} // MatchesEnteredEmail public bool IsPasswordValid(string sPassword) { var pu = new PasswordUtility(CurrentValues.Instance.PasswordHashCycleCount); if (IsOldPasswordStyle) { bool success = (Password == HashPassword(sPassword, Email, CreationDate)) || (Password == HashPassword(sPassword)); if (success) { RenewStoredPassword = pu.Generate(Email, sPassword); } return(success); } // if var storedPassword = new HashedPassword(Email, CycleCount, EzPassword, Salt); PasswordValidationResult validateResult = pu.Validate(sPassword, storedPassword); RenewStoredPassword = validateResult.NewPassword; return(validateResult.Match); } // IsPasswordValid
public PasswordDidNotMeetRequirementsException(string message, PasswordValidationResult result) : base(message) { if (result == null) { throw new ArgumentNullException(nameof(result)); } Failures = result.Failures; }
/// <inheritdoc /> public virtual Task <PasswordValidationResult> ValidatePasswordAsync(string password) { var result = new PasswordValidationResult { PasswordIsValid = true, MinPasswordLength = Options.Password.RequiredLength, MinUniqueCharsCount = Options.Password.RequiredUniqueChars }; if (!HasSufficientLength(password)) { result.PasswordIsValid = false; result.PasswordViolatesMinLength = true; } if (!HasSufficientUniqueChars(password)) { result.PasswordIsValid = false; result.PasswordViolatesMinUniqueCharsCount = true; } if (Options.Password.RequireUppercase && !HasUpperCaseLetter(password)) { result.PasswordIsValid = false; result.PasswordMustHaveUpperCaseLetters = true; } if (Options.Password.RequireLowercase && !HasLowerCaseLetter(password)) { result.PasswordIsValid = false; result.PasswordMustHaveLowerCaseLetters = true; } if (Options.Password.RequireDigit && !HasDigit(password)) { result.PasswordIsValid = false; result.PasswordMustHaveDigits = true; } if (Options.Password.RequireNonAlphanumeric && !HasSpecialCharacter(password)) { result.PasswordIsValid = false; result.PasswordMustHaveSpecialCharacters = true; } return(Task.FromResult(result)); }
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordRequest changePasswordRequest) { var username = this.User.Identity?.Name; User user = await this.userService.GetAuthenticatedUserAsync(username, changePasswordRequest.CurrentPassword); if (user == null) { this.logger.LogInformation($"Invalid Change Password attempt for ({username}): invalid current password."); return(this.Conflict( new ErrorResponse { ErrorCode = ErrorCodes.InvalidCurrentPassword, Message = "Invalid Current Password.", })); } if (changePasswordRequest.NewPassword != changePasswordRequest.RepeatedNewPassword) { this.logger.LogInformation($"Invalid Change Password attempt for ({username}): new passwords do not match."); return(this.UnprocessableEntity( new ErrorResponse { Message = "New Password and Repeated Password must match.", ErrorCode = ErrorCodes.MismatchedPasswords, })); } PasswordValidationResult validationResult = await this.userService.ValidateNewPassword(user, changePasswordRequest.NewPassword); if (validationResult != PasswordValidationResult.Valid) { ErrorResponse error = this.GetValidationError(validationResult); this.logger.LogInformation($"Invalid Change Password attempt for ({username}): {error.Message}"); return(this.UnprocessableEntity(error)); } await this.userService.UpdateUserPassword(user, changePasswordRequest.NewPassword); return(this.Ok()); }
private ErrorResponse GetValidationError(PasswordValidationResult validationResult) { return(validationResult switch { PasswordValidationResult.NewPasswordMatch => new ErrorResponse { ErrorCode = ErrorCodes.NewPasswordSameAsOld, Message = "New Password matches previous password.", }, PasswordValidationResult.RequirementsNotMet => new ErrorResponse { ErrorCode = ErrorCodes.PasswordComplexityNotMet, Message = "The password complexity Requirements are not met.", }, _ => new ErrorResponse { ErrorCode = ErrorCodes.UnknownError, Message = "Unknown Error.", }, });
} // Execute private void ValidateCredentials() { this.spOnSuccess.BrokerID = 0; SafeReader sr = this.spLoadDataForLoginCheck.GetFirst(); if (sr.IsEmpty) { Log.Warn( "Could not find broker details by email '{0}' and origin '{1}'.", this.spLoadDataForLoginCheck.Email, this.spLoadDataForLoginCheck.UiOriginID ); throw new StrategyWarning(this, "Invalid user name or password."); } // if string userName = sr["UserName"]; int originID = sr["OriginID"]; bool mismatch = !Normalize(this.spLoadDataForLoginCheck.Email).Equals(Normalize(userName)) || (originID != this.spLoadDataForLoginCheck.UiOriginID); if (mismatch) { Log.Warn( "User name and origin returned by email '{0}' with origin '{1}' are '{2}', '{3}' " + "and differ from the requested user name and origin.", this.spLoadDataForLoginCheck.Email, this.spLoadDataForLoginCheck.UiOriginID, userName, originID ); throw new StrategyWarning(this, "Invalid user name or password."); } // if var storedPassword = new HashedPassword( userName, (string)sr["CycleCount"], (string)sr["EzPassword"], (string)sr["Salt"] ); var pu = new PasswordUtility(CurrentValues.Instance.PasswordHashCycleCount); PasswordValidationResult validationResult = pu.Validate(this.password, storedPassword); if (!validationResult.Match) { Log.Warn( "Invalid password specified for broker email '{0}' and origin '{1}'.", this.spLoadDataForLoginCheck.Email, this.spLoadDataForLoginCheck.UiOriginID ); throw new StrategyWarning(this, "Invalid user name or password."); } // if this.spOnSuccess.BrokerID = sr["BrokerID"]; if (validationResult.NewPassword == null) { this.spOnSuccess.EzPassword = null; this.spOnSuccess.Salt = null; this.spOnSuccess.CycleCount = null; } else { this.spOnSuccess.EzPassword = validationResult.NewPassword.Password; this.spOnSuccess.Salt = validationResult.NewPassword.Salt; this.spOnSuccess.CycleCount = validationResult.NewPassword.CycleCount; } // if Log.Msg( "Broker email '{0}' and origin '{1}' was validated as broker #{2}.", this.spLoadDataForLoginCheck.Email, this.spLoadDataForLoginCheck.UiOriginID, this.spOnSuccess.BrokerID ); } // ValidateCredentials