public async Task Post(UserModel userModel, string creditCard)
        {
            var user = await _userRepository.Get(userModel.Username);

            if (user != null)
            {
                var salt             = PasswordEncryptor.CreateSalt(ChaCha20Poly1305.ChaCha20Poly1305.NonceSize);
                var key              = _keyVault.Get();
                var hashedCreditCard = PasswordEncryptor.EncryptSensitiveData(creditCard, salt, key);

                user.CreditCardHash = hashedCreditCard;
                user.CreditCardSalt = HexToBytesConverter.BytesArrayToHexString(salt);

                await _userRepository.Update(user);
            }
        }
        public async Task <string> Get(string email)
        {
            var user = await _userRepository.Get(email);

            if (user != null)
            {
                var salt             = HexToBytesConverter.HexStringToBytesArray(user.CreditCardSalt);
                var key              = _keyVault.Get();
                var hashedCreditCard = PasswordEncryptor.DecryptSensitiveData(user.CreditCardHash, salt, key);

                var creditCard = HexToBytesConverter.HexStringToBytesArray(hashedCreditCard);

                return(Encoding.Default.GetString(creditCard));
            }

            throw new Exception("Decryption failed");
        }
Beispiel #3
0
        public async Task <bool> Register(UserModel userModel)
        {
            var salt           = PasswordEncryptor.CreateSalt(SaltLength);
            var hashedPassword = PasswordEncryptor.HashPassword(userModel.Password, salt);

            var user = new User
            {
                Id           = Guid.NewGuid(),
                Email        = userModel.Username,
                PasswordHash = hashedPassword,
                PasswordSalt = HexToBytesConverter.BytesArrayToHexString(salt)
            };

            await _userRepository.Add(user);

            return(true);
        }
Beispiel #4
0
        public async Task <UserModel> Login(UserModel userModel)
        {
            var userEntity = await _userRepository.Get(userModel.Username);

            if (userEntity != null)
            {
                var salt           = HexToBytesConverter.HexStringToBytesArray(userEntity.PasswordSalt);
                var hashedPassword = PasswordEncryptor.HashPassword(userModel.Password, salt);
                if (hashedPassword == userEntity.PasswordHash)
                {
                    userModel.Token = "Fake-Token";

                    return(userModel);
                }
            }

            throw new Exception("Login failed");
        }