private void VerifyLoginCredentials(string password, string hash, string salt)
{
var isPasswordVerified = PasswordEncryptionUtilities.VerifyPassword(password, hash, salt);
if (!isPasswordVerified)
{
throw new ValidationException("Invalid credentials");
}
}
public async Task <string> Handle(LoginCommand request, CancellationToken cancellationToken)
{
var user = await _shoppingListDbContext.Users.FirstOrDefaultAsync(x => x.Email == request.Email && !x.IsDeleted, cancellationToken);
if (user == null)
{
//TODO: Custom Exception types would be nice
throw new Exception("Invalid credentials");
}
var isPasswordMatched = PasswordEncryptionUtilities.VerifyPassword(request.Password, user.Hash, user.Salt);
if (!isPasswordMatched)
{
throw new Exception("Invalid credentials");
}
var tokenString = CreateTokenString(request.Email);
return(tokenString);
}
