/// <summary>
/// Retrieves <see cref="ApplicationUser"/> from DB and perform password check for basic login.
/// </summary>
/// <returns><see cref="BasicAuthenticationResult"/></returns>
public async Task <BasicAuthenticationResult> Authenticate(EncryptedBasicLoginModel model)
{
var user = await _healthyGamerPortalDbContext.ApplicationUsers.FirstOrDefaultAsync(
X => X.Email == Rfc7905.DecryptText(model.Email.Length, model.Email.Text));
// check if user exists
if (user == null)
{
return(null);
}
// check if password is correct
if (!VerifyPasswordHash(Convert.FromBase64String(user.Salt), Encoding.UTF8.GetBytes(Rfc7905.DecryptText(model.Password.Length, model.Password.Text)),
Convert.FromBase64String(user.Password)))
{
return(null);
}
//Retrieve roles from DB
BasicAuthenticationResult result = new BasicAuthenticationResult {
Name = user.Email, Roles = new string[] { "Sad", "NotSad" }
};
// authentication successful
return(result);
}
/// <summary>
/// Scout every request for basic login path and initiate authentication.
/// </summary>
public async Task InvokeAsync(HttpContext httpContext)
{
HttpRequest request = httpContext.Request;
HttpResponse response = httpContext.Response;
// If the request path doesn't match, skip
if (request.Path.Equals(_options.Path, StringComparison.Ordinal))
{
// Slow connection can cause collision between concurring tasks, delay until finished
while (!_antiforgery.ValidateRequestAsync(httpContext).IsCompleted)
{
//wait a bit please :D
}
// Request must be POST with matching antiforgery token
if (!request.Method.Equals("POST") || !_antiforgery.ValidateRequestAsync(httpContext).IsCompletedSuccessfully)
{
response.StatusCode = 400;
}
if (!httpContext.User.Identity.IsAuthenticated)
{
EncryptedBasicLoginModel model = new EncryptedBasicLoginModel
{
Email = new EncryptedMessage()
{
Text = Rfc7905.EncryptText(request.Form["Email"]),
Length = Encoding.UTF8.GetBytes(request.Form["Email"]).Length
},
Password = new EncryptedMessage()
{
Text = Rfc7905.EncryptText(request.Form["Password"]),
Length = Encoding.UTF8.GetBytes(request.Form["Password"]).Length
}
};
_httpContext = httpContext;
if (await Authenticate(model))
{
response.Redirect("/");
}
else
{
response.Redirect("/Account/Oauth");
}
return;
}
}
await _next(httpContext);
}
/// <summary>
/// Sends form data encrypted to api to perform existance and password check.
/// </summary>
public async Task <bool> Authenticate(EncryptedBasicLoginModel model)
{
var api = RestService.For <IHealthyGamerPortalUserApi>(new HttpClient(new Helpers.AnonymousHttpClientHandler())
{
BaseAddress = new Uri(BaseUrl)
});
var response = await api.Authenticate(model);
if (response.Result != null)
{
await PopulateUserIdentity(response.Result);
return(true);
}
return(false);
}
public async Task <IActionResult> Authenticate(EncryptedBasicLoginModel model)
{
var result = await _applicationUserService.Authenticate(model);
return(Ok(GenerateSuccessfulResponse(result)));
}
