public async Task WhenCheckingPassword_CallPasswordEncryptionService() { const string someHashedPassword = "******"; var user = new User { Username = SomeUsername, HashedPassword = someHashedPassword }; _unitOfWorkFactory.GetUnitOfWork().Users.GetByUsernameAsync(SomeUsername) .Returns(user); _passwordHashingService.VerifyPassword(someHashedPassword, SomePassword) .Returns(true); var result = await _service.CheckPasswordAsync(SomeUsername, SomePassword); result.Should().Be(user); }
public async Task <User> CheckPasswordAsync(string username, string password) { using (var uow = _unitOfWorkFactory.CreateUnitOfWork()) { var user = await uow.Users.GetByUsernameAsync(username); if (user == null) { throw new UserNotFoundException(); } if (user.HashedPassword == null) { throw new InvalidPasswordException(); } var success = _passwordHashingService.VerifyPassword(user.HashedPassword, password); if (!success) { throw new InvalidPasswordException(); } return(user); } }
public async Task <AuthenticatedUser> AuthenticateAsync(string username, string password) { var user = await context.Users.FirstOrDefaultAsync(x => x.Username == username); if (user == null) { logger.LogDebug($"Unable to find user {username}"); return(null); } var passwordMatches = passwordHashingService.VerifyPassword(password, user.PasswordHash); if (!passwordMatches) { logger.LogDebug($"Password for {username} does not match"); return(null); } var token = tokenService.GetToken(user.Id.ToString(), user.Username); return(new AuthenticatedUser(user, token)); }