public async Task <bool> AddUserAsync(string username, string password)
{
var hashedPassword = PasswordUtils.Hash(password);
var user = new User(Guid.NewGuid(), username, hashedPassword);
var userEntity = user.MapToEntity();
var result = await _usersRepository.SaveAsync(userEntity).ConfigureAwait(false);
return(result > 0);
}
public User Save(User user)
{
user.Password = PasswordUtils.Hash(user.Password);
var userToReturn = _context.Users.Add(user);
_context.SaveChanges();
return(userToReturn.Entity);
}
public User Create(string email, string password)
{
User user = new User()
{
Email = email,
PasswordHash = PasswordUtils.Hash(password)
};
_dbContext.Users.Add(user);
_dbContext.SaveChanges();
return(user);
}
public async Task <IActionResult> Register([FromBody] LoginDto model)
{
var user = new User {
CreateDate = DateTime.UtcNow,
Login = model.Username,
PasswordHash = PasswordUtils.Hash(model.Password)
};
_repository.Add(user);
await _repository.SaveChanges();
return(Ok());
}
public async Task <bool> Handle(CreateAdminCommand command, CancellationToken cancellationToken = default)
{
if (await _databaseContext.Users.AnyAsync(u => u.Username == "admin", cancellationToken))
{
return(false);
}
_databaseContext.Add(new User
{
Username = "******",
PasswordHash = PasswordUtils.Hash("changemebaby"),
Admin = true
});
await _databaseContext.SaveChangesAsync(cancellationToken);
return(true);
}
public async Task <UserDto> Handle(CreateUserCommand command, CancellationToken cancellationToken = default)
{
var user = new Domain.Models.User
{
Username = command.Username,
Email = command.Email,
Admin = command.IsAdmin,
LibraryAccessIds = command.LibraryIds ?? new List <int>(),
PasswordHash = PasswordUtils.Hash(command.Password)
};
_context.Users.Add(user);
await _context.SaveChangesAsync(cancellationToken);
_logger.LogInformation("Created user {Username}", user.Username);
return(_mapper.Map <Domain.Models.User, UserDto>(user) !);
}
public async Task <UserVm> Handle(CreateUser request, CancellationToken cancellationToken)
{
try
{
if (await _userRepository.AnyAsync(x => x.Email == request.Email))
{
throw new Exception("Email já cadastrado");
}
}
catch (Exception e)
{
}
var password = PasswordUtils.Hash(request.Password);
var user = await _userRepository.AddAsync(new User(Guid.NewGuid(), request.Name, request.Email, password, request.Picture, request.UserProfile));
return(user.ToVm());
}
public async Task <bool> Handle(UpdateUserPasswordCommand command, CancellationToken cancellationToken = default)
{
var currentUser = await _dispatcher.Dispatch(new CurrentUserQuery());
if (string.IsNullOrWhiteSpace(command.NewPassword1) || command.NewPassword1 != command.NewPassword2)
{
return(false);
}
var existingUser = await _context.Users.FirstOrDefaultAsync(u => u.Id == currentUser.Id, cancellationToken : cancellationToken);
if (existingUser == null || !PasswordUtils.Verify(command.OldPassword, existingUser.PasswordHash))
{
return(false);
}
existingUser.PasswordHash = PasswordUtils.Hash(command.NewPassword1);
existingUser.HasChangedPassword = true;
await _context.SaveChangesAsync(cancellationToken);
_logger.LogInformation("User {Username} changed password", existingUser.Username);
return(true);
}
static void ShakeAndBake(string password, int seed, int size)
{
SaltShaker shake;
SaltPair saltFirst;
SaltPair saltSecond;
SaltPair hashFirst;
SaltPair hashSecond;
bool match;
string salted;
//Start with a pass
shake = new SaltShaker(char.MinValue, char.MaxValue, size, SaltCreationModel.NonRepeatableStrong, SaltEmbeddingModel.Middle, seed);
Console.WriteLine("==========================================");
Console.WriteLine("Type A - nonRepeatable salts");
Console.WriteLine("==========================================");
Console.WriteLine("Password: "******"------------------------------------------");
Console.WriteLine("Salt: " + saltFirst.Salt.GetHashCode());
Console.WriteLine("Salted: " + saltFirst.SaltedPayload.GetHashCode());
Console.WriteLine("------------------------------------------");
shake = new SaltShaker(char.MinValue, char.MaxValue, size, SaltCreationModel.NonRepeatableStrong, SaltEmbeddingModel.Middle, seed);
saltSecond = shake.Salt(password);
salted = shake.Embed(password, saltFirst.Salt);
Console.WriteLine("Salt: " + saltSecond.Salt.GetHashCode());
Console.WriteLine("Salted: " + saltSecond.SaltedPayload.GetHashCode());
Console.WriteLine("------------------------------------------");
match = saltFirst.SaltedPayload.Equals(saltSecond.SaltedPayload);
Console.WriteLine("Matches: " + match);
match = saltFirst.SaltedPayload.Equals(salted);
Console.WriteLine("MatchesB: " + match);
salted = shake.Embed(password, saltSecond.Salt);
match = saltSecond.SaltedPayload.Equals(salted);
Console.WriteLine("MatchesC: " + match);
Console.WriteLine("==========================================");
shake = new SaltShaker(char.MinValue, char.MaxValue, size, SaltCreationModel.Repeatable, SaltEmbeddingModel.Randomized, seed);
Console.WriteLine("Type B");
Console.WriteLine("==========================================");
saltFirst = shake.Salt(password);
hashFirst = PasswordUtils.Hash(shake, password);
Console.WriteLine("------------------------------------------");
Console.WriteLine("Salt: " + saltFirst.Salt.GetHashCode());
Console.WriteLine("Salted: " + saltFirst.SaltedPayload.GetHashCode());
Console.WriteLine("Hashed: " + hashFirst.SaltedPayload.GetHashCode());
Console.WriteLine("UtilsMatch: " + PasswordUtils.Matches(shake, password, hashFirst.SaltedPayload));
Console.WriteLine("------------------------------------------");
shake = new SaltShaker(char.MinValue, char.MaxValue, size, SaltCreationModel.Repeatable, SaltEmbeddingModel.Randomized, seed);
saltSecond = shake.Salt(password);
hashSecond = PasswordUtils.Hash(shake, password);
Console.WriteLine("Salt: " + saltSecond.Salt.GetHashCode());
Console.WriteLine("Salted: " + saltSecond.SaltedPayload.GetHashCode());
Console.WriteLine("Hashed: " + hashFirst.SaltedPayload.GetHashCode());
Console.WriteLine("UtilsMatch: " + PasswordUtils.Matches(shake, password, hashSecond.SaltedPayload));
Console.WriteLine("------------------------------------------");
match = saltFirst.SaltedPayload.Equals(saltSecond.SaltedPayload);
Console.WriteLine("Matches (Pass): " + match);
match = hashFirst.SaltedPayload.Equals(hashSecond.SaltedPayload);
Console.WriteLine("Matches (Hash): " + match);
Console.WriteLine("==========================================");
}
public string GetPasswordHashed()
{
return PasswordUtils.Hash(GetPassword());
}