public User LoginUser(AddGetUserDTO addGetUserDTO) { bool IsBreaking = IsSqlInjection(addGetUserDTO.Login) || IsSqlInjection(addGetUserDTO.Password); this.UserRepository = new UserRepository(IsBreaking); User user = UserRepository?.Get(addGetUserDTO.Login); if (user == null) { return(null); } //byte[] inputedPasshordHash = GetPasswordHash(addGetUserDTO.Password + user.NotSalt); //byte[] inputedPasshordHash = //if (inputedPasshordHash.SequenceEqual(user.Password)) if (VerifyHash(addGetUserDTO.Password, user.NotSalt, user.Password)) { user.EmailStr = GetPersonalDataFromHash(user.Email); return(user); } else { return(null); } }
public int?RegisterUser(AddGetUserDTO addGetUserDTO) { bool IsBreaking = IsSqlInjection(addGetUserDTO.Login) || IsSqlInjection(addGetUserDTO.Password) || IsSqlInjection(addGetUserDTO.Email); this.UserRepository = new UserRepository(IsBreaking); User user = (User)addGetUserDTO; user.NotSalt = CreateSalt(); //user.NotSalt = Guid.NewGuid().ToString(); //user.Password = GetPasswordHash(addGetUserDTO.Password + user.NotSalt); user.Password = HashPassword(addGetUserDTO.Password, user.NotSalt); user.Email = GetPersonalDataHash(addGetUserDTO.Email); return(UserRepository?.Create(user)); }
public IActionResult Login(string login, string password) { if (string.IsNullOrEmpty(login) || string.IsNullOrEmpty(password)) { return(BadRequest()); } AddGetUserDTO userDTO = new AddGetUserDTO() { Login = login, Password = password }; User loginedUser = UserManager.LoginUser(userDTO); if (loginedUser != null) { return(Ok("Logined user id: " + loginedUser.Id + " | email: " + loginedUser.EmailStr)); } else { return(BadRequest()); } }
public IActionResult Register(string login, string password, string email) { if (string.IsNullOrEmpty(login) || string.IsNullOrEmpty(password) || string.IsNullOrEmpty(email)) { return(BadRequest()); } AddGetUserDTO userDTO = new AddGetUserDTO() { Login = login, Password = password, Email = email }; int?newUserId = UserManager.RegisterUser(userDTO); if (newUserId != null) { return(Ok("New user id: " + newUserId)); } else { return(BadRequest()); } }