public void CreateNewAccount(MemberLoginDetails details)
        {
            if (_accounts.AccountExists(details.UserName))
            {
                throw new Exception("Account already exists");
            }

            string salt = _hasher.GetNewSalt();

            Account account = new Account()
            {
                DateCreated = DateTime.Now,
                UserName    = details.UserName,
                Password    = _hasher.SaltedPassword(details.Password, salt),
                Salt        = salt
            };

            _accounts.AddAccount(account);
        }
Exemplo n.º 2
0
        public void Authorize(string username, string sessionName, string password)
        {
            SessionInstance instance = _sessionRepo.GetSession(sessionName);

            if (instance == null)
            {
                throw new Exception("Session not found!");
            }

            if (string.IsNullOrEmpty(instance.HashedPassword))
            {
                throw new Exception("Room is not secured!");
            }

            System.Diagnostics.Debug.Assert(!string.IsNullOrEmpty(instance.Salt));

            if (_passwordService.SaltedPassword(password, instance.Salt) != instance.HashedPassword)
            {
                throw new Exception("Incorrect password!");
            }

            RegisterConnection(username, sessionName);
        }