private void VerifyLoginCredentials(string password, string hash, string salt) { var isPasswordVerified = PasswordEncryptionUtilities.VerifyPassword(password, hash, salt); if (!isPasswordVerified) { throw new ValidationException("Invalid credentials"); } }
async Task AndGivenCreatedDefaultAccountsInDatabase() { var fakerGenerator = new FakerGenerator(); var hashSalt = PasswordEncryptionUtilities.GenerateSaltedHash("Password12345"); var myUserAccountData = fakerGenerator.GetUserAccountDataFakerGenerator() .RuleFor(x => x.Id, Guid.Parse("042d748c-9cef-4a5a-92bd-3fd9a4a0e499")) .RuleFor(x => x.Salt, hashSalt.Salt) .RuleFor(x => x.Hash, hashSalt.Hash) .Generate(); var otherUser = fakerGenerator.GetUserAccountDataFakerGenerator().Generate(); _context.UserAccountsData.AddRange(myUserAccountData, otherUser); await _context.SaveChangesAsync(); // Multi accounts var otherMultiAccount = new UserMultiAccount ( id: Guid.NewGuid(), userAccountDataId: otherUser.Id, sponsorId: null, multiAccountName: "otherMultiAccountName" ); otherMultiAccount.SetReflink("FIRST_REFLINK"); otherMultiAccount.SetAsMainAccount(); var myMultiAccount1 = new UserMultiAccount ( id: Guid.NewGuid(), userAccountDataId: myUserAccountData.Id, sponsorId: null, multiAccountName: "myMultiAccount1" ); var myMultiAccount2 = new UserMultiAccount ( id: Guid.NewGuid(), userAccountDataId: myUserAccountData.Id, sponsorId: null, multiAccountName: "myMultiAccount2" ); var myMultiAccount3 = new UserMultiAccount ( id: Guid.NewGuid(), userAccountDataId: myUserAccountData.Id, sponsorId: null, multiAccountName: "myMultiAccount3" ); _context.UserMultiAccounts.AddRange(otherMultiAccount, myMultiAccount1, myMultiAccount2, myMultiAccount3); await _context.SaveChangesAsync(); }
public string GenerateReflink() { var random = new Random(DateTime.Now.Ticks.GetHashCode()); var randomStrings = new string(Enumerable.Repeat(Chars, Length).Select(s => s[random.Next(s.Length)]).ToArray()); var hashSalt = PasswordEncryptionUtilities.GenerateSaltedHash(randomStrings); var hash = hashSalt.Hash.Substring(0, Math.Min(hashSalt.Hash.Length, Length)); return(hash); }
async Task AndGivenCreatedUserAccountInDatabase() { var fakerGenerator = new FakerGenerator(); var hashSalt = PasswordEncryptionUtilities.GenerateSaltedHash(TestPassword); var myUserAccountData = fakerGenerator.GetUserAccountDataFakerGenerator() .RuleFor(x => x.Id, f => Guid.Parse("042d748c-9cef-4a5a-92bd-3fd9a4a0e499")) .RuleFor(x => x.Login, f => TestLogin) .RuleFor(x => x.Hash, hashSalt.Hash) .RuleFor(x => x.Salt, hashSalt.Salt) .Generate(); _context.UserAccountsData.Add(myUserAccountData); await _context.SaveChangesAsync(); }
public async Task <Guid> Handle(RegisterCommand request, CancellationToken cancellationToken) { var user = _mapper.Map <User>(request); var hashSalt = PasswordEncryptionUtilities.GenerateSaltedHash(request.Password); user.Salt = hashSalt.Salt; user.Hash = hashSalt.Hash; await _shoppingListDbContext.Users.AddAsync(user, cancellationToken); await _shoppingListDbContext.SaveChangesAsync(cancellationToken); return(user.Id); }
public async Task <Guid> Handle(RegisterNewUserAccountCommand command, CancellationToken cancellationToken = default(CancellationToken)) { await ValidateForUniqueness(command); var sponsorId = await GetSponsorId(command); var hashSalt = PasswordEncryptionUtilities.GenerateSaltedHash(command.Password); var userAccountData = new UserAccountData ( id: Guid.NewGuid(), email: command.Email, login: command.Login, firstName: command.FirstName, lastName: command.LastName, street: command.Street, city: command.City, zipCode: command.ZipCode, country: command.Country, btcWalletAddress: command.BtcWalletAddress, role: UserRolesHelper.User ); userAccountData.SetPassword(hashSalt.Salt, hashSalt.Hash); await _context.Set <UserAccountData>().AddAsync(userAccountData); await _context.SaveChangesAsync(); // TODO: Event that user was created: eventhandler should create new multiaccount for him var userMultiAccount = new UserMultiAccount ( id: Guid.NewGuid(), userAccountDataId: userAccountData.Id, sponsorId: sponsorId, multiAccountName: userAccountData.Login ); userMultiAccount.SetAsMainAccount(); await _userMultiAccountRepository.CreateAsync(userMultiAccount); return(userAccountData.Id); }
public async Task <string> Handle(LoginCommand request, CancellationToken cancellationToken) { var user = await _shoppingListDbContext.Users.FirstOrDefaultAsync(x => x.Email == request.Email && !x.IsDeleted, cancellationToken); if (user == null) { //TODO: Custom Exception types would be nice throw new Exception("Invalid credentials"); } var isPasswordMatched = PasswordEncryptionUtilities.VerifyPassword(request.Password, user.Hash, user.Salt); if (!isPasswordMatched) { throw new Exception("Invalid credentials"); } var tokenString = CreateTokenString(request.Email); return(tokenString); }