Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-08-01 09:48:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

sha256 passwords client-side before sending (why didn't I do this before?)

Browse source
This commit is contained in:
jvyden 2021-11-20 02:21:42 -05:00
commit f005aca48c
No known key found for this signature in database
GPG key ID: 18BCF2BE0262B278
4 changed files with 40 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.idea/.idea.ProjectLighthouse/.idea/jsLibraryMappings.xml generated Normal file
View file

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="JavaScriptLibraryMappings">
<file url="PROJECT" libraries="{sha256}" />
</component>
</project>

15
ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml
View file

@ -4,8 +4,21 @@
@{ @{
Layout = "Layouts/BaseLayout"; Layout = "Layouts/BaseLayout";
} }
<script src="https://geraintluff.github.io/sha256/sha256.min.js"></script>
<script>
function onSubmit(form) {
const password = form['password'];
password.value = sha256(password.value);
return true;
}
</script>
<h1>Log in</h1> <h1>Log in</h1>
<form> <form onsubmit="return onSubmit(this)">
<label for="text">Username: </label> <label for="text">Username: </label>
<input type="text" name="username" id="text"><br> <input type="text" name="username" id="text"><br>

17
ProjectLighthouse/Pages/ExternalAuth/RegisterForm.cshtml
View file

@ -5,8 +5,23 @@
Layout = "Layouts/BaseLayout"; Layout = "Layouts/BaseLayout";
} }
<script src="https://geraintluff.github.io/sha256/sha256.min.js"></script>
<script>
function onSubmit(form) {
const password = form['password'];
const confirmPassword = form['confirmPassword'];
password.value = sha256(password.value);
confirmPassword.value = sha256(confirmPassword.value);
return true;
}
</script>
<h1>Register</h1> <h1>Register</h1>
<form> <form onsubmit="return onSubmit(this)">
<label for="text">Username: </label> <label for="text">Username: </label>
<input type="text" name="username" id="text"><br> <input type="text" name="username" id="text"><br>

11
ProjectLighthouse/Pages/ExternalAuth/RegisterForm.cshtml.cs
View file

@ -1,4 +1,3 @@
using System;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using System.Threading.Tasks; using System.Threading.Tasks;
using JetBrains.Annotations; using JetBrains.Annotations;
@ -20,18 +19,16 @@ namespace LBPUnion.ProjectLighthouse.Pages.ExternalAuth
[SuppressMessage("ReSharper", "SpecifyStringComparison")] [SuppressMessage("ReSharper", "SpecifyStringComparison")]
public async Task<IActionResult> OnGet([FromQuery] string username, [FromQuery] string password, [FromQuery] string confirmPassword) public async Task<IActionResult> OnGet([FromQuery] string username, [FromQuery] string password, [FromQuery] string confirmPassword)
{ {
this.WasRegisterRequest = !string.IsNullOrEmpty(username) && this.WasRegisterRequest = !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password) && !string.IsNullOrEmpty(confirmPassword);
!string.IsNullOrEmpty(password) &&
!string.IsNullOrEmpty(confirmPassword) &&
password == confirmPassword;
if (WasRegisterRequest) if (WasRegisterRequest)
{ {
Console.WriteLine(password); if (password != confirmPassword) return this.BadRequest();
bool userExists = await this.Database.Users.FirstOrDefaultAsync(u => u.Username.ToLower() == username.ToLower()) != null; bool userExists = await this.Database.Users.FirstOrDefaultAsync(u => u.Username.ToLower() == username.ToLower()) != null;
if (userExists) return this.BadRequest(); if (userExists) return this.BadRequest();
this.Database.CreateUser(username, HashHelper.BCryptHash(password)); await this.Database.CreateUser(username, HashHelper.BCryptHash(password));
} }
return this.Page(); return this.Page();