public UserWithTokenDto Login(UserLoginDto data)
{
var user = context.Users.SingleOrDefault(x => x.Username == data.Username);
if (user == null)
{
throw new ServiceException("Invalid username or password!");
}
var salt = Convert.FromBase64String(user.Salt);
var hashedPassword = user.HashedPassword;
string hashedIncomingPassword = Convert.ToBase64String(
KeyDerivation.Pbkdf2(
password: data.Password,
salt: salt,
prf: Algorithm,
iterationCount: HashingIterationsCount,
numBytesRequested: PasswordNumberOfBytes
)
);
if (hashedPassword != hashedIncomingPassword)
{
throw new ServiceException("Invalid username or password!");
}
var token = GenerateToken(user);
var userWithToken = new UserWithTokenDto
{
Username = user.Username,
FirstName = user.FirstName,
LastName = user.LastName,
Role = user.Role == null ? "User" : user.Role,
Token = token,
};
return(userWithToken);
}
public UserWithTokenDto Register(UserRegisterDto data, bool admin = false)
{
if (data.Password != data.RepeatPassword)
{
throw new ServiceException("Password and Repeate Password must match");
}
;
var existingUser = context.Users
.SingleOrDefault(x => x.Username == data.Username);
if (existingUser != null)
{
throw new ServiceException("User with the given name already Exists!");
}
byte[] salt = new byte[SaltNumberOfBytes];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(salt);
}
var saltString = Convert.ToBase64String(salt);
string hashedPassword = Convert.ToBase64String(KeyDerivation.Pbkdf2
(
password: data.Password,
salt: salt,
prf: Algorithm,
iterationCount: HashingIterationsCount,
numBytesRequested: PasswordNumberOfBytes
)
);
var user = new User()
{
Username = data.Username,
FirstName = data.FirstName,
LastName = data.LastName,
HashedPassword = hashedPassword,
Salt = saltString,
Role = admin ? "Admin" : "User",
};
try
{
context.Users.Add(user);
context.SaveChanges();
}
catch
{
throw new ServiceException("Interna Error!");
}
///Creating The Personal Question Sheet Root for the user;
this.questionSheetService.CreateRoot(user.Id);
var token = GenerateToken(user);
var userWithToken = new UserWithTokenDto
{
Username = user.Username,
FirstName = user.FirstName,
LastName = user.LastName,
Role = user.Role,
Token = token,
};
return(userWithToken);
}
