public async Task <SignInResult> SignIn(string login, string password)
{
User user;
if (login.IsEmailAddress())
{
user = await database.UserRepository.FindUserByEmail(login)
?? throw new InvalidCredentialsException("Invalid login or password");
}
else
{
user = await database.UserRepository.FindUserByUsername(login)
?? throw new InvalidCredentialsException("Invalid login or password");
}
if (!user.IsActivated)
{
throw new AccountNotConfirmedException("Account has been not activated");
}
if (!hashGenerator.VerifyHash(password, user.PasswordSalt, user.PasswordHash))
{
throw new InvalidCredentialsException("Invalid login or password");
}
var token = jwtAuthorizationTokenGenerator.GenerateToken(user);
return(new SignInResult {
JwtToken = token, User = user
});
}
public async Task <User> SignIn(string email, string password)
{
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password))
{
Alertify.Push("Invalid email address or password", AlertType.Error);
return(null);
}
var user = await database.UserRepository.Find(u => u.Email.ToLower() == email.ToLower());
if (user == null)
{
Alertify.Push("Invalid email address or password", AlertType.Error);
return(null);
}
if (!user.EmailConfirmed)
{
Alertify.Push("Account is not confirmed", AlertType.Warning);
return(null);
}
if (hashGenerator.VerifyHash(password, user.PasswordHash, user.PasswordSalt))
{
return(user);
}
Alertify.Push("Invalid email address or password", AlertType.Error);
return(null);
}
public async Task <ChangePasswordResult> ChangePassword(string oldPassword, string newPassword)
{
var user = await GetCurrentUser();
if (!hashGenerator.VerifyHash(oldPassword, user.PasswordHash, user.PasswordSalt))
{
return(new ChangePasswordResult(message: "Old password is invalid"));
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
return(await database.Complete() ? new ChangePasswordResult(hasChanged: true) : null);
}
public async Task <bool> ChangePassword(string oldPassword, string newPassword)
{
var user = await GetCurrentUser();
if (!hashGenerator.VerifyHash(oldPassword, user.PasswordHash, user.PasswordSalt))
{
Alertify.Push("Old password is invalid", AlertType.Error);
return(false);
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
return(await database.Complete());
}
public async Task <GenerateChangePasswordTokenResult> GenerateChangePasswordToken(string oldPassword)
{
var user = await accountManager.GetCurrentUser() ?? throw new EntityNotFoundException("User not found");
if (!hashGenerator.VerifyHash(oldPassword, user.PasswordSalt, user.PasswordHash))
{
throw new OldPasswordInvalidException("Incorrect old password");
}
var token = await CreateToken(user.Id, TokenType.ChangePassword);
return(await database.TokenRepository.Insert(token, false)
? new GenerateChangePasswordTokenResult
{
Email = user.Email, Token = token.Code, Username = user.Username
}
: throw new DatabaseException());
}
public async Task <AuthResult> SignIn(string email, string password)
{
var user = await database.UserRepository.Find(u => u.Email.ToLower() == email.ToLower()) ?? throw new InvalidCredentialsException("Invalid email or password");
if (!UserConfirmedSpecification.Create().IsSatisfied(user))
{
throw new AccountNotConfirmedException("Account has not been activated");
}
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
if (hashGenerator.VerifyHash(password, user.PasswordHash, user.PasswordSalt))
{
var token = await jwtAuthorizationTokenGenerator.GenerateToken(user);
return(new AuthResult(token, user));
}
throw new InvalidCredentialsException("Invalid email or password");
}