public async Task <string> AuthenticateAsync(string username, string password) { if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password) || username.Length < 4 || password.Length < 8) { throw new UsernameOrPasswordInvalidException(); } var user = await _userRepository.Get(data => data.Username == username); var singleUser = user?.FirstOrDefault(); if (singleUser == null) { throw new UsernameOrPasswordInvalidException(); } var hash = _cryptographicService.GenerateHash(password, singleUser.PasswordSalt); if (hash != singleUser.PasswordHash) { throw new UsernameOrPasswordInvalidException(); } var token = CreateJwtToken(singleUser.Id.ToString(), DateTime.Now.AddMinutes(30)); return(token); }
public void CryptographicService_GenerateHash_HandlesNullOrEmptyPassword(string password) { const string salt = "c3RyaW5n"; string result = null; Assert.DoesNotThrow(() => result = _cryptographicService.GenerateHash(password, salt)); Assert.AreEqual(null, result); }