public UserWithTokenDto Login(UserLoginDto data) { var user = context.Users.SingleOrDefault(x => x.Username == data.Username); if (user == null) { throw new ServiceException("Invalid username or password!"); } var salt = Convert.FromBase64String(user.Salt); var hashedPassword = user.HashedPassword; string hashedIncomingPassword = Convert.ToBase64String( KeyDerivation.Pbkdf2( password: data.Password, salt: salt, prf: Algorithm, iterationCount: HashingIterationsCount, numBytesRequested: PasswordNumberOfBytes ) ); if (hashedPassword != hashedIncomingPassword) { throw new ServiceException("Invalid username or password!"); } var token = GenerateToken(user); var userWithToken = new UserWithTokenDto { Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Role = user.Role == null ? "User" : user.Role, Token = token, }; return(userWithToken); }
public UserWithTokenDto Register(UserRegisterDto data, bool admin = false) { if (data.Password != data.RepeatPassword) { throw new ServiceException("Password and Repeate Password must match"); } ; var existingUser = context.Users .SingleOrDefault(x => x.Username == data.Username); if (existingUser != null) { throw new ServiceException("User with the given name already Exists!"); } byte[] salt = new byte[SaltNumberOfBytes]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } var saltString = Convert.ToBase64String(salt); string hashedPassword = Convert.ToBase64String(KeyDerivation.Pbkdf2 ( password: data.Password, salt: salt, prf: Algorithm, iterationCount: HashingIterationsCount, numBytesRequested: PasswordNumberOfBytes ) ); var user = new User() { Username = data.Username, FirstName = data.FirstName, LastName = data.LastName, HashedPassword = hashedPassword, Salt = saltString, Role = admin ? "Admin" : "User", }; try { context.Users.Add(user); context.SaveChanges(); } catch { throw new ServiceException("Interna Error!"); } ///Creating The Personal Question Sheet Root for the user; this.questionSheetService.CreateRoot(user.Id); var token = GenerateToken(user); var userWithToken = new UserWithTokenDto { Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Role = user.Role, Token = token, }; return(userWithToken); }