public AuthenticationControllerTest() { defaultAdminPassword = new Password(DefaultAdminPasswordString); var dataModule = new CloudCoreDataModule(); IoC.Initialize(); IoC.ScanModule(dataModule); IoC.AdditionalConfiguration(dataModule); //var mailMan = MockHelper.CreateSimpleGenericMock<IMailMan>(); //apiController = new AuthenticationController(Repository.Instance, new InMemoryCacheProvider(new CachePolicyFake()), mailMan); MockAuthContext(apiController); CloudCoreDB.Context.Cloudcore_UserPasswordUpdate(0, defaultAdminPassword.CreatePasswordHash(0)); FakeIdentity(1, 0); }
public static bool Login(string username, string password, bool rememberMe, bool requiresInternal, bool requiresExternal) { var dbContext = CloudCoreDB.Context; if (HttpContext.Current.Request.IsAuthenticated) { throw new DuplicateLoginException("You are already logged in. Please sign out first before another login attempt is made."); } if (!string.IsNullOrWhiteSpace(username) && !string.IsNullOrWhiteSpace(password)) { Cloudcore_User user = dbContext.Cloudcore_User.Where(r => r.Login == username || r.Email == username).SingleOrDefault(); if (user != null) { var encryptedPassword = new Password(password); if (user.UserId != 0 && !encryptedPassword.Compare(user.UserId, user.PasswordHash)) { throw new LoginException("The user name or password provided is incorrect."); } } else { throw new LoginException("The user name or password provided is incorrect."); } if (!user.IntAccess && !user.ExtAccess) { throw new LoginException("Could not log you in. Your user account is not active."); } if ((requiresInternal && user.IntAccess == false) || (requiresExternal && user.ExtAccess == false)) { throw new LoginException("You are not authorized to access this part of the system."); } CreateIdentity(user); DateTime? lastlogin = DateTime.Now; dbContext.Cloudcore_LoginUpdate(user.UserId, CloudCore.Core.Modules.Environment.ApplicationId, ref lastlogin); return true; } else { throw new LoginException("The user name or password provided is incorrect."); } }
public ApiToken Login([FromBody]UserAuthorization data) { var user = (from u in CloudCoreDB.Context.Cloudcore_User where (u.Login == data.UserName) select u).SingleOrDefault(); if (user == null) { throw new SecurityException("User does not exist or username is invalid."); } if (!(user.ExtAccess || user.IntAccess)) { throw new SecurityException("User is not enabled for access to this system."); } string hashedPassword = new Password(data.Password).CreatePasswordHash((int)user.UserId); if (user.PasswordHash != hashedPassword) { throw new SecurityException("Invalid username or password."); } return CreateSecretToken(ApiCaller.ApplicationId, (int)user.UserId, "USER_TOKEN_KEY"); }
public static string CreatePasswordHash(int userid, string password) { var pword = new Password(password); return pword.CreatePasswordHash(userid); }