public UserModel loginUser(string username, string password)
{
DbModels.UserModel userModel = _databaseContext.Users.Single(x => x.Username == username);
// https://cmatskas.com/-net-password-hashing-using-pbkdf2/ PBKDF2 looks a little complex so I decieded against it.
// Rather use existing code rather than implement some algorihthm I don't fully undersatand.
// BCrypr is fairly good. The BCRypt .NET Core system here (https://github.com/neoKushan/BCrypt.Net-Core) does salting for us.
// Default salting is SaltRevision.Revision2B in the project.
if (BCrypt.Net.BCrypt.Verify(password, userModel.Password))
{
return(_userMapper.Map(userModel));
}
return(null);
}
public void save(UserModel userModel)
{
DbModels.UserModel dbUserModel = _databaseContext.Users.Single(x => x.UserId == userModel.Id);
if (userModel.Password != "")
{
DbModels.UserModel newDbUserModel = _userMapper.Map(userModel);
newDbUserModel.Password = dbUserModel.Password;
dbUserModel = newDbUserModel;
}
else
{
dbUserModel = _userMapper.Map(userModel);
userModel.Password = BCrypt.Net.BCrypt.HashPassword(userModel.Password);
}
_databaseContext.SaveChanges();
}
public Models.UserModel Map(DbModels.UserModel obj)
{
return(new Models.UserModel {
Id = obj.UserId, Username = obj.Username, Password = obj.Password
});
}
