public IActionResult Register(User user) { byte[] salt = new byte[128 / 8]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } user.Salt = salt; user.Password = LoginCredential.GetHashedPassword(user.Password, salt); var resposne = _userRepository.Create(user); return(Ok(resposne)); }
private User AuthenticateUser(LoginCredential login) { User user = null; user = _userRepository.getUserByEmail(login.EmailOrUsername); if (user == null) { user = _userRepository.getUserByUsername(login.EmailOrUsername); } if (user != null && user.Password == LoginCredential.GetHashedPassword(login.Password, user.Salt)) { return(user); } else { return(null); } }