public AccountService(IUserRepository userRepository, BudgetSquirrelContext context, ICryptor cryptor, GateKeeperConfig gateKeeperConfig)
{
this.userRepository = userRepository;
this.context = context;
this.cryptor = cryptor;
this.gateKeeperConfig = gateKeeperConfig;
}
public AuthService(BudgetSquirrelContext dbConext, ICryptor cryptor, GateKeeperConfig gateKeeperConfig, IHttpContextAccessor httpContextAccessor)
{
this.dbConext = dbConext;
this.cryptor = cryptor;
this.gateKeeperConfig = gateKeeperConfig;
this.httpContextAccessor = httpContextAccessor;
}
protected void ConfigureGateKeeperServices(IServiceCollection services)
{
GateKeeperConfig gateKeeperConfig = ConfigurationReader.FromAppConfiguration(Configuration);
services.AddSingleton <GateKeeperConfig>(gateKeeperConfig);
services.AddTransient <ICryptor, Rfc2898Encryptor>();
}
/// <summary>
/// Authenticates the user login. This gets the user from the repository, decrypts
/// the stored password and determines if the un-encrypted password in passwordGuess
/// is the same as the un-encrypted password from the user retrieved in the
/// repository.
/// </summary>
public static async Task <U> Authenticate <U>(string username, string passwordGuess,
IGateKeeperUserRepository <U> userRepository, ICryptor cryptor,
GateKeeperConfig gateKeeperConfig) where U : IUser
{
U user = await userRepository.GetByUsername(username);
if (user == null)
{
throw new AuthenticationException(AuthenticationException.REASON_USER_NOT_FOUND);
}
string realPassword = cryptor.Decrypt(user.Password, gateKeeperConfig.EncryptionKey, gateKeeperConfig.Salt);
if (passwordGuess != realPassword)
{
throw new AuthenticationException(AuthenticationException.REASON_WRONG_PASSWORD);
}
return(user);
}
