Exemple #1
0
        public async Task CreateUser(User user)
        {
            using (var connection = new MySqlConnection(ConnectionString))
            {
                await connection.OpenAsync();

                var checkQuery = "SELECT 1 FROM users WHERE Username = @Username and Password = @Password";

                var query = "INSERT INTO users (`Username`,`Password`,`Firstname`,`Lastname`)" +
                            "VALUES (@Username,@Password,@Firstname,@Lastname);";

                var passHash = PasswordHash.Generate(user.Password);
                var pass     = Encoding.UTF8.GetString(passHash.Hash);

                var command = new MySqlCommand(checkQuery, connection);
                command.Parameters.AddWithValue("@Username", user.Username);
                command.Parameters.AddWithValue("@Password", pass);

                var res = await command.ExecuteScalarAsync();

                if (res != null)
                {
                    throw new ObjectAlreadyExistsException("User with the same details already exits");
                }

                command.CommandText = query;

                await command.ExecuteNonQueryAsync();
            }
        }
        public async Task <IActionResult> SignUp(SignUpRequest request)
        {
            var cancellation = HttpContext.RequestAborted;

            var user = new UserEntity
            {
                Username     = request.Username,
                Email        = request.Email,
                PasswordHash = PasswordHash.Generate(request.Password),
                Profile      = new ProfileEntity()
            };

            try
            {
                await _dbContext.Users.AddAsync(user, cancellation);

                await _dbContext.SaveChangesAsync(cancellation);
            }
            // TODO: better handling for exceptions on duplicate usernames/emails (as mandated by indexes)
            catch (Exception ex)
            {
                return(Problem(
                           statusCode: 400,
                           title: "Error",
                           detail: ex.Message
                           ));
            }

            return(CreatedAtAction(nameof(SignIn), null));
        }
Exemple #3
0
 public AuthUserBuilder WithPasswordHash(string plaintextPassword)
 {
     if (_id is null || _username is null)
     {
         throw new InvalidOperationException("The id and username should be set (and not changed)");
     }
     return(WithPasswordHash(PasswordHash.Generate(plaintextPassword, _id, _username)));
 }
        private AuthUser BuildTestAuthUser(long id, string name, params Role[] roles)
        {
            var userId   = new UserId(id);
            var username = new Username(name);
            var hash     = PasswordHash.Generate("admin", userId, username);
            var email    = new Email($"{username}@example.com");

            return(new AuthUser(userId, username, hash, email, Clock.UtcNow(), roles.Select(r => r.Id)));
        }
Exemple #5
0
        public void ValidatePassword()
        {
            var          userId       = Guid.NewGuid().ToString();
            const string password     = "******";
            const string secretKey    = "$2a$06$DCq7YPn5Rq63x1Lad4cll.";
            var          passwordHash = new PasswordHash();

            var hash = passwordHash.Generate(userId, password, secretKey);

            passwordHash.Validate(hash, userId, password, secretKey).Should().BeTrue();
        }
        public AuthUser CreateAuthUser(IIdPool idPool, Role pendingRegistrationRole,
                                       string?name, string?email, string?plaintextPassword)
        {
            if (pendingRegistrationRole.Rolename != Role.PENDING_REGISTRATION_ROLENAME)
            {
                throw new ArgumentException("You're supposed to add the pending registration role.",
                                            nameof(pendingRegistrationRole));
            }

            var nextUserId   = new UserId(idPool.NextForUser());
            var username     = new Username(name);
            var passwordHash = PasswordHash.Generate(plaintextPassword, nextUserId, username);

            return(new AuthUser(nextUserId, username, passwordHash, new Email(email), _clock.UtcNow(),
                                new[] { pendingRegistrationRole.Id }));
        }
        public async Task RegisterNewUser(RegisterModel newUser)
        {
            Users user = _mapper.Map <Users>(newUser);

            if (!_unitOfWork.Users.FindEmail(user.Email))
            {
                user.Password = PasswordHash.Generate(user.Password);
                _unitOfWork.Users.Insert(user);
                await _unitOfWork.Users.AddAccounts(user);

                await _unitOfWork.Complete();
            }
            else
            {
                throw new CustomException(400, "Usuario ya registrado");
            }
        }
Exemple #8
0
        private void AddAuthUser(long id, string name, params long[] roleIds)
        {
            if (id >= UserDatabase.START_FOR_NEXT_IDS)
            {
                throw new InvalidOperationException("START_FOR_NEXT_IDS too low!");
            }
            var hash = PasswordHash.Generate("admin", new UserId(id), new Username(name)).ToStorage();
            var now  = SystemClock.Instance.UtcNow();

            AuthUsersTable.Add(new DbAuthUser {
                Id           = id,
                Username     = name,
                PasswordHash = hash,
                Email        = $"{name}@example.com",
                CreatedAt    = now
            });
            foreach (long roleId in roleIds)
            {
                AuthUserRolesTable.Add(new DbAuthUserRole {
                    UserId = id,
                    RoleId = roleId
                });
            }
        }