From 56a7e767855812f5a26765d445633b253ebb1bef Mon Sep 17 00:00:00 2001 From: csimonapastore Date: Tue, 17 Jun 2025 21:01:57 +0200 Subject: [PATCH] Fixed password generation --- MainProject.Tests/JsonData/appsettings.json | 2 +- .../Services/UserService_Tests.cs | 78 ++- ...ableUsersForPasswordEncryption.Designer.cs | 542 ++++++++++++++++++ ...12_AlterTableUsersForPasswordEncryption.cs | 109 ++++ .../SqlServerContextModelSnapshot.cs | 15 +- MainProject/Services/UserService.cs | 11 +- MainProject/Utils/PasswordUtils.cs | 5 +- MainProject/appsettings.json | 2 +- 8 files changed, 722 insertions(+), 42 deletions(-) create mode 100644 MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.Designer.cs create mode 100644 MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.cs diff --git a/MainProject.Tests/JsonData/appsettings.json b/MainProject.Tests/JsonData/appsettings.json index 6bd1180..2580e5b 100644 --- a/MainProject.Tests/JsonData/appsettings.json +++ b/MainProject.Tests/JsonData/appsettings.json @@ -36,7 +36,7 @@ }, "EncryptionSettings": { "SaltKey": "S7VIidfXQf1tOQYX", - "Salt": "", + "Salt": "u5CZAwq9vLGysC", "Iterations": 10 } } diff --git a/MainProject.Tests/Services/UserService_Tests.cs b/MainProject.Tests/Services/UserService_Tests.cs index c3bc21f..1d4c75f 100644 --- a/MainProject.Tests/Services/UserService_Tests.cs +++ b/MainProject.Tests/Services/UserService_Tests.cs @@ -34,30 +34,7 @@ public class UserService_Tests Console.WriteLine(ex.InnerException); Assert.Fail($"An exception was thrown: {ex.Message}"); } - } - - [TestMethod] - public async Task GetUserByUsernameAndPassword_Null() - { - try - { - var testString = "test"; - if (_userService != null) - { - var user = await _userService.GetUserByUsernameAndPassword(testString, testString); - Assert.IsTrue(user == null); - } - else - { - Assert.Fail($"UserService is null"); - } - } - catch (Exception ex) - { - Console.WriteLine(ex.InnerException); - Assert.Fail($"An exception was thrown: {ex}"); - } - } + } [TestMethod] public async Task CheckIfEmailIsValid_EmailNotExists() @@ -93,7 +70,8 @@ public class UserService_Tests { FirstName = expectedUser.FirstName ?? String.Empty, LastName = expectedUser.LastName ?? String.Empty, - Email = expectedUser.Email ?? String.Empty + Email = expectedUser.Email ?? String.Empty, + Password = "Password" }; Role role = new() @@ -110,6 +88,10 @@ public class UserService_Tests Assert.IsTrue(expectedUser.LastName == user.LastName); Assert.IsTrue(expectedUser.Email == user.Email); Assert.IsTrue(expectedUser.Role?.Name == user.Role?.Name); + Assert.IsTrue(user.PasswordIterations == 10); + Assert.IsNotNull(expectedUser.PasswordSalt); + Assert.IsNotNull(expectedUser.PasswordPepper); + Assert.IsNotNull(expectedUser.Password); _user = user; } @@ -120,6 +102,52 @@ public class UserService_Tests } } + [TestMethod] + public async Task GetUserByUsernameAndPassword_Null() + { + try + { + var testString = "test"; + if (_userService != null) + { + var user = await _userService.GetUserByUsernameAndPassword(testString, testString); + Assert.IsTrue(user == null); + } + else + { + Assert.Fail($"UserService is null"); + } + } + catch (Exception ex) + { + Console.WriteLine(ex.InnerException); + Assert.Fail($"An exception was thrown: {ex}"); + } + } + + [TestMethod] + public async Task GetUserByUsernameAndPassword_Success() + { + try + { + var password = "Password"; + if (_userService != null) + { + var user = await _userService.GetUserByUsernameAndPassword(_user.Email, password); + Assert.IsTrue(user != null); + } + else + { + Assert.Fail($"UserService is null"); + } + } + catch (Exception ex) + { + Console.WriteLine(ex.InnerException); + Assert.Fail($"An exception was thrown: {ex}"); + } + } + [TestMethod] public async Task CreateUserAsync_Exception() { diff --git a/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.Designer.cs b/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.Designer.cs new file mode 100644 index 0000000..53baad2 --- /dev/null +++ b/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.Designer.cs @@ -0,0 +1,542 @@ +// +using System; +using BasicDotnetTemplate.MainProject.Core.Database; +using Microsoft.EntityFrameworkCore; +using Microsoft.EntityFrameworkCore.Infrastructure; +using