/// <summary>
/// Checks wether the login info matches the given credentials
/// </summary>
/// <param name="loginModel"></param>
public static bool Authenticate(Loginmodel loginModel)
{
try
{
// 01. Check if the user exists
var _user = Get(loginModel.CredentialName);
if (_user == null)
{
throw new UserNotFoundException(loginModel.CredentialName);
}
var encrypted = SecurityExtensions.Encrypt(loginModel.Password + _user.Salt);
if (_user.Password == encrypted)
{
DAL_Users.SetAuthenticatedUser(_user.Id);
return(true);
}
else
{
return(false);
}
}
catch (Exception)
{
throw;
}
}
/// <summary>
/// the method where we change the password of the user
/// </summary>
/// <param name="user"></param>
/// <param name="pwd"></param>
public static Users ChangePassword(Users user, string pwd)
{
try
{
if (string.IsNullOrWhiteSpace(pwd))
{
pwd = StringExtensions.GetRandomString(8);
}
var _salt = SecurityExtensions.GetSalt();
var _encryptedPwd = SecurityExtensions.Encrypt(pwd + _salt.ToString());
user.Salt = _salt.ToString();
user.Password = _encryptedPwd;
return(user);
}
catch (Exception)
{
throw;
}
}