Skip to content

Commit

Permalink
Merge pull request #1688 from qdraw/feature/202409_iterationcount
Browse files Browse the repository at this point in the history
Feature/202409 iterationcount
  • Loading branch information
qdraw authored Sep 2, 2024
2 parents c546e7d + 9884c31 commit a7e8832
Show file tree
Hide file tree
Showing 22 changed files with 4,685 additions and 12,991 deletions.
10 changes: 5 additions & 5 deletions starsky/starsky.feature.geolookup/Services/GeoFileDownload.cs
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public async Task DownloadAsync()
RemoveFailedDownload();
CreateDependenciesFolder();
const string https = "https://";
const string admin1codesasciiTxt = "admin1CodesASCII.txt";
const string admin1CodesasciiTxt = "admin1CodesASCII.txt";

if ( !_hostStorage.ExistFile(
Path.Combine(_appSettings.DependenciesFolder, CountryName + ".txt")) )
Expand All @@ -59,18 +59,18 @@ await _httpClientHelper.Download(https + MirrorUrl + CountryName + ".zip",
}

if ( !_hostStorage.ExistFile(
Path.Combine(_appSettings.DependenciesFolder, admin1codesasciiTxt)) )
Path.Combine(_appSettings.DependenciesFolder, admin1CodesasciiTxt)) )
{
// code for the second administrative division,
// a county in the US, see file admin2Codes.txt; varchar(80)
var outputFile = Path.Combine(_appSettings.DependenciesFolder,
admin1codesasciiTxt);
admin1CodesasciiTxt);
var baseResult = await _httpClientHelper.Download(https +
BaseUrl + admin1codesasciiTxt, outputFile);
BaseUrl + admin1CodesasciiTxt, outputFile);
if ( !baseResult )
{
await _httpClientHelper.Download(https +
MirrorUrl + admin1codesasciiTxt, outputFile);
MirrorUrl + admin1CodesasciiTxt, outputFile);
}
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,41 +5,46 @@
using System.Security.Cryptography;
using Microsoft.AspNetCore.Cryptography.KeyDerivation;

namespace starsky.foundation.accountmanagement.Helpers
namespace starsky.foundation.accountmanagement.Helpers;

public static class Pbkdf2Hasher
{
public static class Pbkdf2Hasher
/// <summary>
/// Get secured hash passwords based on a salt
/// </summary>
/// <param name="password">password</param>
/// <param name="salt">to decrypt</param>
/// <param name="iteration100K">more secure password</param>
/// <param name="useSha256">more secure password</param>
/// <returns>hashed password</returns>
public static string ComputeHash(string password, byte[] salt, bool iteration100K = true, bool useSha256 = true)
{
/// <summary>
/// Get secured hash passwords based on a salt
/// </summary>
/// <param name="password">password</param>
/// <param name="salt">to decrypt</param>
/// <returns>hased password</returns>
public static string ComputeHash(string password, byte[] salt)
{
return Convert.ToBase64String(
KeyDerivation.Pbkdf2(
password: password,
salt: salt,
prf: KeyDerivationPrf.HMACSHA1,
iterationCount: 100_000,
numBytesRequested: 256 / 8
)
);
}
// Use 100K iterations for new passwords, and 10K iterations for older stored hashes
var iterationCount = iteration100K ? 100_000 : 10000;
var hashType = useSha256 ? KeyDerivationPrf.HMACSHA256 : KeyDerivationPrf.HMACSHA1;

return Convert.ToBase64String(
KeyDerivation.Pbkdf2(
password: password,
salt: salt,
prf: hashType,
iterationCount: iterationCount,
numBytesRequested: 256 / 8
)
);
}

/// <summary>
/// Generate a random salt
/// </summary>
/// <returns>random salt</returns>
public static byte[] GenerateRandomSalt()
{
byte[] salt = new byte[128 / 8];
/// <summary>
/// Generate a random salt
/// </summary>
/// <returns>random salt</returns>
public static byte[] GenerateRandomSalt()
{
var salt = new byte[128 / 8];

using ( var rng = RandomNumberGenerator.Create() )
rng.GetBytes(salt);
using var rng = RandomNumberGenerator.Create();
rng.GetBytes(salt);

return salt;
}
return salt;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -3,101 +3,101 @@
using starsky.foundation.accountmanagement.Models;
using starsky.foundation.database.Models.Account;

namespace starsky.foundation.accountmanagement.Interfaces
{
public enum SignUpResultError
{
CredentialTypeNotFound,
NullString
}

public class SignUpResult
{
public User? User { get; }
public bool Success { get; private set; }
public SignUpResultError? Error { get; }

public SignUpResult(User? user = null, bool success = false,
SignUpResultError? error = null)
{
User = user;
Success = success;
Error = error;
}
}
namespace starsky.foundation.accountmanagement.Interfaces;