Microsoft.EntityFrameworkCore.Metadata; +using Microsoft.EntityFrameworkCore.Migrations; +using Microsoft.EntityFrameworkCore.Storage.ValueConversion; + +#nullable disable + +namespace MainProject.Migrations +{ + [DbContext(typeof(SqlServerContext))] + [Migration("20250617183212_AlterTableUsersForPasswordEncryption")] + partial class AlterTableUsersForPasswordEncryption + { + /// + protected override void BuildTargetModel(ModelBuilder modelBuilder) + { +#pragma warning disable 612, 618 + modelBuilder + .HasAnnotation("ProductVersion", "9.0.5") + .HasAnnotation("Relational:MaxIdentifierLength", 128); + + SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionModule", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex(new[] { "Enabled" }, "IX_Enabled") + .HasFilter("[Enabled] = 1"); + + b.HasIndex(new[] { "IsDeleted" }, "IX_IsDeleted") + .HasFilter("[IsDeleted] = 0"); + + b.HasIndex(new[] { "IsDeleted", "Name", "Enabled" }, "IX_IsDeleted_Name_Enabled") + .HasFilter("[IsDeleted] = 0"); + + b.ToTable("PermissionModules"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionOperation", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex(new[] { "IsDeleted", "Name" }, "IX_IsDeleted_Name"); + + b.ToTable("PermissionOperations"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystem", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex(new[] { "Enabled" }, "IX_Enabled") + .HasFilter("[Enabled] = 1"); + + b.HasIndex(new[] { "IsDeleted" }, "IX_IsDeleted") + .HasFilter("[IsDeleted] = 0"); + + b.HasIndex(new[] { "IsDeleted", "Name", "Enabled" }, "IX_IsDeleted_Name_Enabled") + .HasFilter("[IsDeleted] = 0"); + + b.ToTable("PermissionSystems"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModule", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("PermissionModuleId") + .HasColumnType("int"); + + b.Property("PermissionSystemId") + .HasColumnType("int"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("PermissionModuleId"); + + b.HasIndex("PermissionSystemId"); + + b.ToTable("PermissionSystemModules"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModuleOperation", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Enabled") + .HasColumnType("bit"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("PermissionOperationId") + .HasColumnType("int"); + + b.Property("PermissionSystemModuleId") + .HasColumnType("int"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("PermissionOperationId"); + + b.HasIndex("PermissionSystemModuleId"); + + b.HasIndex(new[] { "IsDeleted", "Enabled", "Guid" }, "IX_IsDeleted_Enabled_Guid"); + + b.ToTable("PermissionSystemModuleOperations"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.Role", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("IsNotEditable") + .HasColumnType("bit"); + + b.Property("Name") + .IsRequired() + .HasMaxLength(100) + .HasColumnType("nvarchar(100)"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex(new[] { "IsDeleted", "Guid" }, "IX_IsDeleted_Guid") + .HasFilter("[IsDeleted] = 0"); + + b.ToTable("Roles"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.RolePermissionSystemModuleOperation", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("Active") + .HasColumnType("bit"); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("PermissionSystemModuleOperationId") + .HasColumnType("int"); + + b.Property("RoleId") + .HasColumnType("int"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("PermissionSystemModuleOperationId"); + + b.HasIndex("RoleId"); + + b.ToTable("RolePermissionSystemModuleOperations"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.User", b => + { + b.Property("Id") + .ValueGeneratedOnAdd() + .HasColumnType("int"); + + SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property("Id")); + + b.Property("CreationTime") + .HasColumnType("datetime2"); + + b.Property("CreationUserId") + .HasColumnType("int"); + + b.Property("DeletionTime") + .HasColumnType("datetime2"); + + b.Property("DeletionUserId") + .HasColumnType("int"); + + b.Property("Email") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("FirstName") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Guid") + .IsRequired() + .HasMaxLength(45) + .HasColumnType("nvarchar(45)"); + + b.Property("IsDeleted") + .HasColumnType