public async Task <IActionResult> ChangePassword([FromBody] Authenticate user) { if (user == null) { return(BadRequest(StaticVar.MessageNotFound)); } //get user from DB UserTest dbUser = await _serviceUserTest.GetByIDAsync(user.Code).ConfigureAwait(false); if (dbUser == null) { return(BadRequest(StaticVar.MessageNotFound)); } //kiểm tra password cũ có đúng không if (CustomPasswordHasher.VerifyPassword(dbUser.Password, user.OldPassword)) { var passwordHashed = CustomPasswordHasher.HashPassword(user.Password); //đúng thì cho đổi password BsonDocument objBSON = new BsonDocument { { "Password", passwordHashed } }; await _serviceUserTest.UpdateCustomizeFieldByIdAsync(dbUser.Id, objBSON); return(Ok("Đổi password thành công")); } else { //sai thì báo lỗi return(BadRequest("User hoặc mật khẩu cũ không hợp lệ")); } }
public async Task <ServiceResponse <GetUserDto> > AuthenticateUser(AuthenticateUserDto authUser) { ServiceResponse <GetUserDto> serviceResponse = new ServiceResponse <GetUserDto>(); try { User user = await(from u in _context.Users where u.Name == authUser.Email select u).FirstOrDefaultAsync(); //if (user == null || !BC.Verify(authUser.Password, user.Password)) if (user == null || !customPasswordHasher.VerifyPassword(user.PasswordHash, authUser.Password)) { serviceResponse.Data = null; serviceResponse.Success = false; serviceResponse.Message = "Wrong user and/or password"; } else { serviceResponse.Data = _mapper.Map <GetUserDto>(user); serviceResponse.Message = "JWT Token goes here!"; } } catch (System.Exception ex) { serviceResponse.Success = false; serviceResponse.Message = ex.Message; } return(serviceResponse); }
//!customPasswordHasher.VerifyPassword(user.PasswordHash, authUser.Password) private bool VerifyPasswordHash(string password, string hash) { if (!customPasswordHasher.VerifyPassword(hash, password)) { return(false); } else { return(true); } }
private async Task <string> LoginUser(string userID, string clearPassword) { if (string.IsNullOrEmpty(clearPassword)) { clearPassword = string.Empty; } UserTest user = await _serviceUserTest.GetByIDAsync(userID).ConfigureAwait(false);// lstUser.SingleOrDefault(x => x.Code == userID); //Xác thực User, nếu chưa đăng ký thì trả về false if (user == null || !CustomPasswordHasher.VerifyPassword(user.Password, clearPassword)) { return(string.Empty); } return(GenerateToken(user)); }
public async Task <ActionResult> Index(UserLoginModel userLoginModel) { if (ModelState.IsValid) { var user = await db.ApplicationUsers .AsNoTracking() .Where(a => a.UserName.ToUpper() == userLoginModel.UserName.ToUpper()) .FirstOrDefaultAsync() .ConfigureAwait(false); if (user == null) { ModelState.AddModelError(string.Empty, "Invalid User."); return(View(userLoginModel)); } CustomPasswordHasher customPasswordHasher = new CustomPasswordHasher(); if (!customPasswordHasher.VerifyPassword(user.Password, userLoginModel.Password)) { ModelState.AddModelError(string.Empty, "Invalid Password."); return(View(userLoginModel)); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim("FullName", user.FullName) }; var claimsIdentity = new ClaimsIdentity(claims, "ApplicationCookie"); var context = Request.GetOwinContext(); var authManager = context.Authentication; authManager.SignIn(new AuthenticationProperties { IsPersistent = false }, claimsIdentity); return(RedirectToAction("Index", "Home")); } return(View(userLoginModel)); }