public async Task <User> Register(User user, string password) { byte[] passwordSalt; byte[] passwordHash; PasswordHashSalt.CreatePasswordHashSalt(password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; await context.Users.AddAsync(user); await context.SaveChangesAsync(); return(user); }
public async Task <User> Login(string username, string password) { var user = await context.Users.FirstOrDefaultAsync(x => x.Username == username); if (user == null) { return(null); } if (!PasswordHashSalt.VerificationPasswordHash(password, user.PasswordHash, user.PasswordSalt)) { return(null); } return(user); }
public void GetPasswordHash(string Password, out PasswordHashSalt passwordhashSalt) { byte[] Salt = new byte[_saltSize]; var provider = new RNGCryptoServiceProvider(); provider.GetNonZeroBytes(Salt); var rfc2898DeriveBytes = new Rfc2898DeriveBytes(Password, Salt, iterationCount); PasswordHashSalt salt = new PasswordHashSalt() { passwordSalt = Salt, password = rfc2898DeriveBytes.GetBytes(_hashSize) }; passwordhashSalt = salt; }
public async Task CreateAsync_Should_Add_User_CorrectlyAsync(string username, string email, string password, PasswordHashSalt passwordHashSalt, string apiKey) { var user = default(UserModel); _apiKeyGenerator.GenerateNewApiKey().Returns(apiKey); _userRepository.IsUsernameExistAsync(username).Returns(false); _userRepository.IsEmailExistAsync(email).Returns(false); _passwordManager.GeneratePassword(password).Returns(passwordHashSalt); _userRepository.When(x => x.AddUserAsync(Arg.Any <UserModel>())).Do(x => user = (UserModel)x[0]); await _userServiceInstance.CreateAsync(username, password, email); Assert.IsNotNull(user); Assert.AreEqual(username, user.Username); Assert.AreEqual(email, user.Email); Assert.AreEqual(passwordHashSalt.PasswordHash, user.PasswordHash); Assert.AreEqual(passwordHashSalt.Salt, user.Salt); Assert.That(DateTime.UtcNow, Is.EqualTo(user.Created).Within(1).Seconds); Assert.That(DateTime.UtcNow, Is.EqualTo(user.Updated).Within(1).Seconds); Assert.AreEqual(apiKey, user.ApiKey); }
public void Seedusers() { if (!context.Users.Any()) { var userData = File.ReadAllText("Data/UserSeedData.json"); var users = JsonConvert.DeserializeObject <List <User> >(userData); foreach (var user in users) { byte[] passwordSalt; byte[] passwordHash; PasswordHashSalt.CreatePasswordHashSalt("password", out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; user.Username = user.Username.ToLower(); context.Users.Add(user); } context.SaveChanges(); } }