public async Task <string> AuthenticateAsync(string username, string password)
{
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password) || username.Length < 4 || password.Length < 8)
{
throw new UsernameOrPasswordInvalidException();
}
var user = await _userRepository.Get(data => data.Username == username);
var singleUser = user?.FirstOrDefault();
if (singleUser == null)
{
throw new UsernameOrPasswordInvalidException();
}
var hash = _cryptographicService.GenerateHash(password, singleUser.PasswordSalt);
if (hash != singleUser.PasswordHash)
{
throw new UsernameOrPasswordInvalidException();
}
var token = CreateJwtToken(singleUser.Id.ToString(), DateTime.Now.AddMinutes(30));
return(token);
}
public void CryptographicService_GenerateHash_HandlesNullOrEmptyPassword(string password)
{
const string salt = "c3RyaW5n";
string result = null;
Assert.DoesNotThrow(() => result = _cryptographicService.GenerateHash(password, salt));
Assert.AreEqual(null, result);
}
