C# (CSharp) ZeitenanalyseHelper示例

示例#1

文件： LoginController.cs 项目： Fixu97/SlrgBernJugend

        public ActionResult Logon()
        {
            var frmData = Request.Form;

            if (!frmData["Username"].IsNullOrWhiteSpace() || !frmData["Password"].IsNullOrWhiteSpace())
            {
                var userDto = BusinessLayer.GetUserByCredentials(frmData["Username"], frmData["Password"]);
                if (ZeitenanalyseHelper.CheckIfUserDtoIsValid(userDto))
                {
                    SessionFacade.User = userDto;
                    return(RedirectToAction("Index", "Home"));
                }
            }
            return(View("Login", new LoginModel {
                CurrentMode = LoginModel.PageMode.Erroneous
            }));

            return(RedirectToAction("Login", "Login"));
        }

示例#2

        /// <summary>
        /// 1. Retrieve the user's salt and hash from the database.
        /// 2. Prepend the salt to the given password and hash it using the same hash function.
        /// 3. Compare the hash of the given password with the hash from the database. If they match, the password is correct. Otherwise, the password is incorrect
        /// </summary>
        /// <param name="username">The username</param>
        /// <param name="password">The hashed password</param>
        /// <returns></returns>
        public UserDTO GetUserByCredentials(string username, string password)
        {
            var query  = $"{SelectStatement} WHERE Username = @var0;";
            var result = ReadParamterized(query, new List <string> {
                username
            });

            var users = new List <UserDTO>();

            result.ForEach(r => users.Add(r));

            if (users.Count > 0)
            {
                var user = users[0];

                if (user.Password == ZeitenanalyseHelper.Sha256Hash(password + user.Salt))
                {
                    return(user);
                }
            }

            return(new UserDTO());
        }

示例#3

文件： UsersController.cs 项目： Fixu97/SlrgBernJugend

        protected override DbObjDTO GetDtoFromCollection(int id, FormCollection collection)
        {
            var user = new UserDTO()
            {
                Pk       = id,
                Username = collection["Username"],
                Admin    = collection["Admin"].Contains("true"),
                Email    = collection["Email"]
            };

            /* Edit with no password or salt will not yet work, because the function
             * Update in DBHandler will try to insert null values as Password and Salt
             */
            if (!collection["Password"].IsNullOrWhiteSpace() && !collection["ConfPassword"].IsNullOrWhiteSpace())
            {
                if (collection["Password"] == collection["ConfPassword"])
                {
                    user.Salt     = ZeitenanalyseHelper.CreateSalt();
                    user.Password = ZeitenanalyseHelper.Sha256Hash(collection["Password"] + user.Salt);
                }
            }

            return(user);
        }