Skip to content
Snippets Groups Projects
Commit 17bdfa7d authored by Vaclav Svaton's avatar Vaclav Svaton
Browse files

UserAndLimitationManagement fix

parent c10f565c
No related branches found
No related tags found
No related merge requests found
...@@ -18,6 +18,8 @@ namespace HaaSMiddleware.BusinessLogicTier.Logic.UserAndLimitationManagement { ...@@ -18,6 +18,8 @@ namespace HaaSMiddleware.BusinessLogicTier.Logic.UserAndLimitationManagement {
internal class UserAndLimitationManagementLogic : IUserAndLimitationManagementLogic { internal class UserAndLimitationManagementLogic : IUserAndLimitationManagementLogic {
private static readonly ILog log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private static readonly ILog log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
private readonly IUnitOfWork unitOfWork; private readonly IUnitOfWork unitOfWork;
private const int cSaltBytes = 12;
private const int cHashBytes = 20;
internal UserAndLimitationManagementLogic(IUnitOfWork unitOfWork) { internal UserAndLimitationManagementLogic(IUnitOfWork unitOfWork) {
this.unitOfWork = unitOfWork; this.unitOfWork = unitOfWork;
...@@ -90,11 +92,25 @@ namespace HaaSMiddleware.BusinessLogicTier.Logic.UserAndLimitationManagement { ...@@ -90,11 +92,25 @@ namespace HaaSMiddleware.BusinessLogicTier.Logic.UserAndLimitationManagement {
} }
private string AuthenticateUserWithPassword(AdaptorUser user, PasswordCredentials credentials) { private string AuthenticateUserWithPassword(AdaptorUser user, PasswordCredentials credentials) {
if ( user.Password == credentials.Password ) //get the bytes
return CreateSessionCode(user).UniqueCode; byte[] hashBytes = Convert.FromBase64String(user.Password);
//extract salt
byte[] salt = new byte[cSaltBytes];
Array.Copy(hashBytes, 0, salt, 0, cSaltBytes);
//create password hash
var pbkdf2 = new Rfc2898DeriveBytes(credentials.Password, salt);
byte[] hash = pbkdf2.GetBytes(cHashBytes);
//verify password
for (int i = 0; i < cHashBytes; i++)
{
if (hashBytes[i + cSaltBytes] != hash[i])
{
log.Error("Authentication of user " + user.Username + " was not successful due to wrong credentials."); log.Error("Authentication of user " + user.Username + " was not successful due to wrong credentials.");
throw new InvalidAuthenticationCredentialsException("Authentication of user " + user.Username + " was not successful due to wrong credentials."); throw new InvalidAuthenticationCredentialsException("Authentication of user " + user.Username + " was not successful due to wrong credentials.");
} }
}
return CreateSessionCode(user).UniqueCode;
}
public IList<ResourceUsage> GetCurrentUsageAndLimitationsForUser(AdaptorUser loggedUser) { public IList<ResourceUsage> GetCurrentUsageAndLimitationsForUser(AdaptorUser loggedUser) {
IList<SubmittedJobInfo> notFinishedJobs = IList<SubmittedJobInfo> notFinishedJobs =
......
...@@ -12,7 +12,7 @@ namespace HaaSMiddleware.DomainObjects.UserAndLimitationManagement { ...@@ -12,7 +12,7 @@ namespace HaaSMiddleware.DomainObjects.UserAndLimitationManagement {
[StringLength(50)] [StringLength(50)]
public string Username { get; set; } public string Username { get; set; }
[StringLength(30)] [StringLength(50)]
public string Password { get; set; } public string Password { get; set; }
[Column(TypeName = "text")] [Column(TypeName = "text")]
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
<Project ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<NameOfLastUsedPublishProfile>Local</NameOfLastUsedPublishProfile> <NameOfLastUsedPublishProfile>Local</NameOfLastUsedPublishProfile>
<LastActiveSolutionConfig>Release|Any CPU</LastActiveSolutionConfig> <LastActiveSolutionConfig>Debug|Any CPU</LastActiveSolutionConfig>
</PropertyGroup> </PropertyGroup>
<ProjectExtensions> <ProjectExtensions>
<VisualStudio> <VisualStudio>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment