public static User CreateUser(ITupapiContext context, Provider provider, StandartAuthRequest request)
{
User newUser = null;
string providerName = null;
string providerId = null;
string accesstoken = null;
if (provider == Provider.Standart)
{
var salt = AuthHelper.GenerateSalt();
newUser = new User
{
Id = SequentialGuid.NewGuid(),
Name = request.Name,
Email = request.Email,
Salt = salt,
SaltedAndHashedPassword = AuthHelper.Hash(request.Password, salt)
};
providerName = Const.Standart;
providerId = newUser.Id;
}
context.Users.Add(newUser);
context.SaveChanges();
CreateAccount(context, provider, providerName, newUser.Id, providerId);
return(newUser);
}
public static void CheckPassword(User user, string password)
{
if (user.SaltedAndHashedPassword == null || user.Salt == null)
{
throw new ApiException(ApiResult.Validation, ErrorType.UserNoPassword, user.Id);
}
var pass = AuthHelper.Hash(password, user.Salt);
if (!AuthHelper.SlowEquals(pass, user.SaltedAndHashedPassword))
{
throw new ApiException(ApiResult.Denied, ErrorType.PasswordWrong, password);
}
}
