fix user logic. password hasher is now on bcrypt
This commit is contained in:
parent
a2b58598a6
commit
ba55b692b4
@ -6,7 +6,12 @@
|
|||||||
<Nullable>enable</Nullable>
|
<Nullable>enable</Nullable>
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
|
|
||||||
|
<ItemGroup>
|
||||||
|
<Using Include="BCrypt.Net.BCrypt" Static="True"/>
|
||||||
|
</ItemGroup>
|
||||||
|
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
|
<PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
|
||||||
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
|
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
|
@ -102,19 +102,21 @@ namespace BusinessLogic.BusinessLogic
|
|||||||
return UserConverter.ToView(user);
|
return UserConverter.ToView(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
public UserViewModel Login(UserBindingModel model)
|
public UserViewModel Login(string email, string password)
|
||||||
{
|
{
|
||||||
ArgumentNullException.ThrowIfNull(model);
|
if (email is null)
|
||||||
|
{
|
||||||
var user = _userStorage.GetElement(new() { Email = model.Email });
|
throw new AccountException("Email is null");
|
||||||
|
}
|
||||||
|
var user = _userStorage.GetElement(new() { Email = email });
|
||||||
|
|
||||||
if (user is null)
|
if (user is null)
|
||||||
{
|
{
|
||||||
throw new ElementNotFoundException();
|
throw new ElementNotFoundException();
|
||||||
}
|
}
|
||||||
// Проверяем пароль
|
// Проверяем пароль
|
||||||
_validatePassword(model.Password);
|
_validatePassword(password);
|
||||||
if (PasswordHasher.Verify(model.Password, user.PasswordHash))
|
if (!PasswordHasher.Verify(password, user.PasswordHash))
|
||||||
{
|
{
|
||||||
throw new AccountException("The passwords don't match.");
|
throw new AccountException("The passwords don't match.");
|
||||||
}
|
}
|
||||||
|
@ -16,11 +16,7 @@ namespace BusinessLogic.Tools
|
|||||||
/// <returns>Хеш пароля</returns>
|
/// <returns>Хеш пароля</returns>
|
||||||
public static string Hash(string password)
|
public static string Hash(string password)
|
||||||
{
|
{
|
||||||
using (SHA256 sha256 = SHA256.Create())
|
return BCrypt.Net.BCrypt.HashPassword(password);
|
||||||
{
|
|
||||||
byte[] bytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(password));
|
|
||||||
return Convert.ToBase64String(bytes);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
@ -31,8 +27,7 @@ namespace BusinessLogic.Tools
|
|||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
public static bool Verify(string password, string passHash)
|
public static bool Verify(string password, string passHash)
|
||||||
{
|
{
|
||||||
var hash = Hash(password);
|
return BCrypt.Net.BCrypt.Verify(password, passHash);
|
||||||
return hash == passHash;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user