public enum ValidateResultError
{
CredentialTypeNotFound,
CredentialNotFound,
SecretNotValid,
Lockout,
UserNotFound
}
public enum SignUpResultError
{
CredentialTypeNotFound,
NullString
}

public enum ChangeSecretResultError
public class SignUpResult
{
public SignUpResult(User? user = null, bool success = false,
SignUpResultError? error = null)
{
CredentialTypeNotFound,
CredentialNotFound
User = user;
Success = success;
Error = error;
}

public class ChangeSecretResult
{
public bool Success { get; set; }
public User? User { get; }
public bool Success { get; private set; }
public SignUpResultError? Error { get; }
}

public ChangeSecretResultError? Error { get; set; }
public enum ValidateResultError
{
CredentialTypeNotFound,
CredentialNotFound,
SecretNotValid,
Lockout,
UserNotFound
}

public ChangeSecretResult(bool success = false, ChangeSecretResultError? error = null)
{
Success = success;
Error = error;
}
}
public enum ChangeSecretResultError
{
CredentialTypeNotFound,
CredentialNotFound
}

public interface IUserManager
public class ChangeSecretResult
{
public ChangeSecretResult(bool success = false, ChangeSecretResultError? error = null)
{
Task<UserOverviewModel> AllUsersAsync();

/// <summary>
/// Add a new user, including Roles and UserRoles
/// </summary>
/// <param name="name">Nice Name, default string.Empty</param>
/// <param name="credentialTypeCode">default is: Email</param>
/// <param name="identifier">an email address, e.g. dont@mail.us</param>
/// <param name="secret">Password</param>
/// <returns>result object</returns>
Task<SignUpResult> SignUpAsync(string name, string credentialTypeCode,
string? identifier, string? secret);

void AddToRole(User user, string roleCode);
void AddToRole(User user, Role role);
void RemoveFromRole(User user, string roleCode);
void RemoveFromRole(User user, Role role);

ChangeSecretResult ChangeSecret(string credentialTypeCode, string? identifier,
string secret);

Task<ValidateResult> ValidateAsync(string credentialTypeCode,
string? identifier, string secret);

Task<bool> SignIn(HttpContext httpContext, User? user,
bool isPersistent = false);

void SignOut(HttpContext httpContext);
int GetCurrentUserId(HttpContext httpContext);
User? GetCurrentUser(HttpContext httpContext);
User? GetUser(string credentialTypeCode, string identifier);
Credential? GetCredentialsByUserId(int userId);

Task<ValidateResult> RemoveUser(string credentialTypeCode,
string identifier);
Success = success;
Error = error;
}

User? Exist(string identifier);
public bool Success { get; set; }

Task<User?> ExistAsync(int userTableId);
Role? GetRole(string credentialTypeCode, string identifier);
public ChangeSecretResultError? Error { get; set; }
}

Task<Role?> GetRoleAsync(int userId);
bool PreflightValidate(string userName, string password, string confirmPassword);
}
public interface IUserManager
{
Task<UserOverviewModel> AllUsersAsync();

/// <summary>
/// Add a new user, including Roles and UserRoles
/// </summary>
/// <param name="name">Nice Name, default string.Empty</param>
/// <param name="credentialTypeCode">default is: Email</param>
/// <param name="identifier">an email address, e.g. dont@mail.us</param>
/// <param name="secret">Password</param>
/// <returns>result object</returns>
Task<SignUpResult> SignUpAsync(string name, string credentialTypeCode,
string? identifier, string? secret);

void AddToRole(User user, string roleCode);
void AddToRole(User user, Role role);
void RemoveFromRole(User user, string roleCode);
void RemoveFromRole(User user, Role role);

ChangeSecretResult ChangeSecret(string credentialTypeCode, string? identifier,
string secret);

Task<ValidateResult> ValidateAsync(string credentialTypeCode,
string? identifier, string secret);

Task<bool> SignIn(HttpContext httpContext, User? user,
bool isPersistent = false);

void SignOut(HttpContext httpContext);
int GetCurrentUserId(HttpContext httpContext);
User? GetCurrentUser(HttpContext httpContext);
User? GetUser(string credentialTypeCode, string identifier);
Credential? GetCredentialsByUserId(int userId);

Task<ValidateResult> RemoveUser(string credentialTypeCode,
string identifier);

User? Exist(string identifier);

Task<User?> ExistAsync(int userTableId);
Role? GetRole(string credentialTypeCode, string identifier);

Task<Role?> GetRoleAsync(int userId);
bool PreflightValidate(string userName, string password, string confirmPassword);
CredentialType? GetCachedCredentialType(string credentialTypeCode);
}
Loading

0 comments on commit a7e8832

Please sign in to comment.