public async Task <bool> ValidateCredentials(LoginCredentials credentials)
{
var sql = $@"SELECT * FROM Users
WHERE Users.UserName = @{nameof(credentials.UserName)}";
using (var conn = await GetDbConnectionAsync())
{
var result = await conn.QueryFirstOrDefaultAsync(sql, new
{
credentials.UserName
});
return(result != null && SaltedHashHelper.VerifyPasswordAgainstSaltedHash(credentials.Password, result.PasswordHash, result.PasswordSalt));
}
}
public async Task <bool> AddUser(int id, string userName, string password)
{
var hashSalt = SaltedHashHelper.GenerateSaltedHash(8, password);
var sql = $@"INSERT IGNORE INTO Users (Id, UserName, PasswordHash, PasswordSalt)
VALUES (@{nameof(id)}, @{nameof(userName)}, @{nameof(hashSalt.Hash)}, @{nameof(hashSalt.Salt)});";
using (var conn = await GetDbConnectionAsync())
{
var affectedRows = await conn.ExecuteAsync(sql, new {
id,
userName,
hashSalt.Hash,
hashSalt.Salt
});
return(affectedRows > 0);
}
}
public UserDataAccess(string connectionString)
{
this.connectionString = connectionString;
saltedHashHelper = new SaltedHashHelper();
}