public AuthorizeModel Login(UserLoginModel userLogin)
{
var user = _userRepository.GetUserByEmail(userLogin.Email);
if (user == null)
{
throw new Exception("Invalid Credentials");
}
(_, string checkedPassword) = _hashHelper.Hash(userLogin.Password, user.Salt);
if (user.Password != checkedPassword)
{
throw new Exception("Invalid Credentials");
}
var mappedUser = new AuthorizeModel
{
Id = user.Id,
Email = user.Email,
};
mappedUser.Token = _tokenHelper.GenerateToken(user.Email, user.Id, user.Role);
return(mappedUser);
}
protected override void Seed(JobTimer.Data.Access.Identity.JIdentityDbContext context)
{
if (!context.Clients.Any())
{
context.Clients.Add(new Client
{
Id = "jobTimer",
Secret = _hashHelper.Hash(SecretKeys.Clients.JobTimer),
Name = "JobTimer",
Active = true,
AllowedOrigin = "http://jobtime.azurewebsites.net"
});
#if DEBUG
context.Clients.Add(new Client
{
Id = "jobTimerDebug",
Secret = _hashHelper.Hash(SecretKeys.Clients.JobTimerDebug),
Name = "JobTimer Debug",
Active = true,
AllowedOrigin = "*"
});
#endif
context.SaveChanges();
}
}
public AuthorizeModel Register(RegisterViewModel registerViewModel)
{
if (!new EmailAddressAttribute().IsValid(registerViewModel.UserName))
{
throw new Exception("Invalid E-mail");
}
if (!_passwordHelper.GetPasswordRegex(registerViewModel.Password))
{
throw new Exception("Invalid Credentials");
}
var user = _userRepository.GetUserByUserName(registerViewModel.UserName);
if (user != null)
{
throw new Exception("User already exists");
}
if (registerViewModel.Password != registerViewModel.ConfirmPassword)
{
throw new Exception("Invalid Credentials");
}
(string salt, string hashedPassword) = _hashHelper.Hash(registerViewModel.Password);
var createdUser = new User
{
UserName = registerViewModel.UserName,
FirstName = registerViewModel.FirstName,
LastName = registerViewModel.LastName,
Password = hashedPassword,
Salt = salt,
Balance = 1000,
Role = Role.Player
};
_userRepository.Create(createdUser);
var model = new AuthorizeModel {
Id = createdUser.Id, UserName = createdUser.UserName
};
model.Token = _tokenHelper.GenerateToken(createdUser.UserName, createdUser.Id, createdUser.Role);
return(model);
}
public void should_hash_and_verify()
{
var pw = _fixture.Create <string>();
var hashed = _sut.Hash(pw);
hashed.Should().NotBeNullOrEmpty();
hashed.Should().NotBe(pw);
_sut.Verify(hashed, pw).Should().BeTrue();
}
public IActionResult Auth([FromBody] AuthRequest authRequest)
{
var isValidRequest = String.IsNullOrEmpty(authRequest.UserName) || String.IsNullOrEmpty(authRequest.Password);
if (isValidRequest)
{
return(BadRequest());
}
var hash = _hashHelper.Hash(authRequest.Password);
var userInfo = _userRepository.GetUserInfo(authRequest.UserName, authRequest.Password);
if (userInfo == null)
{
return(Unauthorized());
}
var token = _authenticationService.GenerateJwtToken(userInfo);
return(Ok(token));
}
