public async Task <User> Register(User user, string password)
{
byte[] passwordSalt;
byte[] passwordHash;
PasswordHashSalt.CreatePasswordHashSalt(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
await context.Users.AddAsync(user);
await context.SaveChangesAsync();
return(user);
}
public async Task <User> Login(string username, string password)
{
var user = await context.Users.FirstOrDefaultAsync(x => x.Username == username);
if (user == null)
{
return(null);
}
if (!PasswordHashSalt.VerificationPasswordHash(password, user.PasswordHash, user.PasswordSalt))
{
return(null);
}
return(user);
}
public void GetPasswordHash(string Password, out PasswordHashSalt passwordhashSalt)
{
byte[] Salt = new byte[_saltSize];
var provider = new RNGCryptoServiceProvider();
provider.GetNonZeroBytes(Salt);
var rfc2898DeriveBytes = new Rfc2898DeriveBytes(Password, Salt, iterationCount);
PasswordHashSalt salt = new PasswordHashSalt()
{
passwordSalt = Salt,
password = rfc2898DeriveBytes.GetBytes(_hashSize)
};
passwordhashSalt = salt;
}
public async Task CreateAsync_Should_Add_User_CorrectlyAsync(string username, string email, string password,
PasswordHashSalt passwordHashSalt, string apiKey)
{
var user = default(UserModel);
_apiKeyGenerator.GenerateNewApiKey().Returns(apiKey);
_userRepository.IsUsernameExistAsync(username).Returns(false);
_userRepository.IsEmailExistAsync(email).Returns(false);
_passwordManager.GeneratePassword(password).Returns(passwordHashSalt);
_userRepository.When(x => x.AddUserAsync(Arg.Any <UserModel>())).Do(x => user = (UserModel)x[0]);
await _userServiceInstance.CreateAsync(username, password, email);
Assert.IsNotNull(user);
Assert.AreEqual(username, user.Username);
Assert.AreEqual(email, user.Email);
Assert.AreEqual(passwordHashSalt.PasswordHash, user.PasswordHash);
Assert.AreEqual(passwordHashSalt.Salt, user.Salt);
Assert.That(DateTime.UtcNow, Is.EqualTo(user.Created).Within(1).Seconds);
Assert.That(DateTime.UtcNow, Is.EqualTo(user.Updated).Within(1).Seconds);
Assert.AreEqual(apiKey, user.ApiKey);
}
public void Seedusers()
{
if (!context.Users.Any())
{
var userData = File.ReadAllText("Data/UserSeedData.json");
var users = JsonConvert.DeserializeObject <List <User> >(userData);
foreach (var user in users)
{
byte[] passwordSalt;
byte[] passwordHash;
PasswordHashSalt.CreatePasswordHashSalt("password", out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Username = user.Username.ToLower();
context.Users.Add(user);
}
context.SaveChanges();
}
}
