예제 #1
0
        internal Authentication ValidateAndGet(String email, String password)
        {
            if (password == null)
            {
                throw Error.InvalidUser.Throw();
            }

            var user = GetByEmail(email);

            if (user == null)
            {
                throw Error.InvalidUser.Throw();
            }

            var validPass = Crypt.Check(password, user.Password);
            var validCode = user.TFAPassword && IsValid(user.TFASecret, password);

            if (!validPass && !validCode)
            {
                throw Error.InvalidUser.Throw();
            }

            if (!user.Control.ActiveOrAllowedPeriod())
            {
                throw Error.DisabledUser.Throw();
            }

            return(new Authentication(user, validCode));
        }
예제 #2
0
 public Boolean VerifyPassword(User user, String password)
 {
     return(password != null &&
            Crypt.Check(password, user.Password));
 }