feat : sécurité password bcrypt

Blazor/Blazor/Blazor.csproj

@@ -14,34 +14,35 @@
   </ItemGroup>
 
   <ItemGroup>
-    <Content Remove="Pages\_Layout.cshtml" />
+    <Content Remove="Pages\_Layout.cshtml" />
-  </ItemGroup>
+  </ItemGroup>
-
+
-  <ItemGroup>
+  <ItemGroup>
+    <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
     <PackageReference Include="Blazored.LocalStorage" Version="4.4.0" />
-    <PackageReference Include="Blazored.Modal" Version="7.1.0" />
+    <PackageReference Include="Blazored.Modal" Version="7.1.0" />
     <PackageReference Include="Blazorise.Bootstrap" Version="1.4.0" />
     <PackageReference Include="Blazorise.DataGrid" Version="1.4.0" />
     <PackageReference Include="Blazorise.Icons.FontAwesome" Version="1.4.0" />
-    <PackageReference Include="ChoETL.JSON.NETStandard" Version="1.2.1.64" />
+    <PackageReference Include="ChoETL.JSON.NETStandard" Version="1.2.1.64" />
-    <PackageReference Include="ChoETL.NETStandard" Version="1.2.1.64" />
+    <PackageReference Include="ChoETL.NETStandard" Version="1.2.1.64" />
-    <PackageReference Include="Microsoft.Extensions.Localization" Version="8.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Localization" Version="8.0.1" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Configuration" Version="8.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Configuration" Version="8.0.0" />
     <PackageReference Include="SuperConvert" Version="1.0.4.9" />
-    <PackageReference Include="System.Net.Http" Version="4.3.4" />
+    <PackageReference Include="System.Net.Http" Version="4.3.4" />
-    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
+    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
-  </ItemGroup>
+  </ItemGroup>
-
+
-  <ItemGroup>
+  <ItemGroup>
-    <UpToDateCheckInput Remove="Pages\_Layout.cshtml" />
+    <UpToDateCheckInput Remove="Pages\_Layout.cshtml" />
-  </ItemGroup>
+  </ItemGroup>
-
+
-  <ItemGroup>
+  <ItemGroup>
-    <_ContentIncludedByDefault Remove="Pages\_Layout.cshtml" />
+    <_ContentIncludedByDefault Remove="Pages\_Layout.cshtml" />
-  </ItemGroup>
+  </ItemGroup>
-
+
-  <ItemGroup>
+  <ItemGroup>
-    <None Include="Pages\_Layout.cshtml" />
+    <None Include="Pages\_Layout.cshtml" />
 
 
   </ItemGroup>

Blazor/Blazor/Models/AdministratorModel.cs

@@ -1,5 +1,6 @@
 using Microsoft.AspNetCore.Cryptography.KeyDerivation;
 using Microsoft.AspNetCore.Identity;
+using BCrypt.Net;
 using System.Security.Cryptography;
 using System.ComponentModel.DataAnnotations;
 using System.Text;
@@ -22,18 +23,24 @@ public class AdministratorModel
 
     public void HashPassword(string password)
     {
-        using (MD5 md5 = MD5.Create())
+        this.HashedPassword = BCrypt.Net.BCrypt.HashPassword(password, BCrypt.Net.BCrypt.GenerateSalt());
-        {
-            byte[] inputBytes = Encoding.UTF8.GetBytes(password);
-            byte[] hashBytes = md5.ComputeHash(inputBytes);
-
-            StringBuilder sb = new StringBuilder();
-            for (int i = 0; i < hashBytes.Length; i++)
-            {
-                sb.Append(hashBytes[i].ToString("x2"));
-            }
-
-            HashedPassword = sb.ToString();
-        }
     }
+
+
+    //public void HashPassword(string password)
+    //{
+    //    using (MD5 md5 = MD5.Create())
+    //    {
+    //        byte[] inputBytes = Encoding.UTF8.GetBytes(password);
+    //        byte[] hashBytes = md5.ComputeHash(inputBytes);
+
+    //        StringBuilder sb = new StringBuilder();
+    //        for (int i = 0; i < hashBytes.Length; i++)
+    //        {
+    //            sb.Append(hashBytes[i].ToString("x2"));
+    //        }
+
+    //        HashedPassword = sb.ToString();
+    //    }
+    //}
 }

Blazor/Blazor/Models/PlayerModel.cs

@@ -21,18 +21,23 @@ public class PlayerModel
 
     public void HashPassword(string password)
     {
-        using (MD5 md5 = MD5.Create())
+        this.HashedPassword = BCrypt.Net.BCrypt.HashPassword(password, BCrypt.Net.BCrypt.GenerateSalt());
-        {
-            byte[] inputBytes = Encoding.UTF8.GetBytes(password);
-            byte[] hashBytes = md5.ComputeHash(inputBytes);
-
-            StringBuilder sb = new StringBuilder();
-            for (int i = 0; i < hashBytes.Length; i++)
-            {
-                sb.Append(hashBytes[i].ToString("x2"));
-            }
-
-            HashedPassword = sb.ToString();
-        }
     }
+
+    //public void HashPassword(string password)
+    //{
+    //    using (MD5 md5 = MD5.Create())
+    //    {
+    //        byte[] inputBytes = Encoding.UTF8.GetBytes(password);
+    //        byte[] hashBytes = md5.ComputeHash(inputBytes);
+
+    //        StringBuilder sb = new StringBuilder();
+    //        for (int i = 0; i < hashBytes.Length; i++)
+    //        {
+    //            sb.Append(hashBytes[i].ToString("x2"));
+    //        }
+
+    //        HashedPassword = sb.ToString();
+    //    }
+    //}
 }

Blazor/Blazor/Pages/Admins/AddAdministrator.razor.cs

@@ -25,7 +25,7 @@ namespace Blazor.Pages.Admins
         {
             if (administratorModel != null)
             {
-                administratorModel.HashPassword(administratorModel.HashedPassword);
+                administratorModel.HashPassword(administratorModel.HashedPassword);
 
                 var formData = new List<KeyValuePair<string, string>>();
                 formData.Add(new KeyValuePair<string, string>("username", administratorModel.Username));

Blazor/Test/Test.csproj

@@ -10,6 +10,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.6.0" />
     <PackageReference Include="MSTest.TestAdapter" Version="3.0.4" />
     <PackageReference Include="MSTest.TestFramework" Version="3.0.4" />