patterncsharpMinor
Passing a password to a viewmodel
Viewed 0 times
passingviewmodelpassword
Problem
I've got a project I've been working on that connect to a file server and writes some data to a text file. In order to do this I added a textbox for the user to type their username and a passwordbox well for the password. In my models I have an interface called
Using MVVM Light I created a
```
public void ExportList(object parameter)
{
var passwordContainer = parameter as IPassword;
NetworkCredential credentials;
string folder = String.Empty;
if (passwordContainer != null && IsEnabled == true)
{
var securePassword = passwordContainer.Password;
var password = ConvertToUnsecureString(securePassword);
credentials = new NetworkCredential();
credentials.UserName = Username;
credentials.Password = password;
credentials.Domain = "domain name";
folder = "folder location";
WriteToNetworkFolder(folder, credentials);
}
else
{
folder = "local folder location";
WriteToLocalFolder(folder);
}
}
private string ConvertToUnsecureString(SecureString password)
{
if (password == null)
{
return String.Empty;
}
IntPtr unmanagedString = IntPtr.Zero;
try
{
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(password);
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
}
}
private void WriteToNetworkFolder(string folder, NetworkCredential credentials)
{
// Open the connection to the server
IPassword that looks like the following:public interface IPassword
{
SecureString Password { get; }
}Using MVVM Light I created a
RelayCommand and tied it to a button. When the button is clicked it calls the function ExportList (I've removed any code relating to my file server location):```
public void ExportList(object parameter)
{
var passwordContainer = parameter as IPassword;
NetworkCredential credentials;
string folder = String.Empty;
if (passwordContainer != null && IsEnabled == true)
{
var securePassword = passwordContainer.Password;
var password = ConvertToUnsecureString(securePassword);
credentials = new NetworkCredential();
credentials.UserName = Username;
credentials.Password = password;
credentials.Domain = "domain name";
folder = "folder location";
WriteToNetworkFolder(folder, credentials);
}
else
{
folder = "local folder location";
WriteToLocalFolder(folder);
}
}
private string ConvertToUnsecureString(SecureString password)
{
if (password == null)
{
return String.Empty;
}
IntPtr unmanagedString = IntPtr.Zero;
try
{
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(password);
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
}
}
private void WriteToNetworkFolder(string folder, NetworkCredential credentials)
{
// Open the connection to the server
Solution
Why don't you just use the overloaded constructor of the
In this way you can remove the
It is always recommended to use
NetworkCredential class which takes the password as SecureString? In this way you can remove the
ConvertToUnsecureString() method at all and you don't have to read the decrypted value of the password.It is always recommended to use
System.IO.Path.Combine() instead of adding up the path by using string concatenation. In this way you will be safe regarding illegal characters in the path, missing \ etc.Context
StackExchange Code Review Q#85414, answer score: 6
Revisions (0)
No revisions yet.