("bit"); + + b.Property("IsTestUser") + .HasColumnType("bit"); + + b.Property("LastName") + .IsRequired() + .HasMaxLength(200) + .HasColumnType("nvarchar(200)"); + + b.Property("Password") + .HasColumnType("nvarchar(max)"); + + b.Property("PasswordIterations") + .HasColumnType("int"); + + b.Property("PasswordPepper") + .HasColumnType("nvarchar(max)"); + + b.Property("PasswordSalt") + .IsRequired() + .HasColumnType("nvarchar(max)"); + + b.Property("RoleId") + .HasColumnType("int"); + + b.Property("UpdateTime") + .HasColumnType("datetime2"); + + b.Property("UpdateUserId") + .HasColumnType("int"); + + b.HasKey("Id"); + + b.HasIndex("RoleId"); + + b.HasIndex(new[] { "Email" }, "IX_Email"); + + b.HasIndex(new[] { "IsDeleted", "Guid" }, "IX_IsDeleted_Guid") + .HasFilter("[IsDeleted] = 0"); + + b.ToTable("Users"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModule", b => + { + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionModule", "PermissionModule") + .WithMany() + .HasForeignKey("PermissionModuleId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystem", "PermissionSystem") + .WithMany() + .HasForeignKey("PermissionSystemId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("PermissionModule"); + + b.Navigation("PermissionSystem"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModuleOperation", b => + { + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionOperation", "PermissionOperation") + .WithMany() + .HasForeignKey("PermissionOperationId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModule", "PermissionSystemModule") + .WithMany() + .HasForeignKey("PermissionSystemModuleId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("PermissionOperation"); + + b.Navigation("PermissionSystemModule"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.RolePermissionSystemModuleOperation", b => + { + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.PermissionSystemModuleOperation", "PermissionSystemModuleOperation") + .WithMany() + .HasForeignKey("PermissionSystemModuleOperationId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.Role", "Role") + .WithMany() + .HasForeignKey("RoleId") + .OnDelete(DeleteBehavior.Cascade) + .IsRequired(); + + b.Navigation("PermissionSystemModuleOperation"); + + b.Navigation("Role"); + }); + + modelBuilder.Entity("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.User", b => + { + b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.Role", "Role") + .WithMany() + .HasForeignKey("RoleId"); + + b.Navigation("Role"); + }); +#pragma warning restore 612, 618 + } + } +} diff --git a/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.cs b/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.cs new file mode 100644 index 0000000..3fd90e8 --- /dev/null +++ b/MainProject/Migrations/20250617183212_AlterTableUsersForPasswordEncryption.cs @@ -0,0 +1,109 @@ +using Microsoft.EntityFrameworkCore.Migrations; + +#nullable disable + +namespace MainProject.Migrations +{ + /// + public partial class AlterTableUsersForPasswordEncryption : Migration + { + /// + protected override void Up(MigrationBuilder migrationBuilder) + { + migrationBuilder.DropForeignKey( + name: "FK_Users_Roles_RoleId", + table: "Users"); + + migrationBuilder.DropColumn( + name: "PasswordHash", + table: "Users"); + + migrationBuilder.AlterColumn( + name: "RoleId", + table: "Users", + type: "int", + nullable: true, + oldClrType: typeof(int), + oldType: "int"); + + migrationBuilder.AlterColumn( + name: "Password", + table: "Users", + type: "nvarchar(max)", + nullable: true, + oldClrType: typeof(string), + oldType: "nvarchar(max)"); + + migrationBuilder.AddColumn( + name: "PasswordIterations", + table: "Users", + type: "int", + nullable: false, + defaultValue: 0); + + migrationBuilder.AddColumn( + name: "PasswordPepper", + table: "Users", + type: "nvarchar(max)", + nullable: true); + + migrationBuilder.AddForeignKey( + name: "FK_Users_Roles_RoleId", + table: "Users", + column: "RoleId", + principalTable: "Roles", + principalColumn: "Id"); + } + + /// + protected override void Down(MigrationBuilder migrationBuilder) + { + migrationBuilder.DropForeignKey( + name: "FK_Users_Roles_RoleId", + table: "Users"); + + migrationBuilder.DropColumn( + name: "PasswordIterations", + table: "Users"); + + migrationBuilder.DropColumn( + name: "PasswordPepper", + table: "Users"); + + migrationBuilder.AlterColumn( + name: "RoleId", + table: "Users", + type: "int", + nullable: false, + defaultValue: 0, + oldClrType: typeof(int), + oldType: "int", + oldNullable: true); + + migrationBuilder.AlterColumn( + name: "Password", + table: "Users", + type: "nvarchar(max)", + nullable: false, + defaultValue: "", + oldClrType: typeof(string), + oldType: "nvarchar(max)", + oldNullable: true); + + migrationBuilder.AddColumn( + name: "PasswordHash", + table: "Users", + type: "nvarchar(max)", + nullable: false, + defaultValue: ""); + + migrationBuilder.AddForeignKey( + name: "FK_Users_Roles_RoleId", + table: "Users", + column: "RoleId", + principalTable: "Roles", + principalColumn: "Id", + onDelete: ReferentialAction.Cascade); + } + } +} diff --git a/MainProject/Migrations/SqlServerContextModelSnapshot.cs b/MainProject/Migrations/SqlServerContextModelSnapshot.cs index d32f3cb..5d71ef6 100644 --- a/MainProject/Migrations/SqlServerContextModelSnapshot.cs +++ b/MainProject/Migrations/SqlServerContextModelSnapshot.cs @@ -17,7 +17,7 @@ namespace MainProject.Migrations { #pragma warning disable 612, 618 modelBuilder - .HasAnnotation("ProductVersion", "9.0.2") + .HasAnnotation("ProductVersion", "9.0.5") .HasAnnotation("Relational:MaxIdentifierLength", 128); SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder); @@ -435,18 +435,19 @@ namespace MainProject.Migrations .HasColumnType("nvarchar(200)"); b.Property("Password") - .IsRequired() .HasColumnType("nvarchar(max)"); - b.Property("PasswordHash") - .IsRequired() + b.Property("PasswordIterations") + .HasColumnType("int"); + + b.Property("PasswordPepper") .HasColumnType("nvarchar(max)"); b.Property("PasswordSalt") .IsRequired() .HasColumnType("nvarchar(max)"); - b.Property("RoleId") + b.Property("RoleId") .HasColumnType("int"); b.Property("UpdateTime") @@ -528,9 +529,7 @@ namespace MainProject.Migrations { b.HasOne("BasicDotnetTemplate.MainProject.Models.Database.SqlServer.Role", "Role") .WithMany() - .HasForeignKey("RoleId") - .OnDelete(DeleteBehavior.Cascade) - .IsRequired(); + .HasForeignKey("RoleId"); b.Navigation("Role"); }); diff --git a/MainProject/Services/UserService.cs b/MainProject/Services/UserService.cs index f7e1644..54ecef4 100644 --- a/MainProject/Services/UserService.cs +++ b/MainProject/Services/UserService.cs @@ -43,6 +43,9 @@ public class UserService : BaseService, IUserService private User CreateUserData(CreateUserRequestData data, Role role) { + var salt = _appSettings.EncryptionSettings?.Salt ?? String.Empty; + var pepper = CryptUtils.GeneratePepper(); + var iterations = _appSettings.EncryptionSettings?.Iterations ?? 10; User user = new() { CreationTime = DateTime.UtcNow, @@ -52,10 +55,10 @@ public class UserService : BaseService, IUserService FirstName = data.FirstName, LastName = data.LastName, Email = data.Email, - PasswordSalt = _appSettings.EncryptionSettings?.Salt ?? String.Empty, - PasswordPepper = CryptUtils.GeneratePepper(), - PasswordIterations = _appSettings.EncryptionSettings?.Iterations ?? 10, - Password = "", + PasswordSalt = salt, + PasswordPepper = pepper, + PasswordIterations = iterations, + Password = CryptUtils.GeneratePassword(data.Password, salt, iterations, pepper), Role = role, IsTestUser = false }; diff --git a/MainProject/Utils/PasswordUtils.cs b/MainProject/Utils/PasswordUtils.cs index 8deb1d3..b1cd1fc 100644 --- a/MainProject/Utils/PasswordUtils.cs +++ b/MainProject/Utils/PasswordUtils.cs @@ -7,10 +7,9 @@ using BasicDotnetTemplate.MainProject.Enum; using BasicDotnetTemplate.MainProject.Models.Settings; namespace BasicDotnetTemplate.MainProject.Utils; -public partial class PasswordUtils -{ - protected PasswordUtils() { } +public static partial class PasswordUtils +{ private const int MIN_LENGTH = 8; private const int MIN_UPPER = 2; private const int MIN_LOWER = 2; diff --git a/MainProject/appsettings.json b/MainProject/appsettings.json index dde36ef..274bdd2 100644 --- a/MainProject/appsettings.json +++ b/MainProject/appsettings.json @@ -36,7 +36,7 @@ }, "EncryptionSettings": { "SaltKey": "S7VIidfXQf1tOQYX", - "Salt": "", + "Salt": "u5CZAwq9vLGysC", "Iterations": 10 }, "PermissionsSettings": {