public static User CreateUser(ITupapiContext context, Provider provider, StandartAuthRequest request) { User newUser = null; string providerName = null; string providerId = null; string accesstoken = null; if (provider == Provider.Standart) { var salt = AuthHelper.GenerateSalt(); newUser = new User { Id = SequentialGuid.NewGuid(), Name = request.Name, Email = request.Email, Salt = salt, SaltedAndHashedPassword = AuthHelper.Hash(request.Password, salt) }; providerName = Const.Standart; providerId = newUser.Id; } context.Users.Add(newUser); context.SaveChanges(); CreateAccount(context, provider, providerName, newUser.Id, providerId); return(newUser); }
public static void CheckPassword(User user, string password) { if (user.SaltedAndHashedPassword == null || user.Salt == null) { throw new ApiException(ApiResult.Validation, ErrorType.UserNoPassword, user.Id); } var pass = AuthHelper.Hash(password, user.Salt); if (!AuthHelper.SlowEquals(pass, user.SaltedAndHashedPassword)) { throw new ApiException(ApiResult.Denied, ErrorType.PasswordWrong, password); } }