public Task <Response> Handle(RegisterInputModel message) { var response = new Response(); if (_db.Users.Any(x => x.Username == message.Username)) { response.AddError("username", $"Username {message.Username} already in use"); } if (!response.HasErrors) { var salt = Guid.NewGuid().ToString(); var user = new User { Username = message.Username, FirstName = message.Firstname, LastName = message.Lastname, Registered = DateTime.UtcNow, Credential = new Credential { Username = message.Username, PasswordHash = StringHelpers.ComputeHash(message.Password, salt), Salt = salt, IsActive = true }, Roles = new List <Role> { new Visitor() } }; try { _unitOfWork.AddOrAttach(user); _unitOfWork.Commit(); } catch (Exception e) { response.AddError("", e.Message); } } return(Task.FromResult(response)); }
public async Task <Response> Handle(LoginInputModel message) { var response = Response.Empty(); var user = _db.Users.FirstOrDefault(x => x.Credential.Username == message.Username); if (user != null && user.Credential.PasswordHash == StringHelpers.ComputeHash(message.Password, user.Credential.Salt)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Username) }; foreach (var role in user.Roles) { claims.Add(new Claim(ClaimTypes.Role, role.Name)); } await _httpContext.HttpContext.Authentication.SignInAsync(Application.AuthScheme, new ClaimsPrincipal(new ClaimsIdentity(claims, "form"))); try { user.LastLogin = DateTime.UtcNow; _unitOfWork.AddOrAttach(user); await _unitOfWork.Commit(); } catch (Exception e) { // log // we will allow user to login and just log why last login date couldn't be saved } } else { response.AddMessage("", "User doesn't exists or wrong password", ResponseMessageType.Error); } return(response); }