Winsomnia/MireaBackend
1
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

refactor: move checking password

Browse Source
This commit is contained in:
Polianin Nikita 2024-08-27 22:51:14 +03:00
parent f27d07fb5a
commit a27549092b
2 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Endpoint/Controllers/Configuration/SetupController.cs
View File

@ -23,7 +23,6 @@ using System.IO;
using System.Net.Mail; using System.Net.Mail;
using System.Runtime.InteropServices; using System.Runtime.InteropServices;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Text.RegularExpressions;
namespace Mirea.Api.Endpoint.Controllers.Configuration; namespace Mirea.Api.Endpoint.Controllers.Configuration;
@ -31,7 +30,7 @@ namespace Mirea.Api.Endpoint.Controllers.Configuration;
[ApiController] [ApiController]
[MaintenanceModeIgnore] [MaintenanceModeIgnore]
[ApiExplorerSettings(IgnoreApi = true)] [ApiExplorerSettings(IgnoreApi = true)]
public partial class SetupController( public class SetupController(
ISetupToken setupToken, ISetupToken setupToken,
IMaintenanceModeNotConfigureService notConfigureService, IMaintenanceModeNotConfigureService notConfigureService,
IMemoryCache cache, IMemoryCache cache,
@ -212,7 +211,7 @@ public partial class SetupController(
[BadRequestResponse] [BadRequestResponse]
public ActionResult<string> CreateAdmin([FromBody] CreateUserRequest user) public ActionResult<string> CreateAdmin([FromBody] CreateUserRequest user)
{ {
if (user.Password.Length < 8 || !PasswordExistUpperLetter().IsMatch(user.Password) || !PasswordExistSpecialSymbol().IsMatch(user.Password)) if (PasswordHashService.HasPasswordInPolicySecurity(user.Password))
throw new ControllerArgumentException("The password must be at least 8 characters long and contain at least one uppercase letter and one special character."); throw new ControllerArgumentException("The password must be at least 8 characters long and contain at least one uppercase letter and one special character.");
if (!MailAddress.TryCreate(user.Email, out _)) if (!MailAddress.TryCreate(user.Email, out _))

14
Security/Services/PasswordHashService.cs
View File

@ -1,10 +1,11 @@
using Konscious.Security.Cryptography; using Konscious.Security.Cryptography;
using System; using System;
using System.Text; using System.Text;
using System.Text.RegularExpressions;
namespace Mirea.Api.Security.Services; namespace Mirea.Api.Security.Services;
public class PasswordHashService public partial class PasswordHashService
{ {
public int SaltSize { private get; init; } public int SaltSize { private get; init; }
public int HashSize { private get; init; } public int HashSize { private get; init; }
@ -53,4 +54,15 @@ public class PasswordHashService
public bool VerifyPassword(string password, string saltBase64, string hashBase64) => public bool VerifyPassword(string password, string saltBase64, string hashBase64) =>
VerifyPassword(password, Convert.FromBase64String(saltBase64), Convert.FromBase64String(hashBase64)); VerifyPassword(password, Convert.FromBase64String(saltBase64), Convert.FromBase64String(hashBase64));
public static bool HasPasswordInPolicySecurity(string password) =>
password.Length >= 8 &&
PasswordExistSpecialSymbol().IsMatch(password) &&
PasswordExistUpperLetter().IsMatch(password);
[GeneratedRegex("[A-Z]+")]
private static partial Regex PasswordExistUpperLetter();
[GeneratedRegex("[!@#$%^&*]+")]
private static partial Regex PasswordExistSpecialSymbol();
} }