public void CreateLogin(LoginDbo login)
{
using (var connection = GetConnection())
{
connection.Insert("Login", login);
}
}
public UserReadDbo ValidateUser(string authHeader)
{
string auth = _GetAuth(authHeader);
if (auth == null)
{
return(null);
}
Guid guid;
if (!Guid.TryParse(auth, out guid))
{
return(null);
}
LoginDbo login = _loginRepository.GetLogin(guid);
if (login == null)
{
return(null);
}
return(_userRepository.GetUserById(login.UserId));
}
public IActionResult Post(LoginRequest request)
{
UserReadDbo user = _userRepo.GetUserByUserName(request.UserName);
if (user == null)
{
return(GetInvalidLogin());
}
byte[] hash = Hash.Get(request.Password, user.Nonce);
if (!hash.SequenceEqual(user.Password))
{
return(GetInvalidLogin());
}
DateTime now = DateTime.UtcNow;
Guid id = Guid.NewGuid();
LoginDbo dbo = new LoginDbo
{
Id = id.ToByteArray(),
UserId = user.Id,
CreatedAt = now
};
_loginRepo.CreateLogin(dbo);
LoginResponse ret = new LoginResponse
{
LoginId = id.ToString()
};
return(Ok(ret));
}
public void CreateLogin(LoginDbo login)
{
_dbo.Add(new LoginDbo {
Id = login.Id, CreatedAt = login.CreatedAt, UserId = login.UserId
});
}
public IActionResult Post(LoginRequest request)
{
if (string.IsNullOrEmpty(request.UserName))
{
return(Error.BadRequest("User name is required"));
}
if (request.UserName.Length > Max.UserName)
{
return(Error.BadRequest("User name is too long"));
}
if (string.IsNullOrEmpty(request.Password))
{
return(Error.BadRequest("Password is required"));
}
if (request.Password.Length > Max.Password)
{
return(Error.BadRequest("Password is too long"));
}
if (request.Password.Length < Min.Password)
{
return(Error.BadRequest("Password is too short"));
}
if (request.UserName == request.Password)
{
return(Error.BadRequest("User name and password cannot be the same"));
}
if (_userRepo.HasUser(request.UserName))
{
return(BadRequest(new ErrorResponse {
Message = "User name is already in use"
}));
}
if (!request.Password.Any(c => char.IsNumber(c)))
{
return(Error.BadRequest("Password must contain a number"));
}
if (!request.Password.Any(c => !char.IsNumber(c) & !char.IsLetter(c)))
{
return(Error.BadRequest("Password must contain a symbol"));
}
if (!request.Password.Any(c => char.IsUpper(c)))
{
return(Error.BadRequest("Password must contain an upper-case letter"));
}
if (!request.Password.Any(c => char.IsLower(c)))
{
return(Error.BadRequest("Password must contain a lower-case letter"));
}
DateTime now = DateTime.UtcNow;
long nonce = Hash.RandomLong();
UserWriteDbo dbo = new UserWriteDbo
{
UserName = request.UserName,
Nonce = nonce,
Password = Hash.Get(request.Password, nonce),
CreatedAt = now
};
_userRepo.CreateUser(dbo);
UserReadDbo user = _userRepo.GetUserByUserName(request.UserName);
Guid id = Guid.NewGuid();
LoginDbo loginDbo = new LoginDbo
{
Id = id.ToByteArray(),
UserId = user.Id,
CreatedAt = now
};
_loginRepo.CreateLogin(loginDbo);
LoginResponse response = new LoginResponse
{
LoginId = id.ToString()
};
return(Ok(response));
}
