public void VerifyPasswordCreation() { var randomText = Guid.NewGuid().ToString(); PasswordUtils.CreatePasswordHash(randomText, out var passwordHash, out var passwordSalt); Assert.IsTrue(PasswordUtils.VerifyPasswordHash(randomText, passwordHash, passwordSalt)); }
public User Create(User user, string password, int groupId) { // validation if (string.IsNullOrWhiteSpace(password)) { throw new AppException("Password is required"); } if (_context.Users.Any(x => x.Username == user.Username)) { throw new AppException("Username \"" + user.Username + "\" is already taken"); } PasswordUtils.CreatePasswordHash(password, out var passwordHash, out var passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; user.GroupId = groupId; _context.Users.Add(user); _context.SaveChanges(); return(user); }
public void Update(User userParam, string password = null) { var user = _context.Users.Find(userParam.Id); if (user == null) { throw new AppException("User not found"); } if (userParam.Username != user.Username) { // username has changed so check if the new username is already taken if (_context.Users.Any(x => x.Username == userParam.Username)) { throw new AppException("Username " + userParam.Username + " is already taken"); } } // update user properties user.FirstName = userParam.FirstName; user.LastName = userParam.LastName; user.Username = userParam.Username; // update password if it was entered if (!string.IsNullOrWhiteSpace(password)) { PasswordUtils.CreatePasswordHash(password, out var passwordHash, out var passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; } _context.Users.Update(user); _context.SaveChanges(); }
public void Username_Supplied_Is_Case_Insensitive_And_Trimmed() { // Setup User user1 = new User { Email = "user1", Password = PasswordUtils.CreatePasswordHash("user1", "pass1") }; User user2 = new User { Email = "user2", Password = PasswordUtils.CreatePasswordHash("user2", "pass2") }; User user3 = new User { Email = "user3", Password = PasswordUtils.CreatePasswordHash("user3", "pass3") }; _unitOfWork.Users.Add(user1); _unitOfWork.Users.Add(user2); _unitOfWork.Users.Add(user3); _unitOfWork.Commit(); // Act User result = new UserByCredentialsQuery(_unitOfWork).WithEmail(" USER2 ") .WithPassword("pass2") .Execute(); // Verify Assert.IsNotNull(result, "Query returned a null user"); Assert.AreEqual(user2.Id, result.Id, "Query returned the wrong user"); Assert.AreEqual(user2.Email, result.Email, "Query returned a user with an incorrect email"); }
public void Can_Retrieve_User_With_Correct_Credentials() { // Setup User user1 = new User { Email = "user1", Password = PasswordUtils.CreatePasswordHash("user1", "pass1") }; User user2 = new User { Email = "user2", Password = PasswordUtils.CreatePasswordHash("user2", "pass2") }; User user3 = new User { Email = "user3", Password = PasswordUtils.CreatePasswordHash("user3", "pass3") }; _unitOfWork.Users.Add(user1); _unitOfWork.Users.Add(user2); _unitOfWork.Users.Add(user3); _unitOfWork.Commit(); // Act User result = new UserByCredentialsQuery(_unitOfWork).WithEmail("user2") .WithPassword("pass2") .Execute(); // Verify Assert.IsNotNull(result, "Query returned a null user"); Assert.AreEqual(user2.Id, result.Id, "Query returned the wrong user"); Assert.AreEqual(user2.Email, result.Email, "Query returned a user with an incorrect email"); }
/// <summary> /// Seeds the data context with default data when database is created /// </summary> /// <param name="context"></param> protected override void Seed(MyJobLeadsDbContext context) { // Additional schema generation GenerateElmahSchema(context); // Seed data context.Users.Add(new User { Email = "*****@*****.**", Password = PasswordUtils.CreatePasswordHash("*****@*****.**", "test"), LastVisitedJobSearchId = null, IsOrganizationAdmin = true, FullName = "Test Account", Organization = new Organization { RegistrationToken = Guid.NewGuid(), Name = "Seed Organization" } }); context.Users.Add(new User { Email = "*****@*****.**", Password = PasswordUtils.CreatePasswordHash("*****@*****.**", "test"), LastVisitedJobSearchId = null, IsOrganizationAdmin = true, FullName = "Site Admin", IsSiteAdmin = true, Organization = new Organization { RegistrationToken = Guid.NewGuid(), Name = "Seed Organization" } }); context.OfficialDocuments.Add(new OfficialDocument { MeantForMembers = false, DownloadUrl = "http://interviewtools.net", Name = "Non-member document" }); context.OfficialDocuments.Add(new OfficialDocument { MeantForMembers = true, DownloadUrl = "http://myleads.interviewtools.net", Name = "Member document" }); context.SaveChanges(); }
private void InitializeTestEntities() { _search = new JobSearch(); _user = new User { Email = _startingEmail, Password = PasswordUtils.CreatePasswordHash(_startingEmail, _oldPassword), LastVisitedJobSearch = _search, FullName = "starting name" }; _unitOfWork.Users.Add(_user); _unitOfWork.Commit(); }
public void Incorrect_Password_Returns_Null_User() { // Setup User user = new User { Email = "user", Password = PasswordUtils.CreatePasswordHash("user", "pass") }; _unitOfWork.Users.Add(user); _unitOfWork.Commit(); // Act User result = new UserByCredentialsQuery(_unitOfWork).WithEmail("user") .WithPassword("password") .Execute(); // Verify Assert.IsNull(result, "Query returned a valid user, when none should have been returned"); }
