formated all files
This commit is contained in:
QkoSad
+27
-15
@@ -1,18 +1,19 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Net;
|
||||
using System.Security.Claims;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using MySql.Data.MySqlClient;
|
||||
using Newtonsoft.Json;
|
||||
using Newtonsoft.Json.Linq;
|
||||
using System.Security.Claims;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Security.Cryptography;
|
||||
|
||||
namespace Server
|
||||
{
|
||||
public class Login : Route
|
||||
{
|
||||
private static string secretKey = "stronk-key-much-sercret-much-more-stronk-stronk-key-much-sercret-much-more-stronk";
|
||||
private static string secretKey =
|
||||
"stronk-key-much-sercret-much-more-stronk-stronk-key-much-sercret-much-more-stronk";
|
||||
|
||||
public static string GenerateToken(string user)
|
||||
{
|
||||
@@ -22,10 +23,7 @@ namespace Server
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: "TimeLogServer",
|
||||
audience: "TimeLogWebsite",
|
||||
claims: new[]
|
||||
{
|
||||
new Claim("user", user)
|
||||
},
|
||||
claims: new[] { new Claim("user", user) },
|
||||
expires: DateTime.Now.AddHours(2),
|
||||
signingCredentials: creds
|
||||
);
|
||||
@@ -42,7 +40,14 @@ namespace Server
|
||||
Array.Copy(hashBytes, 0, salt, 0, 16);
|
||||
|
||||
// Hash the entered password with the stored salt
|
||||
using (var pbkdf2 = new Rfc2898DeriveBytes(enteredPassword, salt, 10000, HashAlgorithmName.SHA256))
|
||||
using (
|
||||
var pbkdf2 = new Rfc2898DeriveBytes(
|
||||
enteredPassword,
|
||||
salt,
|
||||
10000,
|
||||
HashAlgorithmName.SHA256
|
||||
)
|
||||
)
|
||||
{
|
||||
byte[] newHash = pbkdf2.GetBytes(32);
|
||||
|
||||
@@ -62,7 +67,12 @@ namespace Server
|
||||
{
|
||||
// extract data from body
|
||||
string body;
|
||||
using (StreamReader bodyReader = new StreamReader(request.InputStream, request.ContentEncoding))
|
||||
using (
|
||||
StreamReader bodyReader = new StreamReader(
|
||||
request.InputStream,
|
||||
request.ContentEncoding
|
||||
)
|
||||
)
|
||||
{
|
||||
body = bodyReader.ReadToEnd();
|
||||
}
|
||||
@@ -72,7 +82,8 @@ namespace Server
|
||||
|
||||
// prepare SQL query
|
||||
MySqlCommand cmd = new MySqlCommand();
|
||||
cmd.CommandText = @"SELECT u.id, password FROM User u
|
||||
cmd.CommandText =
|
||||
@"SELECT u.id, password FROM User u
|
||||
INNER JOIN Password p ON p.user=u.id
|
||||
WHERE mail=@mail;";
|
||||
cmd.Parameters.AddWithValue("@mail", mail);
|
||||
@@ -98,9 +109,11 @@ namespace Server
|
||||
throw new Exception("Invalid Username or Password");
|
||||
}
|
||||
//check password
|
||||
if (string.IsNullOrEmpty(password)
|
||||
if (
|
||||
string.IsNullOrEmpty(password)
|
||||
|| string.IsNullOrEmpty(hashedPass)
|
||||
|| !VerifyPassword(password, hashedPass))
|
||||
|| !VerifyPassword(password, hashedPass)
|
||||
)
|
||||
{
|
||||
throw new Exception("Invalid Username or Password");
|
||||
}
|
||||
@@ -118,4 +131,3 @@ namespace Server
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user