public AuthenticationResult Authenticate(LoginModel loginModel)
{
var user = _userRepository.FindByUsername(loginModel.Username);
if(user == null)
return new AuthenticationResult();
var saltedHash = GenerateSaltedHash(Encoding.UTF8.GetBytes(loginModel.Password),
Convert.FromBase64String(user.Salt));
if(Convert.ToBase64String(saltedHash) != user.PasswordHash)
return new AuthenticationResult();
return new AuthenticationResult() { IsAuthenticated = true, User = user };
}
public ActionResult Index(LoginModel model)
{
if(!ModelState.IsValid)
return View(model);
var result = _authenticationService.Authenticate(model);
if (!result.IsAuthenticated)
return View(model);
var token = new AccessToken(result.User.Id);
_accessTokenRepository.Save(token);
Response.Cookies.Add(new HttpCookie("token", token.Id) { Expires = token.Expires, Path = "/" });
return RedirectToAction("Index", "Security");
}
public ActionResult Index()
{
var model = new LoginModel();
return View(model);
}
