public static string CypherHeader(DrawWarsUser user) { var result = new SessionHeader(); byte[] idCypher; using (var aes = Aes.Create()) { result.IV = aes.IV; var encryptor = aes.CreateEncryptor(Key, result.IV); using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write)) using (var sw = new StreamWriter(cs)) { sw.Write(user.Id.ToString()); } idCypher = ms.ToArray(); } } result.UserId = Convert.ToBase64String(idCypher); var jsonHeader = JsonConvert.SerializeObject(result); var headerValue = Encoding.UTF8.GetBytes(jsonHeader); return(Convert.ToBase64String(headerValue)); }
public object Register([FromBody] LoginModel input) { if (string.IsNullOrWhiteSpace(input.Email) || string.IsNullOrWhiteSpace(input.Password) || _userRepository.GetByUsername(input.Email) != null ) { throw new Exception("User already exists."); } var newUser = new DrawWarsUser() { Username = input.Email, PassHash = CryptoUtils.HashPassword(input.Password) }; var user = _userRepository.Create(newUser); SetAuthHeader(user); return(new { Email = user.Username, user.Id }); }
private void SetAuthHeader(DrawWarsUser user) { Response.Headers.Add("x-drawwars-auth", CryptoUtils.CypherHeader(user)); }