public IActionResult DoLogin([FromBody] CredentialCreateDto credentialCreateDto)
{
/* Checks if the received object is well formed */
if (!ModelState.IsValid)
{
return(BadRequest());
}
/* Calculate the SHA256(<password>+SALT) - OBSOLETE and INSECURE! */
//string STRING_CalculatedSHA256Password = CryptoHelper.ComputeSha256Hash(credentialCreateDto.Password.PadLeft(32, '*') + _configuration.GetSection("NCLVaultConfiguration").GetValue(typeof(string), "PASSWORD_SALT"));
var credential = _vaultDbContext.Credentials.Where(cred => cred.Username == credentialCreateDto.Username).FirstOrDefault();
/* Checks the credential */
if (credential != null &&
!PBKDF2Provider.IsValid(credentialCreateDto.Password.PadLeft(32, '*'), credential.Password))
//cred.Password == STRING_CalculatedSHA256Password))
{
return(Unauthorized());
}
// The login process is terminated correctly, generates the JWT token
// Generates the ClaimIndentity object
var identity = new ClaimsIdentity(JwtBearerDefaults.AuthenticationScheme);
// Adds to the JWT token the Username Claim that contains the username that has logged in */
identity.AddClaim(new Claim("username", credentialCreateDto.Username));
/* Saves the generated ClaimsPrincipal inside the HTTP Context */
HttpContext.User = new ClaimsPrincipal(identity);
return(Ok());
}
public void T2_001_HashAndVerify()
{
string STRING_HashedString = PBKDF2Provider.Generate("!//Lab2020");
Assert.IsTrue(PBKDF2Provider.IsValid("!//Lab2020", STRING_HashedString));
}