public void CreateAccount(AccountRegistration accountRegistration) { var user = new User(UserId.New, accountRegistration.FullName); _userRepository.CreateUser(user); SaltedHash passwordHash = new Hasher().Hash(accountRegistration.Password.ToString()); _accountRepository.CreateAccount(new Account(AccountId.New, accountRegistration.Username, new AccountRoles()), passwordHash, user.Id); }
public LoginAttemptResult Authenticate(Username username, Password password) { Contract.Ensures(Contract.Result<LoginAttemptResult>().Succeeded == false || Contract.Result<LoginAttemptResult>().Account != null); Account account = _accountRepository.FindAccount(username); if (account == null) { return LoginAttemptResult.UsernameNotFound(); } SaltedHash accountPasswordHash = _accountRepository.GetAccountPassword(account.AccountId); bool passwordMatches = new Hasher().Matches(password.ToString(), accountPasswordHash); if (!passwordMatches) { int failedLoginAttemptCount = _accountRepository.IncrementFailedLoginAttemptCount(account.AccountId); return LoginAttemptResult.IncorrectPassword(failedLoginAttemptCount); } return LoginAttemptResult.Success(account); }