public async Task <AuthResult> SignUp(string email, string password, string username)
{
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(password, passwordSalt, out saltedPasswordHash);
var user = new UserBuilder()
.SetEmail(email)
.SetUsername(username)
.SetPassword(saltedPasswordHash, passwordSalt)
.Build();
database.UserRepository.Add(user);
if (await database.Complete())
{
var registerToken = Token.Create(TokenType.Register);
user.Tokens.Add(registerToken);
if (await rolesService.AdmitRole(RoleName.User, user))
{
return(await database.Complete() ? new AuthResult(registerToken.Code, user) : null);
}
return(null);
}
return(null);
}
public async Task <bool> ResetPassword(string userId, string code, string newPassword)
{
var user = await database.UserRepository.Get(userId);
if (user == null)
{
return(false);
}
var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == code && t.TokenType == TokenType.ResetPassword);
if (resetPasswordToken == null)
{
return(false);
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
if (await database.Complete())
{
database.TokenRepository.Delete(resetPasswordToken);
return(await database.Complete());
}
return(false);
}
public async Task <bool> ResetPassword(string userId, string token, string newPassword)
{
var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.ResetPassword)
?? throw new TokenException("Token is invalid");
if (TokenExpirationSpecification.Create().IsSatisfied(resetPasswordToken))
{
throw new TokenException("Token expired", ErrorCodes.TokenExpired);
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
if (await database.Complete())
{
user.Tokens.Remove(resetPasswordToken);
return(await database.Complete());
}
return(false);
}
public async Task <SignUpResult> SignUp(string email, string password, string username)
{
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(password, passwordSalt, out saltedPasswordHash);
var user = new UserBuilder()
.SetUsername(username)
.SetEmail(email)
.SetPassword(saltedPasswordHash, passwordSalt)
.Build();
database.UserRepository.Add(user);
if (await database.Complete())
{
var registerToken = Token.Create(TokenType.Register);
database.TokenRepository.Add(registerToken);
//Logic adding user to USER role
if (await database.Complete())
{
return(new SignUpResult(registerToken.Code, user));
}
Alertify.Push("Creating register token failed", AlertType.Error);
return(null);
}
Alertify.Push("Creating account failed", AlertType.Error);
return(null);
}
public async Task <bool> ResetPassword(string email, string token, string newPassword)
{
var user = await GetAndVerifyUserByEmail(email, token);
var passwordSalt = hashGenerator.CreateSalt();
var passwordHash = hashGenerator.GenerateHash(newPassword, passwordSalt);
user.SetPassword(passwordHash, passwordSalt);
if (await database.UserRepository.Update(user))
{
return(await database.TokenRepository.Delete(user.Token));
}
throw new DatabaseException();
}
public async Task <bool> ChangePassword(string newPassword, string email, string token)
{
var user = await GetUserWithToken(email, TokenType.ChangePassword, token);
var passwordSalt = hashGenerator.CreateSalt();
var passwordHash = hashGenerator.GenerateHash(newPassword, passwordSalt);
user.SetPassword(passwordHash, passwordSalt);
if (await database.UserRepository.Update(user))
{
return(await database.TokenRepository.Delete(user.Token));
}
throw new DatabaseException();
}
public async Task <ChangePasswordResult> ChangePassword(string oldPassword, string newPassword)
{
var user = await GetCurrentUser();
if (!hashGenerator.VerifyHash(oldPassword, user.PasswordHash, user.PasswordSalt))
{
return(new ChangePasswordResult(message: "Old password is invalid"));
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
return(await database.Complete() ? new ChangePasswordResult(hasChanged: true) : null);
}
public async Task <SignUpResult> SignUp(string username, string email, string password, string serial,
int referrerId)
{
var passwordSalt = hashGenerator.CreateSalt();
var passwordHash = hashGenerator.GenerateHash(password, passwordSalt);
var user = new UserBuilder()
.SetUsername(username)
.SetEmail(email)
.SetPassword(passwordHash, passwordSalt)
.SetSerial(serial)
.SetReferrer(referrerId)
.Build();
using (var transaction = database.BeginTransaction().Transaction)
{
if (!await database.UserRepository.Insert(user))
{
throw new DatabaseException();
}
user = await database.UserRepository.FindUserByUsername(username)
?? throw new EntityNotFoundException("User not found");
var serialToAdd = Serial.Create(user.Id, serial);
var registerToken = Token.Create(TokenType.Register, user.Id);
if (!await database.SerialRepository.Insert(serialToAdd))
{
throw new DatabaseException();
}
if (!await database.TokenRepository.Insert(registerToken, false))
{
throw new DatabaseException();
}
transaction.Complete();
return(new SignUpResult {
User = user, TokenCode = registerToken.Code
});
}
}
public async Task <bool> ChangePassword(string oldPassword, string newPassword)
{
var user = await GetCurrentUser();
if (!hashGenerator.VerifyHash(oldPassword, user.PasswordHash, user.PasswordSalt))
{
Alertify.Push("Old password is invalid", AlertType.Error);
return(false);
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
return(await database.Complete());
}
public void Salt_Success()
{
var salt = hashGenerator.CreateSalt();
Assert.IsNotNull(salt);
}
