public AuthenticationResultDto AttemptAuthentication(string Username, string Password, System.Net.IPAddress clientIP)
{
AuthenticationResultDto result = new AuthenticationResultDto();
bool success = false;
var user = _userRepository.GetQuery().Where(x => x.Username == Username).FirstOrDefault();
if (user == null)
{
result.ErrorMessage = "Invalid username";
}
else
{
if (user.DeactivatedAt == null)
{
success = _cipherService.SHA256HashMatches(Password, user.Salt, user.PasswordHash);
if (!success)
{
result.ErrorMessage = "Invalid password";
}
}
else
{
result.ErrorMessage = "This user account is inactive. Contact an administrator.";
}
}
_nhSession.Save(new AuthenticationAttempt()
{
OccurredAt = DateTime.UtcNow,
Username = Username,
WasSuccessful = success,
ClientIP = clientIP.ToString()
});
result.User = _mapper.Map <User, UserDto>(user);
return(result);
}