API tools faq
paste
Guest User

Untitled

a guest
Apr 21st, 2018
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.33 KB | None | 0 0
raw download clone embed print report
  1. public class ServiceAuthentication : IServiceAuthentication
  2. {
  3. public readonly IUserService _userService;
  4. public ServiceAuthentication(IUserService serviceUser)
  5. {
  6. _userService = serviceUser;
  7. }
  8.  
  9. public async Task<string> Login(string login, string password)
  10. {
  11. var user = await _userService.FindByObject(new User { Login = login }, "Login");
  12.  
  13. if (user == null)
  14. return "Usuário não encontrado!";
  15.  
  16. if (!VerifyPassword(password, user.PasswordHash, user.PasswordSalt))
  17. return Messages.ERROR_AUTHENTICATED;
  18.  
  19. return CreateToken(user);
  20. }
  21.  
  22. private string CreateToken(User user)
  23. {
  24. var tokeHandler = new JwtSecurityTokenHandler();
  25. var key = System.Text.Encoding.ASCII.GetBytes("SUPER SECRET KEY");
  26.  
  27. var tokenDescriptor = new SecurityTokenDescriptor
  28. {
  29. Subject = new ClaimsIdentity(new Claim[]{
  30. new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()),
  31. new Claim(ClaimTypes.Name, user.Login)
  32. }),
  33. Expires = DateTime.Now.AddDays(1),
  34. SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature)
  35. };
  36. var token = tokeHandler.CreateToken(tokenDescriptor);
  37. var tokenString = tokeHandler.WriteToken(token);
  38. return tokenString;
  39. }
  40.  
  41. private bool VerifyPassword(string password, byte[] passwordHash, byte[] passwordSalt)
  42. {
  43. using (var hmac = new System.Security.Cryptography.HMACSHA512(passwordSalt))
  44. {
  45. var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
  46.  
  47. for (int i = 0; i <= passwordHash.Length; i++)
  48. if (passwordHash[i] != computedHash[i])
  49. return false;
  50.  
  51. return true;
  52. }
  53. }
  54.  
  55. private async Task<bool> UserExits(string login)
  56. {
  57. var user = await _userService.FindByObject(new User { Login = login }, "Login");
  58.  
  59. if (user != null)
  60. return true;
  61. return false;
  62. }
  63.  
  64. public async Task<string> Register(User user, string password)
  65. {
  66. if (await UserExits(user.Login))
  67. return "Usuário já existente";
  68.  
  69. byte[] passwordHash;
  70. byte[] passwordSalt;
  71. CreatPassword(password, out passwordHash, out passwordSalt);
  72.  
  73. user.PasswordHash = passwordHash;
  74. user.PasswordSalt = passwordSalt;
  75.  
  76. await _userService.Add(user);
  77.  
  78. return Messages.SUCCESS;
  79. }
  80.  
  81. private void CreatPassword(string password, out byte[] passwordHash, out byte[] passwordSalt)
  82. {
  83. using (var hmac = new System.Security.Cryptography.HMACSHA512())
  84. {
  85. passwordSalt = hmac.Key;
  86. passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
  87. }
  88. }
  89. }
  90.  
  91. [System.Web.Http.Route]
  92. public class AuthenticationController : Controller
  93. {
  94. private readonly IServiceAuthentication _service;
  95.  
  96. public AuthenticationController(IServiceAuthentication service)
  97. {
  98. _service = service;
  99. }
  100.  
  101. private const string SETTINGS = "AppSettings:Token";
  102. private readonly Configuration Configuration;
  103.  
  104. public AuthenticationController(Configuration configuration)
  105. {
  106. this.Configuration = configuration;
  107. }
  108. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!