public bool RegisterUser(ref User user)
{
if (user.TotpToken == null)
{
_logger.LogInformation("TOTP token has not been generated.");
return(false);
}
if (!VerifyPassword(user.Password))
{
_logger.LogInformation("Password verification failed.");
return(false);
}
if (!VerifyUsername(user.Username))
{
_logger.LogInformation("Username verification failed.");
return(false);
}
user.PasswordHash = Pbkdf2Password.PasswordToHash(user.Password);
user.Uuid = SecureGuid.CreateSecureRfc4122Guid();
_database.AddUser(user);
_emailSender.SendRegisterEmail(user);
return(true);
}
public bool LoginUser(ref User user)
{
User valUser;
if (user.Username != null)
{
valUser = _database.GetUser(user.Username);
}
else if (user.Uuid != Guid.Empty)
{
valUser = _database.GetUser(user.Uuid);
}
else
{
_logger.LogInformation("Both username and uuid is null.");
return(false);
}
if (user.Password.Length > 64)
{
_logger.LogInformation("Password exceeds permitted length.");
return(false);
}
var randomBytes = new byte[48];
RandomNumberGenerator.Fill(randomBytes);
if (valUser == null)
{
_logger.LogInformation("Username does not exist.");
Pbkdf2Password.CheckPasswordHash(randomBytes, "blahblahblah123");
return(false);
}
if (!Pbkdf2Password.CheckPasswordHash(valUser.PasswordHash, user.Password))
{
_logger.LogInformation("Password is incorrect.");
return(false);
}
user = valUser;
user.Password = null;
return(true);
}
public bool ChangePassword(User user, string newPassword)
{
if (!LoginUser(ref user))
{
_logger.LogInformation("User verification failed.");
return(false);
}
if (!VerifyPassword(newPassword))
{
_logger.LogInformation("Password verification failed.");
return(false);
}
user.PasswordHash = Pbkdf2Password.PasswordToHash(newPassword);
_database.ChangePassword(user);
_emailSender.SendChangePasswordEmail(user);
return(true);
}
public bool ResetPassword(ref User user, string token)
{
var oauthUser = _oauthProvider.VerifyUserFromOauthToken(token, OauthActionEnum.Reset);
if (oauthUser == null)
{
_logger.LogInformation("Oauth handler rejected token");
return(false);
}
var userNameUser = _database.GetUser(user.Username);
if (userNameUser == null)
{
_logger.LogInformation("Username provided does not map to an account.");
return(false);
}
if (userNameUser.Email != oauthUser.Email)
{
_logger.LogInformation("Attempting to reset incorrect account.");
return(false);
}
if (!VerifyPassword(user.Password))
{
_logger.LogInformation("Password verification failed.");
return(false);
}
user.PasswordHash = Pbkdf2Password.PasswordToHash(user.Password);
user.Uuid = userNameUser.Uuid;
_database.ChangePassword(user);
_emailSender.SendChangePasswordEmail(user);
return(true);
}
