public ActionResult <string> GenerateHash()
{
var pass = Request.Query["password"];
var salt = Request.Query["salt"];
return(PasswordHasher.GeneratePasswordHash(pass, salt));
}
public async Task <ActionResult <UserAuthResponse> > ChangePassword([FromBody] UserChangePassword ucp)
{
var ua = await dbHelper.GetUserAuthAsync(ucp.Username);
if (ua != null)
{
var oldValid = PasswordHasher.IsEqual(ua.PasswordHash, ua.PasswordSalt, ucp.OldPassword);
if (oldValid)
{
var newPasswordHash = PasswordHasher.GeneratePasswordHash(ucp.NewPassword, ua.PasswordSalt);
var resp = await dbHelper.ChangePasswordAsync(ua.UserId, newPasswordHash);
return(new UserAuthResponse
{
IsSuccess = resp.IsSuccess,
Message = resp.Message
});
}
else
{
return(new UserAuthResponse
{
IsSuccess = false,
Message = "Old password doesn't match"
});
}
}
return(new UserAuthResponse
{
IsSuccess = false,
Message = "User not authenticated"
});
}
public async Task <ActionResult <string> > AddUser([FromBody] UserInit user)
{
var exist = await dbHelper.IsUsernameExistAsync(user.Username);
if (!exist)
{
var passwordSalt = Guid.NewGuid().ToString("N").ToUpper();
var passwordHash = PasswordHasher.GeneratePasswordHash(user.Password, passwordSalt);
var r = await dbHelper.AddUserAsync(user.Username, passwordHash, passwordSalt, user.Email, user.Role);
return(r.Message);
}
else
{
return($"Username '{user.Username}' already exist. Choose another one");
}
}
