public UserModel loginUser(string username, string password) { DbModels.UserModel userModel = _databaseContext.Users.Single(x => x.Username == username); // https://cmatskas.com/-net-password-hashing-using-pbkdf2/ PBKDF2 looks a little complex so I decieded against it. // Rather use existing code rather than implement some algorihthm I don't fully undersatand. // BCrypr is fairly good. The BCRypt .NET Core system here (https://github.com/neoKushan/BCrypt.Net-Core) does salting for us. // Default salting is SaltRevision.Revision2B in the project. if (BCrypt.Net.BCrypt.Verify(password, userModel.Password)) { return(_userMapper.Map(userModel)); } return(null); }
public void save(UserModel userModel) { DbModels.UserModel dbUserModel = _databaseContext.Users.Single(x => x.UserId == userModel.Id); if (userModel.Password != "") { DbModels.UserModel newDbUserModel = _userMapper.Map(userModel); newDbUserModel.Password = dbUserModel.Password; dbUserModel = newDbUserModel; } else { dbUserModel = _userMapper.Map(userModel); userModel.Password = BCrypt.Net.BCrypt.HashPassword(userModel.Password); } _databaseContext.SaveChanges(); }
public Models.UserModel Map(DbModels.UserModel obj) { return(new Models.UserModel { Id = obj.UserId, Username = obj.Username, Password = obj.Password }); }