserInfos.FirstOrDefaultAsync(x => x.UserId == view.UserId); if (userInfo == null) { return(new AccountResponse(new ViewModels.UserRegistration { Id = view.UserId, Success = false, CustomStatusCode = CustomStatusCode.UserNotExist, Message = ClientMessageConstant.UserNotFound })); } var passresult = _hashing.ValidatePassword(view.OldPassword, userInfo.Password); if (!passresult) { return(new AccountResponse(new ViewModels.UserRegistration { Id = userInfo.UserId, Success = false, CustomStatusCode = CustomStatusCode.PasswordIsWrong, Message = ClientMessageConstant.PasswordIsWrong })); } userInfo.Password = _hashing.CreateHash(view.NewPassword); await _appDbContext.SaveChangesAsync(); return(new AccountResponse(new ViewModels.UserRegistration { Id = userInfo.UserId, Success = true, CustomStatusCode = CustomStatusCode.Success, Message = ClientMessageConstant.PasswordUpdatedSuccessfully })); } catch (System.Exception ex) { return(new AccountResponse(new ViewModels.UserRegistration { Success = false, CustomStatusCode = CustomStatusCode.FunctionalError, Message = ClientMessageConstant.WeAreUnableToProcessYourRequest }, ex)); } }
public void TestPasswordHashing() { var hashing = new PasswordHashing(); var hashedPassword = hashing.CreateHash("test"); var result = hashing.ValidatePassword("test", hashedPassword); Assert.IsTrue(result); }
private void btnChangePass_Click(object sender, EventArgs e) { try { var passDb = DBC.ExecuteQuery("SELECT \"password\" FROM \"APPUSER\" WHERE " + $"username = '******';").Rows[0][0].ToString(); if (PasswordHashing.CheckPassword(txtActual.Text, passDb)) { if (!txtNewPass.Text.Equals(txtNewPass2.Text)) { MessageBox.Show(@"Las contraseñas nuevas no coinciden", @"Error", MessageBoxButtons.OK, MessageBoxIcon.Error, MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly); } else { var hashedNew = PasswordHashing.CreateHash(txtNewPass.Text); var command = $"UPDATE \"APPUSER\" SET \"password\" = '{hashedNew}'" + $" WHERE username = '******';"; DBC.ExecuteNonQuery(command); MessageBox.Show(@"Contraseña actualizada", @"Completado", MessageBoxButtons.OK, MessageBoxIcon.Information, MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly); } } else { MessageBox.Show(@"Su contraseña actual no es correcta", @"Error", MessageBoxButtons.OK, MessageBoxIcon.Error, MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly); } } catch (Exception exception) { MessageBox.Show(exception.Message, @"Error", MessageBoxButtons.OK, MessageBoxIcon.Error, MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly); } finally { txtActual.Text = ""; txtActual_Leave(null, EventArgs.Empty); txtNewPass.Text = ""; txtNewPass_Leave(null, EventArgs.Empty); txtNewPass2.Text = ""; txtNewPass2_Leave(null, EventArgs.Empty); } }
public UserDTO Create(UserDTO obj, string password, bool transactionEndpoint = true) { if (transactionEndpoint) { _context.Database.BeginTransaction(IsolationLevel.Serializable); } var(hash, salt) = PasswordHashing.CreateHash(password); //Validate if (User.Validate(obj)) { var person = obj.AccountType switch { UserRoles.Customer => new CustomerRepository(_context).CreateCustomer(obj.Customer).Entity.Person, UserRoles.Employee => new EmployeeRepository(_context).CreateEmployee(obj.Employee).Entity.Person, _ => null, }; if (person != null) { var toAddUser = new User() { Username = obj.Username, Person = person, PasswordHash = hash, Salt = salt }; _context.Add(toAddUser); _context.SaveChanges(); _context.Entry(toAddUser).GetDatabaseValues(); if (transactionEndpoint) { _context.Database.CommitTransaction(); } return(GetById(toAddUser.Id)); } } if (transactionEndpoint) { _context.Database.RollbackTransaction(); } return(null); }