/// <summary> /// Edits the user details /// </summary> /// <param name="procParams"></param> /// <returns></returns> public bool Execute(EditUserDetailsParams procParams) { // Validate parameters var validationResults = _editUserDetailsValidator.Validate(procParams); var currentUser = _userCredentialsQuery.WithEmail(procParams.CurrentEmail).WithPassword(procParams.CurrentPassword).Execute(); var userWithEmail = _userEmailQuery.WithEmail(procParams.NewEmail).Execute(); if (currentUser == null) { validationResults.Errors.Add(new ValidationFailure("", "Current password was not correct")); } if (userWithEmail != null && currentUser == userWithEmail) { validationResults.Errors.Add(new ValidationFailure("", "A user with the specified email address already exists")); } if (!validationResults.IsValid) { throw new ValidationException(validationResults.Errors); } // Update details currentUser.Email = procParams.NewEmail.ToLower().Trim(); currentUser.FullName = procParams.FullName.Trim(); // Update the password, either from the old password or new one if specified if (!string.IsNullOrWhiteSpace(procParams.NewPassword)) { currentUser.Password = PasswordUtils.CreatePasswordHash(currentUser.Email, procParams.NewPassword); } else { currentUser.Password = PasswordUtils.CreatePasswordHash(currentUser.Email, procParams.CurrentPassword); } _unitOfWork.Commit(); return(true); }
/// <summary> /// Executes the command /// </summary> /// <returns></returns> /// <exception cref="MJLEntityNotFoundException">Thrown when the specified user isn't found</exception> public virtual User Execute() { // Retrieve the user var user = new UserByIdQuery(_unitOfWork).WithUserId(_userId).Execute(); if (user == null) { throw new MJLEntityNotFoundException(typeof(User), _userId); } // Only check the current password if the user is only changing the last visited job search if (!string.IsNullOrWhiteSpace(_newPassword) || !string.IsNullOrWhiteSpace(_newName)) { // Verify the user's current password is correct if (new UserByCredentialsQuery(_unitOfWork).WithEmail(user.Email).WithPassword(_oldPassword).Execute() == null) { throw new MJLIncorrectPasswordException(_userId); } } // Edit the properties if (!string.IsNullOrWhiteSpace(_newPassword)) { user.Password = PasswordUtils.CreatePasswordHash(user.Email, _newPassword); } if (_newName != null) { user.FullName = _newName.Trim(); } if (_updateLastJobSearch) { user.LastVisitedJobSearchId = _lastJobSearchId; } // Save _unitOfWork.Commit(); return(user); }
private async Task SetPassword(Users idata, string password) { byte[] passwordHash, passwordSalt; PasswordUtils.CreatePasswordHash(idata.email, password, out passwordHash, out passwordSalt); var cred = new User_Credential() { user_id = idata.id, password_hash = passwordHash, password_salt = passwordSalt }; var cred_context = this.storageContext.Set <User_Credential>(); var cred_data = await cred_context.FirstOrDefaultAsync(x => x.user_id == idata.id); if (cred_data != null) { cred_context.Update(cred); } else { await cred_context.AddAsync(cred); } }
/// <summary> /// Executes the command /// </summary> /// <returns>Returns the generated password for the user</returns> /// <exception cref="MJLEntityNotFoundException">Thrown when the specified user is not found</exception> public virtual string Execute() { // Retrieve the user var user = new UserByEmailQuery(_unitOfWork).WithEmail(_email).Execute(); if (user == null) { throw new MJLUserNotFoundException(MJLUserNotFoundException.SearchPropertyType.Email, _email); } // Generate a new password for the user string newPassword = PasswordUtils.GenerateRandomPassword(); user.Password = PasswordUtils.CreatePasswordHash(user.Email, newPassword); _unitOfWork.Commit(); // Send out an email EmailProvider.Send(user.Email, "Password Recovery", "Your new MyJobLeads password is: " + newPassword); return(newPassword); }
/// <summary> /// Executes the command /// </summary> /// <returns></returns> /// <exception cref="MJLDuplicateUsernameException">Thrown when the requested username is already taken</exception> /// <exception cref="MJLDuplicateEmailException">Thrown when the requested user's email is already used on another account</exception> public virtual User Execute(CreateUserCommandParams cmdParams) { var unitOfWork = _serviceFactory.GetService <IUnitOfWork>(); // Convert the email and username to lower case and trim it cmdParams.Email = cmdParams.Email.Trim().ToLower(); // Check if any user is using this email already if (_serviceFactory.GetService <UserByEmailQuery>().WithEmail(cmdParams.Email).Execute() != null) { throw new MJLDuplicateEmailException(cmdParams.Email); } // If a registration token was specified, retrieve the organization for it Organization org = null; if (cmdParams.RegistrationToken != null) { org = _serviceFactory.GetService <OrganizationByRegistrationTokenQuery>() .Execute(new OrganizationByRegistrationTokenQueryParams { RegistrationToken = (Guid)cmdParams.RegistrationToken }); if (org == null) { throw new InvalidOrganizationRegistrationTokenException((Guid)cmdParams.RegistrationToken); } // Check if this organization is restricted to specific email domains if (org.IsEmailDomainRestricted) { int atIndex = cmdParams.Email.LastIndexOf('@'); string domain = cmdParams.Email.Substring(atIndex + 1, cmdParams.Email.Length - atIndex - 1).ToLower().Trim(); bool domainFound = false; foreach (var orgDomain in org.EmailDomains) { if (cmdParams.Email.ToLower().Contains(orgDomain.Domain.ToLower().Trim())) { domainFound = true; } } if (!domainFound) { throw new InvalidEmailDomainForOrganizationException(domain); } } } // Create the user var user = new User { Email = cmdParams.Email, Password = PasswordUtils.CreatePasswordHash(cmdParams.Email, cmdParams.PlainTextPassword), Organization = org, FullName = cmdParams.FullName, JobSearches = new List <JobSearch>() }; unitOfWork.Users.Add(user); unitOfWork.Commit(); return(user); }