public User Authenticate(string userName, string password)
{
if ((String.IsNullOrWhiteSpace(userName)) || (String.IsNullOrWhiteSpace(password)))
{
return(null);
}
using (var context = new RelayContext())
{
var user = context.Users.SingleOrDefault(u => u.UserName == userName);
if (user == null || IsUserLockedOut(user))
{
return(null);
}
var passwordInformation = new PasswordInformation
{
Hash = user.Password,
Salt = user.Salt,
Iterations = user.Iterations,
};
if (_passwordHash.ValidatePassword(Encoding.UTF8.GetBytes(password), passwordInformation))
{
if (user.FailedLoginAttempts.HasValue || user.LastFailedLoginAttempt.HasValue)
{
// login was successful, so reset potential previous failed attempts
UnlockUser(context, user);
}
return(new User()
{
UserName = user.UserName,
Id = user.Id,
CreationDate = user.CreationDate,
});
}
// We found a user, but validation failed, so record this failed attempt
RecordFailedLoginAttempt(context, user);
return(null);
}
}
public User Authenticate(string userName, string password)
{
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password))
{
return(null);
}
DbUser user;
using (var context = new RelayContext())
{
user = context.Users.SingleOrDefault(u => u.UserName == userName);
if (user == null)
{
return(null);
}
}
var passwordInformation = new PasswordInformation
{
Hash = user.Password,
Salt = user.Salt,
Iterations = user.Iterations
};
if (_passwordHash.ValidatePassword(Encoding.UTF8.GetBytes(password), passwordInformation))
{
return(new User
{
UserName = user.UserName,
Id = user.Id,
CreationDate = user.CreationDate
});
}
return(null);
}
public bool Authenticate(string userName, string password, out Guid linkId)
{
linkId = Guid.Empty;
using (var context = new RelayContext())
{
byte[] passwordBytes;
try
{
passwordBytes = Convert.FromBase64String(password);
}
catch
{
return(false);
}
var link = context.Links.Where(p => p.UserName == userName).Select(p => new
{
p.Id,
p.Password,
p.Iterations,
p.Salt
}).FirstOrDefault();
if (link == null)
{
return(false);
}
var passwordInformation = new PasswordInformation
{
Hash = link.Password,
Iterations = link.Iterations,
Salt = link.Salt
};
var cacheKey = userName + "/" + password;
PasswordInformation previousInfo;
lock (_successfullyValidatedUsernamesAndPasswords)
{
_successfullyValidatedUsernamesAndPasswords.TryGetValue(cacheKey, out previousInfo);
}
// found in cache (NOTE: cache only contains successfully validated passwords to prevent DOS attacks!)
if (previousInfo != null)
{
if (previousInfo.Hash == passwordInformation.Hash &&
previousInfo.Iterations == passwordInformation.Iterations &&
previousInfo.Salt == passwordInformation.Salt)
{
linkId = link.Id;
return(true);
}
}
// ELSE: calculate and cache
if (!_passwordHash.ValidatePassword(passwordBytes, passwordInformation))
{
return(false);
}
lock (_successfullyValidatedUsernamesAndPasswords)
{
{
_successfullyValidatedUsernamesAndPasswords[cacheKey] = passwordInformation;
}
}
linkId = link.Id;
return(true);
}
}
