private bool CheckCredentials(AttemptLoginUserDTO userDTO, AppUser userFromDB) { using HMACSHA512 hmac = new HMACSHA512(userFromDB.PasswordSalt); byte[] hashedPassword = hmac.ComputeHash(Encoding.ASCII.GetBytes(userDTO.Password)); if (hashedPassword.SequenceEqual(userFromDB.PasswordHash)) { return(true); } return(false); }
public async Task <ActionResult <SuccessLoginUser> > LoginUser([FromBody] AttemptLoginUserDTO user) { AppUser userFromDB; if ((userFromDB = await GetUserByUserName(user)) != null) { string token = TokenService.GenerateToken(userFromDB); if (CheckCredentials(user, userFromDB)) { return(new SuccessLoginUser() { UserName = userFromDB.UserName, Token = token }); } return(BadRequest("WRONG PASSWORD")); } return(BadRequest("No user with this username exist")); }
private async Task <AppUser> GetUserByUserName(AttemptLoginUserDTO credentials) { AppUser user = await Context.Users.FirstOrDefaultAsync(u => u.UserName.Equals(credentials.UserName)); return(user); }