darkstack/LaDOSE
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Ordering files

Browse Source
This commit is contained in:
Darkstack
2018-10-06 13:05:38 +02:00
parent f670cd78a8
commit d3cdc93c14
11 changed files with 89 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
LaDOSE.Src/LaDOSE.Service/Interface/IUserService.cs Normal file
View File

@@ -0,0 +1,15 @@
using System.Collections.Generic;
using LaDOSE.Entity;
namespace LaDOSE.Business.Interface
{
public interface IUserService
{
ApplicationUser Authenticate(string username, string password);
IEnumerable<ApplicationUser> GetAll();
ApplicationUser GetById(int id);
ApplicationUser Create(ApplicationUser user, string password);
void Update(ApplicationUser user, string password = null);
void Delete(int id);
}
}

13
LaDOSE.Src/LaDOSE.Service/LaDOSE.Business.csproj Normal file
View File

@@ -0,0 +1,13 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>netcoreapp2.0</TargetFramework>
<AssemblyName>LaDOSE.Business</AssemblyName>
<RootNamespace>LaDOSE.Business</RootNamespace>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="..\LaDOSE.Entity\LaDOSE.Entity.csproj" />
</ItemGroup>
</Project>

145
LaDOSE.Src/LaDOSE.Service/Service/UserService.cs Normal file
View File

@@ -0,0 +1,145 @@
using System;
using System.Collections.Generic;
using System.Linq;
using LaDOSE.Business.Interface;
using LaDOSE.Entity;
using LaDOSE.Entity.Context;
namespace LaDOSE.Business.Service
{
public class UserService : IUserService
{
private LaDOSEDbContext _context;
public UserService(LaDOSEDbContext context)
{
_context = context;
}
public ApplicationUser Authenticate(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
return null;
var user = _context.ApplicationUser.SingleOrDefault(x => x.Username == username);
// check if username exists
if (user == null)
return null;
// check if password is correct
if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))
return null;
// authentication successful
return user;
}
public IEnumerable<ApplicationUser> GetAll()
{
return _context.ApplicationUser;
}
public ApplicationUser GetById(int id)
{
return _context.ApplicationUser.Find(id);
}
public ApplicationUser Create(ApplicationUser user, string password)
{
// validation
if (string.IsNullOrWhiteSpace(password))
throw new Exception("Password is required");
if (_context.ApplicationUser.Any(x => x.Username == user.Username))
throw new Exception("Username \"" + user.Username + "\" is already taken");
byte[] passwordHash, passwordSalt;
CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
_context.ApplicationUser.Add(user);
_context.SaveChanges();
return user;
}
public void Update(ApplicationUser userParam, string password = null)
{
var user = _context.ApplicationUser.Find(userParam.Id);
if (user == null)
throw new Exception("User not found");
if (userParam.Username != user.Username)
{
// username has changed so check if the new username is already taken
if (_context.ApplicationUser.Any(x => x.Username == userParam.Username))
throw new Exception("Username " + userParam.Username + " is already taken");
}
// update user properties
user.FirstName = userParam.FirstName;
user.LastName = userParam.LastName;
user.Username = userParam.Username;
// update password if it was entered
if (!string.IsNullOrWhiteSpace(password))
{
byte[] passwordHash, passwordSalt;
CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
}
_context.ApplicationUser.Update(user);
_context.SaveChanges();
}
public void Delete(int id)
{
var user = _context.ApplicationUser.Find(id);
if (user != null)
{
_context.ApplicationUser.Remove(user);
_context.SaveChanges();
}
}
// private helper methods
private static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
{
if (password == null) throw new ArgumentNullException("password");
if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
using (var hmac = new System.Security.Cryptography.HMACSHA512())
{
passwordSalt = hmac.Key;
passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
}
}
private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
{
if (password == null) throw new ArgumentNullException("password");
if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");
if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");
using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))
{
var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != storedHash[i]) return false;
}
}
return true;
}
}
}