public async Task <IActionResult> SignUpAsync(
[FromForm] SignUpRequest request)
{
if (ModelState.IsValid)
{
var userPasswordHash = default(byte[]);
var userPasswordSalt = default(byte[]);
PasswordHelper.CalculatePasswordHashAndSalt(request.Password,
out userPasswordHash, out userPasswordSalt);
var user = (await Repository
.GetAsync(x => x.Name == request.Name))
.FirstOrDefault();
if (user == null)
{
user = new User()
{
Name = request.Name,
PasswordHash = userPasswordHash,
PasswordSalt = userPasswordSalt,
Role = UserRole.Standard
};
Repository.CreateAsync(user).Wait();
return(Ok());
}
}
return(BadRequest(ModelState));
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
private static void SeedUsers(EntityRepositoryContext context)
{
var userPasswordHash = default(byte[]);
var userPasswordSalt = default(byte[]);
PasswordHelper.CalculatePasswordHashAndSalt("admin",
out userPasswordHash, out userPasswordSalt);
context.Set <User>().Add(
new User
{
Name = "admin",
PasswordHash = userPasswordHash,
PasswordSalt = userPasswordSalt,
Role = UserRole.Administrator
});
PasswordHelper.CalculatePasswordHashAndSalt("user",
out userPasswordHash, out userPasswordSalt);
context.Set <User>().Add(
new User()
{
Name = "user",
PasswordHash = userPasswordHash,
PasswordSalt = userPasswordSalt,
Role = UserRole.Standard
});
context.SaveChanges();
}
public async Task <IActionResult> UpdatePasswordAsync(
[FromForm] UpdatePasswordRequest request)
{
if (ModelState.IsValid)
{
var user = await UserService.ResolveAsync(User.Identity);
if (user != null)
{
// Ensure the user knows their old password as well.
if (UserService.TryAuthenticate(
user.Name, request.Password, out user))
{
var userPasswordHash = default(byte[]);
var userPasswordSalt = default(byte[]);
// Recalculate the password hash and salt.
PasswordHelper.CalculatePasswordHashAndSalt(request.PasswordNew,
out userPasswordHash, out userPasswordSalt);
user.PasswordHash = userPasswordHash;
user.PasswordSalt = userPasswordSalt;
await UserService.Users.UpdateAsync(user);
return(Ok());
}
return(Unauthorized());
}
// Weird authentication state...
return(StatusCode(500));
}
return(BadRequest(ModelState));
}
