public bool RegisterUser(ref User user) { if (user.TotpToken == null) { _logger.LogInformation("TOTP token has not been generated."); return(false); } if (!VerifyPassword(user.Password)) { _logger.LogInformation("Password verification failed."); return(false); } if (!VerifyUsername(user.Username)) { _logger.LogInformation("Username verification failed."); return(false); } user.PasswordHash = Pbkdf2Password.PasswordToHash(user.Password); user.Uuid = SecureGuid.CreateSecureRfc4122Guid(); _database.AddUser(user); _emailSender.SendRegisterEmail(user); return(true); }
public bool ChangePassword(User user, string newPassword) { if (!LoginUser(ref user)) { _logger.LogInformation("User verification failed."); return(false); } if (!VerifyPassword(newPassword)) { _logger.LogInformation("Password verification failed."); return(false); } user.PasswordHash = Pbkdf2Password.PasswordToHash(newPassword); _database.ChangePassword(user); _emailSender.SendChangePasswordEmail(user); return(true); }
public bool ResetPassword(ref User user, string token) { var oauthUser = _oauthProvider.VerifyUserFromOauthToken(token, OauthActionEnum.Reset); if (oauthUser == null) { _logger.LogInformation("Oauth handler rejected token"); return(false); } var userNameUser = _database.GetUser(user.Username); if (userNameUser == null) { _logger.LogInformation("Username provided does not map to an account."); return(false); } if (userNameUser.Email != oauthUser.Email) { _logger.LogInformation("Attempting to reset incorrect account."); return(false); } if (!VerifyPassword(user.Password)) { _logger.LogInformation("Password verification failed."); return(false); } user.PasswordHash = Pbkdf2Password.PasswordToHash(user.Password); user.Uuid = userNameUser.Uuid; _database.ChangePassword(user); _emailSender.SendChangePasswordEmail(user); return(true); }