private void ChangePassword(object parameter) { string currentPassword = changePasswordWindow.CurrentPasswordTextBox.Password; string newPassword = changePasswordWindow.NewPasswordTextBox.Password; string confirmNewPassword = changePasswordWindow.ConfirmNewPasswordTextBox.Password; if (!string.IsNullOrEmpty(currentPassword) && !string.IsNullOrEmpty(newPassword) && !string.IsNullOrEmpty(confirmNewPassword)) { if (user != null) { if (!PasswordUtility.CheckPassword(currentPassword, user.Password)) { MessageBox.Show("Incorrect old password.", "Error", MessageBoxButton.OK, MessageBoxImage.Error); return; } if (newPassword != confirmNewPassword) { MessageBox.Show("Password and Confirm Password doesn't match!.", "Error", MessageBoxButton.OK, MessageBoxImage.Error); return; } //var newPasswordHash = PasswordUtility.GeneratePasswordHash(newPassword); //user.Password = newPasswordHash; dataAccessor.ChangePassword(user, currentPassword, newPassword); MessageBox.Show("Password changed successfully!!", "Success", MessageBoxButton.OK, MessageBoxImage.Information); ClearAllValues(); changePasswordWindow.Hide(); } } else { MessageBox.Show("Fields cannot be empty!.", "Error", MessageBoxButton.OK, MessageBoxImage.Error); } }
public void ChangePassword(User user, string oldPassword, string newPassword) { if (PasswordUtility.CheckPassword(oldPassword, user.Password)) { PasswordHash newPasswordHash = PasswordUtility.GeneratePasswordHash(newPassword); user.Password = newPasswordHash; using SqlConnection connection = new SqlConnection(connectionString); connection.Open(); using SqlCommand command = connection.CreateCommand(); command.CommandText = "UPDATE dbo.Users " + "set PasswordSalt= @PasswordSalt, PasswordHash=@PasswordHash, DateModified=@DateModified " + "Where Id=@Id"; user.DateCreated = (DateTime)(user.DateModified = DateTime.UtcNow); command.Parameters.Add("@Id", SqlDbType.Int).Value = user.Id; command.Parameters.Add("@PasswordSalt", SqlDbType.VarBinary).Value = user.Password.Salt; command.Parameters.Add("@PasswordHash", SqlDbType.VarBinary).Value = user.Password.Hash; command.Parameters.Add("@DateModified", SqlDbType.DateTime2).Value = user.DateModified; command.ExecuteScalar(); } }
public void CheckPassword_KnownValues_Validates() { var pw = "T3stP@ssw0rd"; var hash = "10000.ZXhKk+k7lZ1xdHxnYO6TFA==.WPbmVg9TvVtjHub4l3e4Lb0N9PTRCSmOr81pTJOF72U="; //var hash = PasswordUtility.EncryptPassword(pw, 10000); var valid = PasswordUtility.CheckPassword(hash, pw); Assert.True(valid); }
public async Task <AuthenticateResponse> Authenticate(AuthenticateRequest model) { var user = await _userRepo.GetUserByUserName(model.Username); if (user != null && PasswordUtility.CheckPassword(user.PasswordHash, model.Password)) { var token = generateJwtToken(user); return(new AuthenticateResponse(user, token)); } else { return(null); } }
public Result AdminLogin(string userName, string password) { User user = service.GetAdmin(userName); if (user != null) { bool isSuccess = PasswordUtility.CheckPassword(password, user.Password); if (!isSuccess) { return(Result <User> .Error("Password you entered is incorrect.")); } else { return(Result <User> .Success(user)); } } return(Result <User> .Error(".")); }
/// <summary> /// Checks whether the given password correctly matches the stored password hash. /// </summary> /// <param name="password">The password to check.</param> /// <param name="passwordHash">The stored password hash and salt.</param> /// <returns>True if the password is correct, false if incorrect.</returns> public static bool CheckPassword(string password, PasswordHash passwordHash) { return(PasswordUtility.CheckPassword(password, passwordHash)); }
/// <summary> /// Checks whether the given password correctly matches the stored password hash. /// </summary> /// <param name="password">The password to check.</param> /// <param name="passwordHash">The stored password hash and salt.</param> /// <returns>True if the password is correct, false if incorrect.</returns> public static bool CheckPassword(string password, PasswordHash passwordHash) => PasswordUtility.CheckPassword(password, passwordHash);