public static string CypherHeader(DrawWarsUser user)
{
var result = new SessionHeader();
byte[] idCypher;
using (var aes = Aes.Create())
{
result.IV = aes.IV;
var encryptor = aes.CreateEncryptor(Key, result.IV);
using (var ms = new MemoryStream())
{
using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
using (var sw = new StreamWriter(cs))
{
sw.Write(user.Id.ToString());
}
idCypher = ms.ToArray();
}
}
result.UserId = Convert.ToBase64String(idCypher);
var jsonHeader = JsonConvert.SerializeObject(result);
var headerValue = Encoding.UTF8.GetBytes(jsonHeader);
return(Convert.ToBase64String(headerValue));
}
public object Register([FromBody] LoginModel input)
{
if (string.IsNullOrWhiteSpace(input.Email) ||
string.IsNullOrWhiteSpace(input.Password) ||
_userRepository.GetByUsername(input.Email) != null
)
{
throw new Exception("User already exists.");
}
var newUser = new DrawWarsUser()
{
Username = input.Email,
PassHash = CryptoUtils.HashPassword(input.Password)
};
var user = _userRepository.Create(newUser);
SetAuthHeader(user);
return(new { Email = user.Username, user.Id });
}
private void SetAuthHeader(DrawWarsUser user)
{
Response.Headers.Add("x-drawwars-auth", CryptoUtils.CypherHeader(user));
}
