public string SignIn([FromBody] SignInModel model) { if (model == null) { throw new ArgumentNullException(nameof(model)); } ModelState.Validate(); var user = _userRepository.Find(new { login = model.Username }); if (user != null && !user.Locked) { string password, salt; _userRepository.GetPasswordAndSalt(user.Id, out password, out salt); var verified = _saltedHash.VerifyHashString(model.Password, password, salt); if (verified) { var organization = _organizationRepository.Get(user.OrganizationId); if (organization != null && !organization.Locked) { var roles = _memberRepository.Roles(user.Id, true); return(_tokenProvider.CreateToken(user, organization, roles.ToArray())); } } } throw new PawnshopApplicationException("Имя пользователя или пароль указан не верно"); }
public bool IsValidLogin(String userName, String password) { try { bool PasswordMatch = false; /*_________________________________________________________________________ * Compare the user's hash and salt with the password entered. * _________________________________________________________________________*/ SystemUser systemUser = GetSystemUser(userName); if (systemUser != null && systemUser.Hash != null && systemUser.Salt != null) { SaltedHash SH = new SaltedHash(); System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); string dbHash = encoding.GetString(systemUser.Hash); string dbSalt = encoding.GetString(systemUser.Salt); PasswordMatch = SH.VerifyHashString(password, dbHash, dbSalt); } else { PasswordMatch = false; } return(PasswordMatch); } catch (Exception ex) { ExceptionModel.SaveException(ex.Message, System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString(), System.Reflection.MethodInfo.GetCurrentMethod().Name); return(false); } }
public bool TryAuthenticate(string userName, string password, out IUserAuth userAuth) { userAuth = GetUserAuthByUserName(userName); if (userAuth == null) { return(false); } var saltedHash = new SaltedHash(); return(saltedHash.VerifyHashString(password, userAuth.PasswordHash, userAuth.Salt)); }
public bool TryAuthenticate(string userName, string password, out IUserAuth userAuth) { //userId = null; userAuth = GetUserAuthByUserName(userName); if (userAuth == null) { return(false); } var saltedHash = new SaltedHash(); if (saltedHash.VerifyHashString(password, userAuth.PasswordHash, userAuth.Salt)) { //userId = userAuth.Id.ToString(CultureInfo.InvariantCulture); return(true); } userAuth = null; return(false); }
public ActionResult ChangePassword_Update(UserUpdatePassword model) { if (string.IsNullOrEmpty(model.CurrentPassword)) { return JsonError("Current password is empty"); } if (string.IsNullOrEmpty(model.NewPassword)) { return JsonError("New password is empty"); } if (string.IsNullOrEmpty(model.NewPassword)) { return JsonError("New password (x2) is empty"); } var user = User_GetByID(AuthenticatedUserID); // check old password var PasswordHasher = new SaltedHash(); if (PasswordHasher.VerifyHashString(model.CurrentPassword, user.PasswordHash, user.Salt)) { if (model.NewPassword == model.NewPassword2) { var p = PasswordGenerate(model.NewPassword); user.PasswordHash = p.Id; user.Salt = p.Name; Db.Update<ABUserAuth>(user); } else { return JsonError("New password is not same"); } } else { return JsonError("Current password is not correct"); } return JsonSuccess("", "Password updated"); }
public bool TryAuthenticate(string userName, string password, out IUserAuth userAuth) { //userId = null; userAuth = GetUserAuthByUserName(userName); if (userAuth == null) return false; var saltedHash = new SaltedHash(); if (saltedHash.VerifyHashString(password, userAuth.PasswordHash, userAuth.Salt)) { //userId = userAuth.Id.ToString(CultureInfo.InvariantCulture); return true; } userAuth = null; return false; }
public static bool AuthenticateUser(string userName, string password) { Core.Database.User dbUser = GetByUsernameInternal(userName).FirstOrDefault(); if (dbUser == null) return false; if (dbUser.IsEncrypted) { SaltedHash hash = new SaltedHash(); return hash.VerifyHashString(password, dbUser.Password, dbUser.Salt); } else { return (string.Compare(password, dbUser.Password, false) == 0); } }