public void CreateNewAccount(MemberLoginDetails details)
{
if (_accounts.AccountExists(details.UserName))
{
throw new Exception("Account already exists");
}
string salt = _hasher.GetNewSalt();
Account account = new Account()
{
DateCreated = DateTime.Now,
UserName = details.UserName,
Password = _hasher.SaltedPassword(details.Password, salt),
Salt = salt
};
_accounts.AddAccount(account);
}
public void Authorize(string username, string sessionName, string password)
{
SessionInstance instance = _sessionRepo.GetSession(sessionName);
if (instance == null)
{
throw new Exception("Session not found!");
}
if (string.IsNullOrEmpty(instance.HashedPassword))
{
throw new Exception("Room is not secured!");
}
System.Diagnostics.Debug.Assert(!string.IsNullOrEmpty(instance.Salt));
if (_passwordService.SaltedPassword(password, instance.Salt) != instance.HashedPassword)
{
throw new Exception("Incorrect password!");
}
RegisterConnection(username, sessionName);
}
