Adding SHA256 password encryption and password verify

2025-03-11 23:36:49 +01:00
parent 78911eb877
commit 0b354988fd
14 changed files with 389 additions and 18 deletions
--- a/MainProject.Tests/Controllers/AuthController_Tests.cs
+++ b/MainProject.Tests/Controllers/AuthController_Tests.cs
@@ -59,10 +59,13 @@ public class AuthController_Tests
                LastName = "test",
                Email = "test",
                PasswordHash = "test",
+                PasswordSalt = "test",
+                Password = "test",
                Role = new DatabaseSqlServer.Role()
                {
                    Name = "test"
-                }
+                },
+                IsTestUser = true
            };
        AuthenticatedUser authenticatedUser = new AuthenticatedUser(user);

--- a/MainProject.Tests/JsonData/appsettings.json
+++ b/MainProject.Tests/JsonData/appsettings.json
@@ -35,7 +35,8 @@
            "ExpiredAfterMinsOfInactivity": 15
        },
        "EncryptionSettings": {
-            "Salt": "S7VIidfXQf1tOQYX"
+            "Salt": "S7VIidfXQf1tOQYX",
+            "Pepper": ""
        }
    }

--- a/MainProject.Tests/JsonData/invalidCryptAppsettings.json
+++ b/MainProject.Tests/JsonData/invalidCryptAppsettings.json
@@ -35,7 +35,8 @@
            "ExpiredAfterMinsOfInactivity": 15
        },
        "EncryptionSettings": {
-            "Salt": "AAAAA"
+            "Salt": "AAAAA",
+            "Pepper": ""
        }
    }

--- a/MainProject.Tests/Models/Api/Common/User/AuthenticatedUser_Tests.cs
+++ b/MainProject.Tests/Models/Api/Common/User/AuthenticatedUser_Tests.cs
@@ -29,10 +29,13 @@ public class AuthenticatedUser_Tests
                LastName = "test",
                Email = "test",
                PasswordHash = "test",
+                PasswordSalt = "test",
+                Password = "test",
                Role = new DatabaseSqlServer.Role()
                {
                    Name = "test"
-                }
+                },
+                IsTestUser = true
            };
            AuthenticatedUser authenticatedUser = new AuthenticatedUser(user);
            
--- a/MainProject.Tests/Models/Api/Response/Auth/AuthenticateResponse_Tests.cs
+++ b/MainProject.Tests/Models/Api/Response/Auth/AuthenticateResponse_Tests.cs
@@ -74,10 +74,13 @@ public class AuthenticateResponse_Tests
                LastName = "test",
                Email = "test",
                PasswordHash = "test",
+                PasswordSalt = "test",
+                Password = "test",
                Role = new DatabaseSqlServer.Role()
                {
                    Name = "test"
-                }
+                },
+                IsTestUser = true
            };
            AuthenticatedUser data = new AuthenticatedUser(user);
            var authenticateResponse = new AuthenticateResponse(200, "This is a test message", data);
--- a/MainProject.Tests/Utils/CryptoUtils_Tests.cs
+++ b/MainProject.Tests/Utils/CryptoUtils_Tests.cs
@@ -101,6 +101,67 @@ public class CryptoUtils_Tests
        }
    }

+    [TestMethod]
+    public void GenerateSalt()
+    {
+        try
+        {
+            var salt = CryptUtils.GenerateSalt();
+            Assert.IsTrue(!String.IsNullOrEmpty(salt));
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine(ex.InnerException);
+            Assert.Fail($"An exception was thrown: {ex.Message}");
+        }
+    }
+
+    [TestMethod]
+    public void ComputeHash_Hashed()
+    {
+        try
+        {
+            var password = "P4ssw0rd@1!";
+            var salt = CryptUtils.GenerateSalt();
+            Assert.IsTrue(!String.IsNullOrEmpty(salt));
+
+            WebApplicationBuilder builder = WebApplication.CreateBuilder(Array.Empty<string>());
+            AppSettings appSettings = ProgramUtils.AddConfiguration(ref builder, System.AppDomain.CurrentDomain.BaseDirectory + "/JsonData");
+            CryptUtils cryptoUtils = new CryptUtils(appSettings);
+            var encryptedPassword = cryptoUtils.GeneratePassword(password, salt, 0);
+            Assert.IsTrue(password != encryptedPassword); 
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine(ex.InnerException);
+            Assert.Fail($"An exception was thrown: {ex.Message}");
+        }
+    }
+
+    [TestMethod]
+    public void VerifyPassword_True()
+    {
+        try
+        {
+            var password = "P4ssw0rd@1!";
+            var salt = "Afi7PQYgEL2sPbNyVzduvg==";
+            var hashedPassword = "2lMeySZ9ciH1KtSg1Z7oSJRmJEjHMeDvdaNRcJcGutM=";
+
+            WebApplicationBuilder builder = WebApplication.CreateBuilder(Array.Empty<string>());
+            AppSettings appSettings = ProgramUtils.AddConfiguration(ref builder, System.AppDomain.CurrentDomain.BaseDirectory + "/JsonData");
+            CryptUtils cryptoUtils = new CryptUtils(appSettings);
+            var verified = cryptoUtils.VerifyPassword(password, salt, 0, hashedPassword);
+            Console.WriteLine(cryptoUtils.GeneratePassword(password, salt, 0));
+
+            Assert.IsTrue(verified);
+        }
+        catch (Exception ex)
+        {
+            Console.WriteLine(ex.InnerException);
+            Assert.Fail($"An exception was thrown: {ex.Message}");
+        }
+    }
+
 }