public async Task <IActionResult> SignUpAsync( [FromForm] SignUpRequest request) { if (ModelState.IsValid) { var userPasswordHash = default(byte[]); var userPasswordSalt = default(byte[]); PasswordHelper.CalculatePasswordHashAndSalt(request.Password, out userPasswordHash, out userPasswordSalt); var user = (await Repository .GetAsync(x => x.Name == request.Name)) .FirstOrDefault(); if (user == null) { user = new User() { Name = request.Name, PasswordHash = userPasswordHash, PasswordSalt = userPasswordSalt, Role = UserRole.Standard }; Repository.CreateAsync(user).Wait(); return(Ok()); } } return(BadRequest(ModelState)); }
/// <summary> /// /// </summary> /// <param name="context"></param> private static void SeedUsers(EntityRepositoryContext context) { var userPasswordHash = default(byte[]); var userPasswordSalt = default(byte[]); PasswordHelper.CalculatePasswordHashAndSalt("admin", out userPasswordHash, out userPasswordSalt); context.Set <User>().Add( new User { Name = "admin", PasswordHash = userPasswordHash, PasswordSalt = userPasswordSalt, Role = UserRole.Administrator }); PasswordHelper.CalculatePasswordHashAndSalt("user", out userPasswordHash, out userPasswordSalt); context.Set <User>().Add( new User() { Name = "user", PasswordHash = userPasswordHash, PasswordSalt = userPasswordSalt, Role = UserRole.Standard }); context.SaveChanges(); }
public async Task <IActionResult> UpdatePasswordAsync( [FromForm] UpdatePasswordRequest request) { if (ModelState.IsValid) { var user = await UserService.ResolveAsync(User.Identity); if (user != null) { // Ensure the user knows their old password as well. if (UserService.TryAuthenticate( user.Name, request.Password, out user)) { var userPasswordHash = default(byte[]); var userPasswordSalt = default(byte[]); // Recalculate the password hash and salt. PasswordHelper.CalculatePasswordHashAndSalt(request.PasswordNew, out userPasswordHash, out userPasswordSalt); user.PasswordHash = userPasswordHash; user.PasswordSalt = userPasswordSalt; await UserService.Users.UpdateAsync(user); return(Ok()); } return(Unauthorized()); } // Weird authentication state... return(StatusCode(500)); } return(BadRequest(ModelState)); }