public void TestVerifyPasswordHashNullOrEmptyPassword() { byte[] passwordHash = new byte[0]; byte[] passwordSalt = new byte[0]; string nullPassword = null; var result = authenticationHelper.VerifyPasswordHash(nullPassword, passwordHash, passwordSalt); Assert.IsFalse(result); string emptyPassword = ""; result = authenticationHelper.VerifyPasswordHash(emptyPassword, passwordHash, passwordSalt); Assert.IsFalse(result); }
public IActionResult Login([FromBody] LoginForm model) { try { LoginUser user = _log.Login(model.UserNameInput); if (user == null) { return(Unauthorized()); } // check if password is correct if (!_authHelper.VerifyPasswordHash(model.PasswordInput, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { user = user.UserInfo, token = _authHelper.GenerateToken(user) })); } catch (Exception e) { return(BadRequest(e.Message)); } }
public ActionResult <string> Login([FromBody] LoginDTO dto) { try { User user = _userService.GetAllUsers(null).List.FirstOrDefault(u => u.Email == dto.Email); if (user == null) { return(Unauthorized()); } if (!user.IsApproved) { return(Unauthorized()); } if (!_authenticationHelper.VerifyPasswordHash(dto.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // For now only return the token. return(Ok(new { token = _tokenManager.GenerateJwtToken(user) })); } catch (Exception e) { return(BadRequest(e.Message)); } }
public IActionResult Login([FromBody] LoginInputModel model) { var user = userService.ReadUsers().FirstOrDefault(u => u.Email == model.Email); // check if username exists if (user == null) { return(Unauthorized()); } // check if password is correct if (!authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { id = user.ID, email = user.Email, token = authenticationHelper.GenerateToken(user), isAdmin = user.IsAdmin })); }
public IActionResult Login([FromBody] LoginUserModel model) { var user = _userRepo.GetUser().FirstOrDefault(u => u.Name == model.Username); // check if username exists if (user == null) { return(Unauthorized()); } // check if password is correct if (!_authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { id = user.Id, username = user.Name, role = user.UserType.ToString(), token = _authenticationHelper.GenerateToken(user) })); }
public string AuthenticateUser(LoginInputModel loginInputModel) { _loginInputModelValidator.DefaultValidation(loginInputModel); var user = FindUser(loginInputModel.Username); if (!_authenticationHelper.VerifyPasswordHash(loginInputModel.Password, user.PasswordHash, user.PasswordSalt)) { throw new ArgumentException("Invalid password."); } return(_authenticationHelper.GenerateToken(user)); }
public User ValidateUser(LoginInputModel loginInputModel) { User user = _userRepository.ReadAll().FirstOrDefault(u => u.Username == loginInputModel.Username); if (user == null) { throw new NullReferenceException("Invalid User"); } if (!_authenticationHelper.VerifyPasswordHash(loginInputModel.Password, user.PasswordHash, user.PasswordSalt)) { throw new ArgumentException("Invalid Password"); } return(user); }
public String ValidateUser(Tuple <string, string> attemptToLogin) { //Checks if the user is valid, first, otherwise it's gonna return invalid and checks the first item, which is the username. var user = CheckForValidUser(attemptToLogin.Item1); //Next, if there's no verified hashed and salted password, which is equal to the password of the login, //it's gonna throw an exception. if (!_authentication.VerifyPasswordHash(attemptToLogin.Item2, user.PasswordHash, user.PasswordSalt)) { throw new ArgumentException("Invalid password"); } var claims = SetUpClaims(user); //Generate refresh token and save it for user. return(_authentication.GenerateToken(claims)); }
public IActionResult Login([FromBody] LoginInputModel loginmodel) { var user = userRepository.GetAll().FirstOrDefault(u => u.Username == loginmodel.Username); if (user == null) { return(Unauthorized()); } if (!authenticationHelper.VerifyPasswordHash(loginmodel.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } return(Ok(new { username = user.Username, token = authenticationHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = userService.GetUserByEmail(model.Username); if (user == null) { return(Unauthorized()); } if (!authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } user.PasswordSalt = user.PasswordHash = null; return(Ok(new { User = user, token = authenticationHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _userService.GetAllUsers().FirstOrDefault(u => u.Username == model.Username); if (user == null) { return(Unauthorized()); } if (!_authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } return(Ok(new { username = user.Username, token = _authenticationHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _userRepo.GetAll().FirstOrDefault(u => u.Username == model.Username); // check if username exists if (user == null) { return(Unauthorized()); } if (!_authenHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { username = user.Username, token = _authenHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _log.Login(model.Username); // check if username exists if (user == null) { return(Unauthorized()); } // check if password is correct if (!authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { username = user.Username, token = authenticationHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _userService.getUsers().FirstOrDefault(u => u.Username == model.Username); //Cheking if user exists if (user == null) { return(Unauthorized()); } //Chek if pass is correct if (!_authHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } //Authentication successfull return(Ok(new { username = user.Username, token = _authHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginModel model) { var user = repository.GetAllUsers().FirstOrDefault(u => u.UserName == model.Username); // check if username exists if (user == null) { return(Unauthorized()); } // check if password is correct if (!authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { username = user.UserName, token = authenticationHelper.GenerateToken(user) })); }
public User Validate(LoginInputModel loginInput) { if (loginInput == null) { throw new ArgumentNullException("LoginInput cannot be null"); } else if (string.IsNullOrEmpty(loginInput.Username)) { throw new ArgumentException("You need to specify a Username for the LoginInput"); } else if (string.IsNullOrEmpty(loginInput.Password)) { throw new ArgumentException("You need to specify a Password for the LoginInput"); } User user = _userRepository.Read(loginInput.Username); if (_authenticationHelper.VerifyPasswordHash(loginInput.Password, user.PasswordHash, user.PasswordSalt) == false) { throw new ArgumentException("The Password does not match the User's StoredPassword"); } return(user); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _userService.GetUserFromLoginInput(model); // check if username exists if (user == null) { return(Unauthorized("Login fejlede. Tjek venligst at brugernavn og adgangskode er korrekt.")); } // check if password is correct if (!_authHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized("Login fejlede. Tjek venligst at brugernavn og adgangskode er korrekt.")); } // Authentication successful return(Ok(new { username = user.Username, token = _authHelper.GenerateToken(user) })); }
public IActionResult Login([FromBody] LoginInputModel model) { var user = _userRepository.ReadUsers().FirstOrDefault(p => p.Username == model.Username); // check if username exists if (user == null) { return(Unauthorized()); } // check if password is correct if (!_authenticationHelper.VerifyPasswordHash(model.Password, user.PasswordHash, user.PasswordSalt)) { return(Unauthorized()); } // Authentication successful return(Ok(new { username = user.Username, isAdmin = user.IsAdmin, token = _authenticationHelper.GenerateToken(user) })); }
public bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt) { return(_authenticationHelper.VerifyPasswordHash(password, storedHash, storedSalt)); }
public AuthenticateUserResponse Authenticate(string emailAddress, string password) { AuthenticateUserResponse response = new AuthenticateUserResponse(); _logger.LogInformation($"Authenticating user with email: {emailAddress}"); if (string.IsNullOrEmpty(emailAddress) || string.IsNullOrEmpty(password)) { response.ResponseStatus.SetError(ResponseStatusCode.BAD_REQUEST, Constants.AuthenticateUserMessages.InvalidCredentials); return(response); } User user = null; try { user = _userRepository.GetByEmailAddress(emailAddress); } catch (Exception e) { _logger.LogError(e.ToString()); response.ResponseStatus.SetError(ResponseStatusCode.INTERNAL_SERVER_ERROR, e.ToString()); return(response); } if (user is null) { response.ResponseStatus.SetError(ResponseStatusCode.UNAUTHORIZED, Constants.AuthenticateUserMessages.InvalidCredentials); return(response); } try { bool passwordIsCorrect = _authenticationHelper.VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt); if (!passwordIsCorrect) { response.ResponseStatus.SetError(ResponseStatusCode.UNAUTHORIZED, Constants.AuthenticateUserMessages.InvalidCredentials); return(response); } } catch (Exception e) { _logger.LogError(e.ToString()); response.ResponseStatus.SetError(ResponseStatusCode.INTERNAL_SERVER_ERROR, e.ToString()); return(response); } string tokenString = _jwtHelper.GenerateJWT(user.UserId, ConfigurationsHelper.JWTSecret); if (string.IsNullOrEmpty(tokenString)) { response.ResponseStatus.SetError(ResponseStatusCode.INTERNAL_SERVER_ERROR, Constants.AuthenticateUserMessages.FailedToGenerateJWT); return(response); } _logger.LogInformation("Successfully authenticated user"); UserDto userDto = _mapper.Map <UserDto>(user); response.ResponseStatus.SetOk(); response.UserDto = userDto; response.Token = tokenString; return(response); }