Exemple #1
0
        public IActionResult Login(CredentialsModel credentials)
        {
            UserModel user = usersLogic.GetUserByCredentials(credentials);

            if (user == null)
            {
                return(Unauthorized("incorrect username or password"));
            }

            user.JwtToken = jwtHelper.GetWjtToken(user.Username, user.Role);

            user          = (UserModel)user.Clone();
            user.Password = null;

            return(Ok(user));
        }
Exemple #2
0
        public UserModel GetUserByCredentials(CredentialsModel credentialsModel)
        {
            UserModel userToCheck = new UserModel(DB.Users.SingleOrDefault(p => p.Username == credentialsModel.Username));

            if (credentialsModel.Password == userToCheck.Password)
            {
                return(userToCheck);
            }

            credentialsModel.Password = Convert.ToBase64String(KeyDerivation.Pbkdf2(
                                                                   password: credentialsModel.Password,
                                                                   salt: Convert.FromBase64String(userToCheck.Salt),
                                                                   prf: KeyDerivationPrf.HMACSHA1,
                                                                   iterationCount: 10000,
                                                                   numBytesRequested: 256 / 8));

            if (credentialsModel.Password == userToCheck.Password)
            {
                return(userToCheck);
            }


            return(null);
        }