public async Task <Guid> AuthenticateUser(AuthModel authModel)
{
try
{
var users = await _context.Users.ToArrayAsync();
var user = users.Single(u => u.Username == authModel.Username);
if (!PasswordTool.ValidatePassword(authModel.Password, user.Password))
{
throw new HttpStatusCodeException(StatusCodes.Status401Unauthorized, "Invalid password");
}
return(user.Id);
}
catch (HttpStatusCodeException)
{
throw;
}
catch (ArgumentNullException)
{
throw new HttpStatusCodeException(StatusCodes.Status401Unauthorized, "User not found");
}
catch (InvalidOperationException)
{
throw new HttpStatusCodeException(StatusCodes.Status401Unauthorized, "User not found");
}
catch (Exception e)
{
throw new HttpStatusCodeException(StatusCodes.Status500InternalServerError, e.Message);
}
}
public async Task <User> CreateUser(User user)
{
try
{
user.Id = Guid.NewGuid().ToString("D");
user.Password = PasswordTool.HashPassword(user.Password);
await _context.Users.AddAsync(user);
await _context.SaveChangesAsync();
user.Password = null;
return(user);
}
catch (DbUpdateException e)
{
if (e.InnerException != null && e.InnerException.Message.Contains("uplicate"))
{
throw new HttpStatusCodeException(StatusCodes.Status409Conflict, e.InnerException.Message);
}
throw new HttpStatusCodeException(StatusCodes.Status400BadRequest, e.Message);
}
catch (Exception e)
{
throw new HttpStatusCodeException(StatusCodes.Status500InternalServerError, e.Message);
}
}
static void Main(string[] args)
{
PasswordTool.SetHashToolPath("d:\\OpenLDAP\\slappasswd.exe");
var input = "123456";
var result = PasswordTool.HashPasswrod(input, "sha512");
Console.WriteLine(result);
Console.ReadKey();
}
private async Task <bool> TryAuthenticate()
{
//Read form
LoginForm data = new LoginForm();
await form.ProcessResponse(data, e);
//Authenticate
Framework.Config.DeltaAdminAccount authenticatedUser = null;
foreach (var u in Program.cfg.admin_credentials)
{
if (u.username == data.username)
{
//Check password
bool ok = PasswordTool.AuthenticateHashedPassword(data.password, Convert.FromBase64String(u.passwordHash), Convert.FromBase64String(u.passwordSalt));
if (ok)
{
authenticatedUser = u;
}
}
}
//Check if passed
if (authenticatedUser != null)
{
//Correct creds! Create a session
AdminSession session = new AdminSession
{
expiry = DateTime.UtcNow.AddMinutes(Program.cfg.general.admin_session_expire_time),
token = SecureStringTool.GenerateSecureString(24),
username = authenticatedUser.username
};
//Set session cookie
e.Response.Cookies.Append(ACCESS_TOKEN_COOKIE, session.token);
//Add to sessions
Program.admin_sessions.Add(session);
//Redirect back
string returnTo = "/";
if (e.Request.Query.ContainsKey("return"))
{
returnTo = e.Request.Query["return"];
}
Redirect(returnTo, false);
return(true);
}
else
{
//Failed
return(false);
}
}
private void CmdSuperuserAdd()
{
//Ensure session
if (!EnsureSessionExists())
{
return;
}
//Prompt username + password
string username = CLITools.PromptFormTextInput("Add Superuser - Username", "Superusers have full access to the admin control panel. Type the username.");
string password = CLITools.PromptFormTextInput("Add Superuser - Password", "Type the password to the account. This will be salted+hashed and stored locally.");
//Make sure we don't already have a user with this
foreach (var u in cfg.admin_credentials)
{
if (u.username == username)
{
CLITools.PrintText("ERROR: A user already exists with that username.", ConsoleColor.Red);
return;
}
}
//Generate
CLITools.PrintText("Generating...");
byte[] hash = PasswordTool.HashPassword(password, out byte[] salt);
//Add
cfg.admin_credentials.Add(new DeltaAdminAccount
{
username = username,
passwordSalt = Convert.ToBase64String(salt),
passwordHash = Convert.ToBase64String(hash),
addedAt = DateTime.UtcNow
});
unsaved = true;
//Ack
CLITools.PrintText($"Added user \"{username}\"!", ConsoleColor.Green);
}
private string GeneratePassword()
{
var generatedPassword = PasswordTool.Generate(PasswordConfiguration.LengthOfPassword, PasswordConfiguration.NumberOfNonAlphanumericCharacters);
return(generatedPassword);
}
