public IActionResult Post([FromBody] UserLoginAttempt loginAttempt)
{
if (!ModelState.IsValid)
{
BadRequest(ModelState);
}
if (PasswordChecker.PasswordIsValid(loginAttempt))
{
var userAccountManager = new UserAccountManager();
var userAccount = userAccountManager.GetByUserName(loginAttempt.UserName);
var lastLogin = userAccount.LastLogin;
userAccount.LastLogin = DateTime.UtcNow;
userAccountManager.Update(userAccount);
var timeSpan = userAccount.LastLogin - lastLogin;
return(Ok($"Last successful login: {timeSpan.Days} days, {timeSpan.Hours} hours, {timeSpan.Minutes} minutes, and {timeSpan.Seconds} seconds."));
}
else
{
return(Unauthorized());
}
}
public static bool PasswordIsValid(UserLoginAttempt loginAttempt)
{
var userManager = new UserAccountManager();
var userAccount = userManager.GetByUserName(loginAttempt.UserName);
if (userAccount == null)
{
return(false);
}
var loginPasswordWithUsersSalt = PasswordHasher.AppendSaltToPassword(Encoding.UTF8.GetBytes(loginAttempt.Password), Convert.FromBase64String(userAccount.Salt));
var loginAttemptHash = PasswordHasher.HashByteArray(loginPasswordWithUsersSalt);
return(Convert.FromBase64String(userAccount.PasswordHash).SequenceEqual(loginAttemptHash));
}