private bool AreUserCredentialsValid(UserLoginRequest request, User user)
        {
            var saltedPasswordIntent = request.Password.Value + user.Password.SaltProp.Value;
            var hashedPasswordIntent = hashingService.Hash(saltedPasswordIntent);

            return(hashedPasswordIntent == user.Password.Value);
        }
Beispiel #2
0
        public void Execute(CMDDatabaseContext context)
        {
            var hashedPassword = HashingService.Hash(GenerateDefaultPassword(), _user.PasswordSalt);

            _user.PasswordHash = hashedPassword;
            context.SaveChanges();
        }
        public void Hash(
            HashingService hashingService,
            SecurePseudoRandomGenerator securePseudoRandomGenerator)
        {
            Salt salt           = securePseudoRandomGenerator.Generate();
            var  saltedPassword = this.Value + salt.Value;
            var  hashedPassword = hashingService.Hash(saltedPassword);

            this.Value    = hashedPassword;
            this.SaltProp = salt;
        }
Beispiel #4
0
        public override void Validate()
        {
            if (this.Model.PasswordHash == null)
            {
                return;
            }

            var plainTextPassword = this.Model.PasswordHash;

            PasswordRules.PasswordRules.ValidatePassword(plainTextPassword);

            var hashedPassword = HashingService.Hash(plainTextPassword, this.Model.PasswordSalt);

            //reset the model to the hashed version
            this.Model.PasswordHash = hashedPassword;
        }
        public override void Validate()
        {
            var passwordKey = DAL.PropertyName <User>(x => x.PasswordHash);

            if (!this.Delta.ContainsKey(passwordKey))
            {
                return;
            }

            var plainTextPassword = this.Delta[passwordKey].ToString();

            PasswordRules.PasswordRules.ValidatePassword(plainTextPassword);

            var hashedPassword = HashingService.Hash(plainTextPassword, this.Model.PasswordSalt);

            //reset the delta to the hashed version
            this.Delta[passwordKey] = hashedPassword;
        }
        public IActionResult Login(LoginPayload payload)
        {
            if (!_db.StudentExists(payload.IndexNumber))
            {
                return(Unauthorized("User not found"));
            }

            var SecurityData = _db.GetStudentSecurityData(payload.IndexNumber);

            Console.WriteLine(SecurityData.PasswordHash);
            if (String.IsNullOrEmpty(SecurityData.PasswordHash))
            {
                var Salt = HashingService.GenerateSalt();
                _db.UpdatePassword(
                    payload.IndexNumber,
                    Salt,
                    HashingService.Hash(payload.PlainPassword, Salt)
                    );
            }
            else if (!HashingService.Check(
                         payload.PlainPassword,
                         SecurityData.Salt,
                         SecurityData.PasswordHash
                         ))
            {
                return(Unauthorized("Wrong password"));
            }

            var RefreshToken = Guid.NewGuid();

            _db.UpdateRefreshToken(payload.IndexNumber, RefreshToken.ToString());

            return(Ok(new
            {
                AccessToken = new JwtSecurityTokenHandler().WriteToken(_security.GenerateToken(
                                                                           payload.IndexNumber,
                                                                           SecurityData.Role
                                                                           )),
                RefreshToken = RefreshToken
            }));
        }