public async Task AddUser(UserRegistrationDTO model)
{
model.DynamicSalt = GenerateSalt.GetDinamicSalt();
model.PassHash = SHA256Encrypt.getHashSha256WithSalt(model.Password, model.DynamicSalt);
var user = _mapper.Map <UserRegistrationDTO, User>(model);
await _uow.UserRepos.AddUser(user);
await CommitAsync();
}
public async Task <string> GeneratePasswordResetTokenAsync(UserDTO model)
{
model.VerifyCodeForResetPass = SHA256Encrypt.getHashSha256(model.Email);
var user = _mapper.Map <UserDTO, User>(model);
await _uow.UserRepos.Update(user);
await CommitAsync();
return(model.VerifyCodeForResetPass);
}
public async Task <IActionResult> Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
var user = await _userService.FindUserByEmail(model.Email);
if (user != null && SHA256Encrypt.checkHashSha256(model.Password, user.PassHash, user.DynamicSalt))
{
await Authenticate(user);
return(RedirectToAction("Profile", "Profile"));
}
ModelState.AddModelError("", "Некорректные логин и(или) пароль");
}
return(View(model));
}
public async Task <bool> ResetPasswordAsync(UserDTO user, string token, string newPassword)
{
if (token == user.VerifyCodeForResetPass)
{
var map = _mapper.Map <UserDTO, User>(user);
map.PassHash = SHA256Encrypt.getHashSha256WithSalt(newPassword, user.DynamicSalt);
await _uow.UserRepos.ResetPassword(map);
await CommitAsync();
return(true);
}
else
{
return(false);
}
}
private string GenerateAccessToken(string id)
{
//threadid+time encrypt with sha256 for accesstoken
string accesstoeknkey = Thread.CurrentThread.ManagedThreadId.ToString() + DateTime.Now.Ticks.ToString();
string AccessToken = SHA256Encrypt.EncryptText(accesstoeknkey).Replace("-", string.Empty);
//sso session write into db
DAO dao = new DAO();
dao.InsertSSOSession(sso.idx, accesstoeknkey, DateTime.Now, AccessToken);
//delete expired ssosession
dao = new DAO();
dao.DeleteSSOSession(_accessTokenExpiredMins);
return(AccessToken);
}
