public async Task <ActionResult <UserIdentifiedDTO> > Login([FromBody] UserLoginDTO userRegisterDTO) { string username = userRegisterDTO.Username; string password = userRegisterDTO.Password; Models.Account accountToFind = _smallPostersContext.Accounts.FirstOrDefault(a => a.Username == username); if (accountToFind == null) { return(StatusCode(StatusCodes.Status401Unauthorized)); } string passwordHash = HashPair.Generate(password, accountToFind.Salt); if (accountToFind.PasswordHash == passwordHash) { string authTokenString = HashPair.Generate(TokenGenerator.GetUniqueKey(TokenSize), accountToFind.Salt); string hashedAuthTokenString = HashPair.Generate(authTokenString, accountToFind.Salt); Models.AuthToken authToken = new Models.AuthToken(hashedAuthTokenString, accountToFind); _smallPostersContext.AuthTokens.Add(authToken); await _smallPostersContext.SaveChangesAsync(); return(new UserIdentifiedDTO { Username = username, AuthToken = authTokenString, IsAdmin = accountToFind.IsAdmin }); } else { return(StatusCode(StatusCodes.Status401Unauthorized)); } }
public ActionResult <UserIdentifiedDTO> Register([FromBody] UserRegisterDTO userRegisterDTO) { string username = userRegisterDTO.Username; string password = userRegisterDTO.Password; if (_smallPostersContext.Accounts.Any(a => a.Username == username)) { return(StatusCode(StatusCodes.Status409Conflict)); } Models.Account accountToAdd = new Models.Account(username, password, false); _smallPostersContext.Accounts.Add(accountToAdd); _smallPostersContext.SaveChanges(); string authTokenString = HashPair.Generate(TokenGenerator.GetUniqueKey(TokenSize), accountToAdd.Salt); string hashedAuthTokenString = HashPair.Generate(authTokenString, accountToAdd.Salt); Models.AuthToken authToken = new Models.AuthToken(hashedAuthTokenString, accountToAdd); _smallPostersContext.AuthTokens.Add(authToken); _smallPostersContext.SaveChanges(); return(new UserIdentifiedDTO { Username = username, AuthToken = authTokenString, IsAdmin = accountToAdd.IsAdmin }); }