private void VerifyLoginCredentials(string password, string hash, string salt) { var isPasswordVerified = PasswordEncryptionUtilities.VerifyPassword(password, hash, salt); if (!isPasswordVerified) { throw new ValidationException("Invalid credentials"); } }
public async Task <string> Handle(LoginCommand request, CancellationToken cancellationToken) { var user = await _shoppingListDbContext.Users.FirstOrDefaultAsync(x => x.Email == request.Email && !x.IsDeleted, cancellationToken); if (user == null) { //TODO: Custom Exception types would be nice throw new Exception("Invalid credentials"); } var isPasswordMatched = PasswordEncryptionUtilities.VerifyPassword(request.Password, user.Hash, user.Salt); if (!isPasswordMatched) { throw new Exception("Invalid credentials"); } var tokenString = CreateTokenString(request.Email); return(tokenString); }