Exemple #1
0
        public async Task <string> LoginAsync(LoginAccount command)
        {
            var loginOrEmailHash = _hashManager.CalculateDataHash(command.LoginOrEmail);

            var user = await _context.Users.GetByEmail(loginOrEmailHash)
                       .Select(x => new { x.PasswordHash, x.Salt, x.Role, x.Id, x.IsActive })
                       .AsNoTracking().SingleOrDefaultAsync();

            if (user == null)
            {
                user = await _context.Users.GetByLogin(loginOrEmailHash)
                       .Select(x => new { x.PasswordHash, x.Salt, x.Role, x.Id, x.IsActive })
                       .AsNoTracking().SingleOrDefaultAsync();
            }

            if (user == null)
            {
                throw new CorruptedOperationException("Invalid credentials.");
            }

            if (_hashManager.VerifyPasswordHash(command.Password, user.PasswordHash, user.Salt) == false)
            {
                throw new CorruptedOperationException("Invalid credentials.");
            }

            return(await _jwtHandler.CreateTokenAsync(user.Id, user.Role));
        }
Exemple #2
0
        public async Task <IActionResult> LoginAsync([FromBody] LoginRequest request)
        {
            var userFromDatabase = _userRepository.GetUserByUsername(request.Username);

            if (userFromDatabase == null)
            {
                return(Unauthorized());
            }

            var passHash = _encrypter.GetHash(request.Password, userFromDatabase.PasswordSalt);

            if (passHash != userFromDatabase.PasswordHash)
            {
                return(Unauthorized());
            }

            var token = await _jwtHandler.CreateTokenAsync(request.Username);

            return(Json(token));
        }