public IActionResult Login([FromForm] User model)
{
var user = GetUserByName(model.Name);
if (user.Password == null)
{
return(Unauthorized());
}
var passwordHash = new PasswordWithSaltHasher();
var isPasswordMatched = passwordHash.VerifyPassword(model.Password, user.Password, user.Salt, SHA256.Create());
if (isPasswordMatched == false)
{
return(Unauthorized());
}
var token = _jwtAuthenticationManager.Authenticate(model.Name, user.Password);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
//Authorize , https://www.youtube.com/watch?v=vWkPdurauaA
}
/// <summary>
/// Handles the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>Task.</returns>
public async Task <bool> Handle(CreateCustomerCommand request, CancellationToken cancellationToken)
{
if (!request.IsValid())
{
foreach (var error in request.ValidationResult.Errors)
{
throw new CustomerDomainException(error.ErrorMessage);
}
return(false);
}
//encrypt password
var passwordResult = PasswordWithSaltHasher.ActionEncrypt(request.Password, SaltLength);
var customer = new Customer(request.FirstName, request.LastName, request.Email, passwordResult.Salt, passwordResult.Digest);
var existingCustomer = _customerRepository.FindByEmail(customer.Email);
if (existingCustomer != null)
{
throw new CustomerDomainException("The customer e-mail has already been taken");
}
//add customer
var customerAdded = _customerRepository.Add(customer);
if (customerAdded == null)
{
throw new CustomerDomainException("new customer could not insert");
}
return(await _unitOfWork.CommitAsync(cancellationToken));
}
public void ValidarNovaSenha()
{
PasswordWithSaltHasher pws = new PasswordWithSaltHasher();
string password = "******";
HashWithSaltResult hwsr = pws.HashWithSalt(password, 64, SHA512.Create());
HashWithSaltResult hwsr2 = pws.HashWithSalt(password, hwsr.Salt, SHA512.Create());
Assert.AreEqual(hwsr.Digest, hwsr2.Digest);
}
/// <summary>
/// Adds the specified model.
/// </summary>
/// <param name="model">The model.</param>
public void Add(AddNewCustomerViewModel model)
{
const int saltLength = 64;
var createCustomerCommand = _mapper.Map <CreateCustomerCommand>(model);
var passwordResult = PasswordWithSaltHasher.ActionEncrypt(model.Password, saltLength);
createCustomerCommand.SecurityStamp = passwordResult.Salt;
createCustomerCommand.PasswordHash = passwordResult.Digest;
_commandDispatcher.Send(createCustomerCommand);
}
public int SignUp([FromForm] User model)
{
if (!ModelState.IsValid)
{
return(0);
}
PasswordWithSaltHasher passwordHash = new PasswordWithSaltHasher();
var hashWithSalt = passwordHash.HashWithSalt(model.Password, SHA256.Create(), saltLength: 64);
var password = hashWithSalt.Digest;
var salt = hashWithSalt.Salt;
var recordsCreated = CreateUser(model.Name, model.Email, password, salt);
return(recordsCreated);
}
public void Consulta_ItemSelecionado(Usuario obj)
{
PasswordWithSaltHasher pwHasher = new PasswordWithSaltHasher();
HashWithSalt = pwHasher.HashWithSalt(obj.HashSenha, 64, SHA512.Create());
HashWithSaltResult hashWithSaltResult = new HashWithSaltResult(HashWithSalt.Salt, HashWithSalt.Digest);
UsuarioAtual = obj;
Codigo.Text = obj.Codigo.ToString();
hashWithSaltResult.Digest = obj.HashSenha;
hashWithSaltResult.Salt = obj.HashSalt;
HashWithSalt = hashWithSaltResult;
Nome.Text = obj.Nome;
Login.Text = obj.Login;
Tipo.SelectedItem = obj.Tipo;
}
public static HashWithSaltResult HashPassword(string password)
{
PasswordWithSaltHasher pwHasher = new PasswordWithSaltHasher();
HashWithSaltResult hashResultSha256 = new HashWithSaltResult();
try
{
hashResultSha256 = pwHasher.HashWithSalt(password, 64, SHA256.Create());
}
catch (Exception ex)
{
Logger.Exception(ex, System.Reflection.MethodBase.GetCurrentMethod().Name);
}
return(hashResultSha256);
}
public bool CreateAuthClientConfig(string userName,string password, string baseUrl)
{
string query = @"INSERT INTO [dbo].[AuthClientConfigs]
([UserName],[Salt],[Digest],[BaseUri])
VALUES (@userName,@salt,@digest,@baseUri)";
using (var sqlConnection = new SqlConnection(_connectionString))
{
PasswordWithSaltHasher passwordWithSaltHasher = new PasswordWithSaltHasher();
var digestWithSalt = passwordWithSaltHasher.HashWithSalt(password, 64, HashAlgorithm.Create("SHA256"));
SqlCommand command = new SqlCommand(query, sqlConnection);
command.Parameters.Add("@userName", SqlDbType.VarChar, 50).Value = userName;
command.Parameters.Add("@salt", SqlDbType.VarChar, 200).Value = digestWithSalt.Salt;
command.Parameters.Add("@digest", SqlDbType.VarChar, 200).Value = digestWithSalt.Digest;
command.Parameters.Add("@baseUri", SqlDbType.VarChar,200).Value = baseUrl;
sqlConnection.Open();
int affectedRows = command.ExecuteNonQuery();
return affectedRows > 0 ? true : false;
}
}
