public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { var membership = await Task.Run(() => _contextService.GetContext <Membership>(context.UserName).Result); context.Result = membership.Password == _cryptographicService.ComputeHash(context.Password) ? new GrantValidationResult(context.UserName, "password") : new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Invalid credentials."); }
public bool Login(string username, string password) { var conn = GetConnection(); try { conn.Open(); var cmd = conn.CreateCommand(); cmd.CommandText = GetUserQuery; cmd.Parameters.Add(new SqlParameter("@EmailAddress", username)); using (var reader = cmd.ExecuteReader()) { if (!reader.HasRows) { return(false); } reader.Read(); var hash = reader.GetString(0); var salt = reader.GetString(1); return(hash == _cryptographicService.ComputeHash(password, salt)); } } catch (SqlException) { throw; } finally { conn.Close(); } }
public Task Handle(RegisterUserCommand message) { var membership = new Membership(new List <UserClaim>()) { ContextId = message.MembershipId, Email = message.EmailId, AccessFailCount = 0, ConfirmationToken = message.ConfirmationToken, IsEmailConfirmed = false, IsLocked = true, PasswordSalt = Guid.NewGuid().ToString(), MemberSinceDate = message.RequestedOn }; membership.Password = _cryptographicService.ComputeHash(string.Concat(message.Password, membership.PasswordSalt)); var user = new User { Id = message.Id, Username = message.Username }; membership.Claims.Add(new UserClaim(JwtClaimTypes.Email, message.EmailId)); membership.Claims.Add(new UserClaim(JwtClaimTypes.GivenName, message.Firstname)); membership.Claims.Add(new UserClaim(JwtClaimTypes.FamilyName, message.Lastname)); membership.Claims.Add(new UserClaim(JwtClaimTypes.Subject, message.Id)); user.Contexts = new List <Context> { new Context { Id = membership.ContextId, Content = JsonConvert.SerializeObject(membership), Claims = membership.Claims, Type = membership.GetType().FullName } }; _documentStore.Store(user); return(Task.CompletedTask); }
public async Task <IActionResult> Login(LoginInputViewModel viewModel) { if (!ModelState.IsValid) { return(View(new LoginViewModel(viewModel))); } Membership membership = null; try { membership = (_queryService.ExecuteQuery <GetMembershipByUsername, Membership>(new GetMembershipByUsername { Username = viewModel.Username }).Result); } catch (MemberNotFoundException) { //Let this exception pass. } catch (Exception) { //Need a way to redirect here. } var password = _cryptographicService.ComputeHash(string.Concat(viewModel.Password, membership?.PasswordSalt)); if (membership == null || password == null || membership?.Password != password || !membership.IsEmailConfirmed || membership.IsLocked) { ModelState.AddModelError("InvalidPassword", "Invalid Username/Password combination OR you are yet to confirm your email OR account is locked."); await _commandService.ExecuteCommand(new FailedSignInAttemptCommand { Username = viewModel.Username }); return(View(new LoginViewModel(viewModel))); } AuthenticationProperties props = null; if (viewModel.RememberMe) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMonths(1) }; } ; var result = await _commandService.ExecuteCommand(new SuccessfulSignInCommand { Username = viewModel.Username }); await HttpContext.SignInAsync(membership.GetClaim(JwtClaimTypes.Subject), viewModel.Username, props); return(Redirect(_interactionService.IsValidReturnUrl(viewModel.ReturnUrl) ? viewModel.ReturnUrl : "~/")); }
private bool ValidatePassword(UserAccount userAccount, string password) { var hash = _cryptographicService.ComputeHash(password, userAccount.PasswordSalt); return(hash == userAccount.PasswordHash); }