shrukan/bank-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Another round of cleanup and beautification

Browse Source
This commit is contained in:
tjwise99
2023-08-19 23:22:44 -04:00
parent 1a25e62fa4
commit 6ac566f9aa
28 changed files with 337 additions and 338 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/IO.Swagger/Repositories/UserRepository.cs
View File

@ -2,8 +2,10 @@
using IO.Swagger.Models.RequestDto;
using IO.Swagger.Services;
using Microsoft.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore.ChangeTracking;
using System;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace IO.Swagger.Repositories
@ -11,7 +13,7 @@ namespace IO.Swagger.Repositories
/// <summary>
/// The EF implementation of this interface
/// </summary>
/// <seealso cref="IO.Swagger.Repositories.IUserRepository" />
/// <seealso cref="IUserRepository" />
public class UserRepository : IUserRepository
{
private readonly BankDbContext bankDbContext;
@ -35,13 +37,8 @@ namespace IO.Swagger.Repositories
// Generate a random salt
byte[] saltBytes = RandomNumberGenerator.GetBytes(16);
string salt = Convert.ToBase64String(saltBytes);
// Hash the password along with the salt
string password = request.Password;
string saltedPassword = password + salt;
byte[] passwordBytes = System.Text.Encoding.UTF8.GetBytes(saltedPassword);
byte[] hashedBytes = SHA256.HashData(passwordBytes);
string hashedPassword = Convert.ToBase64String(hashedBytes);
string hashedPassword = HashPassword(salt, request.Password);
// Create and insert the user
User newUser = new()
@ -53,8 +50,8 @@ namespace IO.Swagger.Repositories
LastName = request.LastName
};
Microsoft.EntityFrameworkCore.ChangeTracking.EntityEntry<User> unused1 = await bankDbContext.Users.AddAsync(newUser);
int unused = await bankDbContext.SaveChangesAsync();
_ = await bankDbContext.Users.AddAsync(newUser);
_ = await bankDbContext.SaveChangesAsync();
return newUser;
}
@ -66,12 +63,7 @@ namespace IO.Swagger.Repositories
if (user == null)
return null;
// Hash the supplied password with the retrieved salt
string password = request.Password;
string saltedPassword = password + user.Salt;
byte[] passwordBytes = System.Text.Encoding.UTF8.GetBytes(saltedPassword);
byte[] hashedBytes = SHA256.HashData(passwordBytes);
string hashedPassword = Convert.ToBase64String(hashedBytes);
string hashedPassword = HashPassword(user.Salt, request.Password);
return hashedPassword != user.PasswordHash ? null : user;
}
@ -80,5 +72,20 @@ namespace IO.Swagger.Repositories
{
return await bankDbContext.Users.FirstOrDefaultAsync(u => u.Id == userId);
}
/// <summary>
/// Hashes the password.
/// </summary>
/// <param name="salt">The salt to apply.</param>
/// <param name="password">The password to hash.</param>
/// <returns>The hashed and salted password</returns>
private static string HashPassword(string salt, string password)
{
string saltedPassword = password + salt;
byte[] passwordBytes = Encoding.UTF8.GetBytes(saltedPassword);
byte[] hashedBytes = SHA256.HashData(passwordBytes);
string hashedPassword = Convert.ToBase64String(hashedBytes);
return hashedPassword;
}
}
}