Example #1
0
        //----------------------
        // 已经登录了的用户修改密码
        public async Task <bool> UpdatePwd(long?userId, string oldPwd, string pwd)
        {
            var user = dataContext.User.Where(b => b.UserId == userId).First();

            IPasswordStore passwordStore = passwordStoreFactory.Instance(user);
            //验证旧密码
            var vd = passwordStore.VerifyPassword(user.Pwd.Base64ToByteArray(), oldPwd.Base64ToByteArray(), user.Salt.Base64ToByteArray(), user.PasswordHashIterations);

            if (!vd)
            {
                return(vd);
            }
            //产生新的盐
            var salt = RandomTool.CreatSafeSaltByteArray(16);

            passwordStore = passwordStoreFactory.Instance(Config.SecurityConfig);
            //更新用户生成密码哈希的安全策略
            user.PasswordDegreeOfParallelism = Config.SecurityConfig.PasswordStoreDegreeOfParallelism;
            user.PasswordHashAlgorithm       = Config.SecurityConfig.PasswordHashAlgorithm;
            user.PasswordHashIterations      = Config.SecurityConfig.PasswordHashIterations;
            user.PasswordMemorySize          = Config.SecurityConfig.PasswordStoreMemorySize;
            //更新盐
            user.Salt = salt.ByteArrayToBase64();
            //生成新的密码哈希
            user.Pwd = (passwordStore.Encryption(pwd.Base64ToByteArray(), salt, user.PasswordHashIterations)).ByteArrayToBase64();
            if (this.Config.SecurityConfig.LogNeedHmac)
            {
                //计算hmac
                user.AddMac(this.cryptographyProvider);
            }
            return(dataContext.SaveChanges() > 0);
        }
Example #2
0
        public async Task <string> LoginByPWD(String email, string pwd)
        {
            User   user;
            string tokenStr;

            if (email.Contains("@"))
            {
                user = UserService.GetUserByEmail(email);
            }
            else
            {
                user = UserService.GetUserByUserName(email);
            }
            if (user == null)
            {
                tokenStr = null;
                user     = null;
                return(null);
            }
            var passwordStore = passwordStoreFactory.Instance(user);

            if (user != null)
            {
                var result = passwordStore.VerifyPassword(user.Pwd.Base64ToByteArray(), pwd.Base64ToByteArray(), user.Salt.Base64ToByteArray(), user.PasswordHashIterations);
                if (result)
                {
                    long?tokenid = idGenerator.NextId();
                    //生成token的数据
                    var   tokenContext = TokenSerivce.GenerateTokenContext(tokenid);
                    Token myToken      = new Token
                    {
                        TokenId     = idGenerator.NextId(),
                        UserId      = user.UserId,
                        Email       = user.Email,
                        TokenStr    = tokenContext,
                        TokenType   = 0,
                        CreatedTime = DateTime.Now
                    };
                    TokenSerivce.SaveToken(myToken);
                    tokenStr = myToken.TokenStr;
                    return(tokenStr);
                }
                else
                {
                    tokenStr = "";
                    return(null);
                }
            }
            else
            {
                tokenStr = "";
                return(null);
            }
        }