public void PassWordValidTest()
{
Assert.IsTrue(string.IsNullOrEmpty(ValidatePassword.PassWordValid(password)));
////1.Contains at least 8 charecters
//Assert.IsTrue(password.Length > 0);
////2. Shouldn't match user's name
//Assert.IsTrue(password.Any(char.IsUpper) && password.Any(char.IsDigit));
////3.Contains One Upper Case Letter and one Number
//var username = new List<string>();
//username.Add("anwar");
//username.Add("mogal");
//Assert.IsTrue(!username.Any(p => password.ToLower().Contains(p)));
////4.NOT one of the 3 recently used passwords
//var keywords = new List<string>();
//keywords.Add("crowe");
//keywords.Add("usa");
//keywords.Add("horwath");
//keywords.Add(DateTime.Now.Year.ToString());
//Assert.IsTrue(!keywords.Any(p => password.ToLower().Contains(p)));
////5. NOT contain special charecters $, ~, %
//var recent = new List<string>();
//recent.Add("crowe123");
//recent.Add("sep2017");
//recent.Add("aug2017");
//Assert.IsTrue(!recent.Any(p => password.ToLower().Contains(p)));
////6. NOT contain certain keywords
//Assert.IsTrue(password.ToLower().IndexOfAny(new char[] { '$', '~', '%' }) == -1);
}
public int AuthenticateUser(string username, string password)
{
ValidatePassword validatePassword = new ValidatePassword(HashPassword);
string _hashedPassword = validatePassword(password);
return(FindUserIdByPassword(username, _hashedPassword));
}
public async Task <IActionResult> Validate([FromBody] ValidatePassword validatePassword)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var isValid = await _mediator.Send(validatePassword).ConfigureAwait(false);
return(Ok(isValid));
}
public int AuthenticateUser(string username, int pin)
{
string _pin = ParsePinToString(pin);
ValidatePassword validatePassword = new ValidatePassword(CheckPinLength);
validatePassword += HashPassword;
string _hashedPassword = validatePassword(_pin);
return(FindUserIdByPin(username, _hashedPassword));
}
public ActionResult SetPassword(ValidatePassword validatePassword)
{
if (validatePassword.Password == validatePassword.ReEnterPassword)//this should be done on the client side
{
Signup signup = TempData["UserDetails"] as Signup;
if (signup == null)
{
return(View("~Views/Home/Index.cshtml"));
}
UserDetails userDetails = new UserDetails()
{
UserName = signup.Name,
UserEmail = signup.Email,
UserAddress = signup.Address,
UserPhnNo = signup.PhoneNumber,
UserPassword = validatePassword.ReEnterPassword,
UserCreationTime = DateTime.Now
};//store this data in db
return(View("~/Views/Login.cshtml"));
}
return(View());
}
public void Initialize()
{
_validate = new ValidatePassword();
}
/// <summary>When overridden in a derived class, specifies a common dialog box.</summary>
/// <param name="parentWindowHandle">A value that represents the window handle of the owner window for the common dialog box.</param>
/// <returns>true if the dialog box was successfully run; otherwise, false.</returns>
protected override bool RunDialog(IntPtr parentWindowHandle)
{
var info = new CREDUI_INFO(parentWindowHandle, Caption, Message)
{
hbmBanner = Banner?.GetHbitmap() ?? IntPtr.Zero
};
try
{
if (Environment.OSVersion.Version.Major <= 5 || ForcePreVistaUI)
{
var userName = new StringBuilder(UserName, CREDUI_MAX_USERNAME_LENGTH);
var password = new StringBuilder(CREDUI_MAX_PASSWORD_LENGTH);
if (string.IsNullOrEmpty(Target))
{
Target = DefaultTarget;
}
var ret = CredUIPromptForCredentials(ref info, Target, IntPtr.Zero,
AuthenticationError, userName, CREDUI_MAX_USERNAME_LENGTH, password, CREDUI_MAX_PASSWORD_LENGTH, ref saveChecked,
CredentialsDialogOptions.CREDUI_FLAGS_DEFAULT | (ShowSaveCheckBox ? CredentialsDialogOptions.CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX : 0));
if (ret == Win32Error.ERROR_CANCELLED)
{
return(false);
}
if (ret != Win32Error.ERROR_SUCCESS)
{
throw new InvalidOperationException($"Unknown error in {nameof(CredentialsDialog)}. Error: 0x{ret:X}");
}
if (EncryptPassword)
{
// Convert the password to a SecureString
var newPassword = StringBuilderToSecureString(password);
// Clear the old password and set the new one (read-only)
SecurePassword?.Dispose();
newPassword.MakeReadOnly();
SecurePassword = newPassword;
Password = null;
}
else
{
Password = password.ToString();
}
if (ValidatePassword != null)
{
var pve = new PasswordValidatorEventArgs(userName.ToString(), Password, SecurePassword);
ValidatePassword.Invoke(this, pve);
if (!pve.Validated)
{
return(false);
}
}
/*if (save)
* {
* CredUIReturnCodes cret = CredUIConfirmCredentials(this.Target, false);
* if (cret != CredUIReturnCodes.NO_ERROR && cret != CredUIReturnCodes.ERROR_INVALID_PARAMETER)
* {
* this.Options |= CredentialsDialogOptions.IncorrectPassword;
* return false;
* }
* }*/
// Update other properties
UserName = userName.ToString();
return(true);
}
else
{
var flag = WindowsCredentialsDialogOptions.CREDUIWIN_GENERIC;
if (ShowSaveCheckBox)
{
flag |= WindowsCredentialsDialogOptions.CREDUIWIN_CHECKBOX;
}
AuthenticationBuffer buf;
if (EncryptPassword && SecurePassword != null)
{
buf = new AuthenticationBuffer(UserName.ToSecureString(), SecurePassword);
}
else
{
buf = new AuthenticationBuffer(UserName, Password);
}
IntPtr outAuthBuffer;
uint outAuthBufferSize;
var retVal = CredUIPromptForWindowsCredentials(ref info, 0, ref authPackage,
buf, (uint)buf.Size, out outAuthBuffer, out outAuthBufferSize, ref saveChecked, flag);
if (retVal == Win32Error.ERROR_CANCELLED)
{
return(false);
}
if (retVal != Win32Error.ERROR_SUCCESS)
{
throw new Win32Exception(retVal);
}
var outAuth = new AuthenticationBuffer(outAuthBuffer, (int)outAuthBufferSize);
if (EncryptPassword)
{
SecureString u, d, p;
outAuth.UnPack(true, out u, out d, out p);
Password = null;
SecurePassword = p;
UserName = d?.Length > 0 ? $"{d.ToInsecureString()}\\{u.ToInsecureString()}" : u.ToInsecureString();
}
else
{
string u, d, p;
outAuth.UnPack(true, out u, out d, out p);
Password = p;
SecurePassword = null;
UserName = string.IsNullOrEmpty(d) ? u : $"{d}\\{u}";
}
if (ValidatePassword != null)
{
var pve = new PasswordValidatorEventArgs(UserName, Password, SecurePassword);
ValidatePassword.Invoke(this, pve);
if (!pve.Validated)
{
return(false);
}
}
return(true);
}
}
finally
{
if (info.hbmBanner != IntPtr.Zero)
{
Gdi32.DeleteObject(info.hbmBanner);
}
}
}