Beispiel #1
0
        public async Task <User> Register(User user, string password)
        {
            byte[] passwordSalt;
            byte[] passwordHash;

            PasswordHashSalt.CreatePasswordHashSalt(password, out passwordHash, out passwordSalt);

            user.PasswordHash = passwordHash;
            user.PasswordSalt = passwordSalt;

            await context.Users.AddAsync(user);

            await context.SaveChangesAsync();

            return(user);
        }
Beispiel #2
0
        public async Task <User> Login(string username, string password)
        {
            var user = await context.Users.FirstOrDefaultAsync(x => x.Username == username);

            if (user == null)
            {
                return(null);
            }

            if (!PasswordHashSalt.VerificationPasswordHash(password, user.PasswordHash, user.PasswordSalt))
            {
                return(null);
            }

            return(user);
        }
        public void GetPasswordHash(string Password, out PasswordHashSalt passwordhashSalt)
        {
            byte[] Salt     = new byte[_saltSize];
            var    provider = new RNGCryptoServiceProvider();

            provider.GetNonZeroBytes(Salt);


            var rfc2898DeriveBytes = new Rfc2898DeriveBytes(Password, Salt, iterationCount);
            PasswordHashSalt salt  = new PasswordHashSalt()
            {
                passwordSalt = Salt,
                password     = rfc2898DeriveBytes.GetBytes(_hashSize)
            };

            passwordhashSalt = salt;
        }
Beispiel #4
0
        public async Task CreateAsync_Should_Add_User_CorrectlyAsync(string username, string email, string password,
                                                                     PasswordHashSalt passwordHashSalt, string apiKey)
        {
            var user = default(UserModel);

            _apiKeyGenerator.GenerateNewApiKey().Returns(apiKey);
            _userRepository.IsUsernameExistAsync(username).Returns(false);
            _userRepository.IsEmailExistAsync(email).Returns(false);
            _passwordManager.GeneratePassword(password).Returns(passwordHashSalt);
            _userRepository.When(x => x.AddUserAsync(Arg.Any <UserModel>())).Do(x => user = (UserModel)x[0]);
            await _userServiceInstance.CreateAsync(username, password, email);

            Assert.IsNotNull(user);
            Assert.AreEqual(username, user.Username);
            Assert.AreEqual(email, user.Email);
            Assert.AreEqual(passwordHashSalt.PasswordHash, user.PasswordHash);
            Assert.AreEqual(passwordHashSalt.Salt, user.Salt);
            Assert.That(DateTime.UtcNow, Is.EqualTo(user.Created).Within(1).Seconds);
            Assert.That(DateTime.UtcNow, Is.EqualTo(user.Updated).Within(1).Seconds);
            Assert.AreEqual(apiKey, user.ApiKey);
        }
Beispiel #5
0
        public void Seedusers()
        {
            if (!context.Users.Any())
            {
                var userData = File.ReadAllText("Data/UserSeedData.json");
                var users    = JsonConvert.DeserializeObject <List <User> >(userData);

                foreach (var user in users)
                {
                    byte[] passwordSalt;
                    byte[] passwordHash;

                    PasswordHashSalt.CreatePasswordHashSalt("password", out passwordHash, out passwordSalt);

                    user.PasswordHash = passwordHash;
                    user.PasswordSalt = passwordSalt;
                    user.Username     = user.Username.ToLower();

                    context.Users.Add(user);
                }

                context.SaveChanges();
            }
        }