Updated User model, Updated Password encryption to use a BCrypt implementation, Updated UserStoreContext #23, #24, #33
This commit is contained in:
@@ -42,7 +42,7 @@ namespace Icarus.Controllers
|
||||
Console.WriteLine($"Password: {user.Password}");
|
||||
|
||||
PasswordEncryption pe = new PasswordEncryption();
|
||||
user = pe.HashPassword(user);
|
||||
user.Password = pe.HashPassword(user);
|
||||
Console.WriteLine($"Hashed Password: {user.Password}");
|
||||
|
||||
UserStoreContext context = HttpContext.RequestServices
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using System;
|
||||
using System.Security.Cryptography;
|
||||
|
||||
using BCrypt.Net;
|
||||
using Microsoft.AspNetCore.Cryptography.KeyDerivation;
|
||||
|
||||
using Icarus.Models;
|
||||
@@ -22,22 +23,19 @@ namespace Icarus.Controllers.Utilities
|
||||
|
||||
|
||||
#region Methods
|
||||
public User HashPassword(User user)
|
||||
public string HashPassword(User user)
|
||||
{
|
||||
try
|
||||
{
|
||||
var userSalt = GenerateSalt();
|
||||
var userHash = GenerateHash(user.Password, userSalt);
|
||||
string hashedPassword = string.Empty;
|
||||
hashedPassword = BCrypt.Net.BCrypt.HashPassword(user.Password);
|
||||
|
||||
user.Password = userHash;
|
||||
user.Salt = userSalt;
|
||||
return hashedPassword;
|
||||
|
||||
return user;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
var exMsg = ex.Message;
|
||||
Console.WriteLine($"An error occurred {exMsg}");
|
||||
}
|
||||
|
||||
return null;
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="BCrypt.Net-Next" Version="3.1.3" />
|
||||
<PackageReference Include="DotNetZip" Version="1.13.3" />
|
||||
<PackageReference Include="EntityFramework" Version="6.2.0" />
|
||||
<PackageReference Include="ID3" Version="0.6.0" />
|
||||
|
||||
@@ -33,16 +33,17 @@ namespace Icarus.Models.Context
|
||||
using (MySqlConnection conn = GetConnection())
|
||||
{
|
||||
conn.Open();
|
||||
string query = "INSERT INTO Users(Username, Password, Salt, " +
|
||||
string query = "INSERT INTO Users(Username, Password, Nickname," +
|
||||
"Email, PhoneNumber, Firstname, Lastname, " +
|
||||
"DateCreated, LastLogin) VALUES(@Username, " +
|
||||
"@Password, @Salt, @Email, @PhoneNumber, " +
|
||||
"@Password, @Nickname, @Email, @PhoneNumber, " +
|
||||
"@Firstname, @Lastname, @DateCreated, @LastLogin)";
|
||||
using (MySqlCommand cmd = new MySqlCommand(query, conn))
|
||||
{
|
||||
cmd.Parameters.AddWithValue("@Username", user.Username);
|
||||
cmd.Parameters.AddWithValue("@Password", user.Password);
|
||||
cmd.Parameters.AddWithValue("@Salt", user.Salt);
|
||||
//cmd.Parameters.AddWithValue("@Salt", user.Salt);
|
||||
cmd.Parameters.AddWithValue("@Nickname", user.Nickname);
|
||||
cmd.Parameters.AddWithValue("@Email", user.Email);
|
||||
cmd.Parameters.AddWithValue("@PhoneNumber", user.PhoneNumber);
|
||||
cmd.Parameters.AddWithValue("@Firstname", user.Firstname);
|
||||
@@ -80,6 +81,7 @@ namespace Icarus.Models.Context
|
||||
while (reader.Read())
|
||||
{
|
||||
user.Id = Convert.ToInt32(reader["Id"]);
|
||||
user.Nickname = reader["Nickname"].ToString();
|
||||
user.Email = reader["Email"].ToString();
|
||||
user.PhoneNumber = reader["PhoneNumber"].ToString();
|
||||
user.Firstname = reader["Firstname"].ToString();
|
||||
|
||||
+2
-2
@@ -10,10 +10,10 @@ namespace Icarus.Models
|
||||
public int Id { get; set; }
|
||||
[JsonProperty("username")]
|
||||
public string Username { get; set; }
|
||||
[JsonProperty("nickname")]
|
||||
public string Nickname { get; set; }
|
||||
[JsonProperty("password")]
|
||||
public string Password { get; set; }
|
||||
[JsonIgnore]
|
||||
public byte[] Salt { get; set; }
|
||||
[JsonProperty("email")]
|
||||
public string Email { get; set; }
|
||||
[JsonProperty("phone_number")]
|
||||
|
||||
Reference in New Issue
Block a user