public async Task <IActionResult> Signup([FromBody] UserResource userRsc) { if (userRsc == null) { return(BadRequest("Invalid request")); } var suValidation = await suValidator.IsValidAsync(userRsc); if (!suValidation.Success) { return(BadRequest(suValidation.ErrorMessage)); } User newUser = this.mapper.Map <UserResource, User>(userRsc); var salt = HashGenerator.GenerateSaltBytes(); var hash = HashGenerator.GenerateSaltedHash(HashGenerator.EncodedStringToByteArray(userRsc.Password), salt); newUser.Salt = HashGenerator.ByteArrayToString(salt); newUser.Password = HashGenerator.ByteArrayToString(hash); userRepo.Create(newUser); uow.Complete(); return(Ok()); }
public async Task <IActionResult> Login([FromBody] UserResource userRsc) { if (userRsc == null) { return(BadRequest("Invalid client request")); } var dbUser = (await this.userRepo.GetAll()).FirstOrDefault(a => a.Name == userRsc.Name); if (dbUser == null) { return(BadRequest("Username not found:" + userRsc.Name)); } var userSalt = HashGenerator.StringToByteArray(dbUser.Salt); var hashPwd = HashGenerator.GenerateSaltedHash(HashGenerator.EncodedStringToByteArray(userRsc.Password), userSalt); if (HashGenerator.Compare(hashPwd, HashGenerator.StringToByteArray(dbUser.Password))) { return(Ok(new { Token = this.tokenGenetator.Generate(dbUser) })); } else { return(Unauthorized()); } }
public async Task <TokenResponse> RegisterAsync(RegistrationRequest registrationRequest) { if (await AccountRepository.ExistsWithEmailAsync(registrationRequest.Email)) { return(TokenResponse.Unauthorized()); } var passwordHash = await HashGenerator.GenerateSaltedHash(registrationRequest.Password); var account = new Account { Id = Guid.NewGuid(), Email = registrationRequest.Email, FullName = registrationRequest.FullName, RoleId = (int)UserRole.User, PasswordHash = passwordHash }; await AccountRepository.CreateAsync(account); await AccountRepository.SaveChangesAsync(); var token = JwtGenerator.GenerateToken(account.Id); return(TokenResponse.Success(token)); }
public async Task <TokenResponse> LogInAsync(AuthenticationRequest authenticationRequest) { var account = await AccountRepository.GetWithEmailAsync(authenticationRequest.Email); if (account != null) { var passwordHash = await HashGenerator.GenerateSaltedHash(authenticationRequest.Password); if (passwordHash.SequenceEqual(account.PasswordHash)) { var role = (UserRole)account.RoleId; var token = JwtGenerator.GenerateToken(account.Id, role); return(TokenResponse.Success(token)); } } return(TokenResponse.Unauthorized()); }