AuthController with DTO

Author: FinGY

BAuth.csproj

@@ -7,6 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="6.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.9" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
   </ItemGroup>
 

Controllers/AuthController.cs

@@ -0,0 +1,57 @@
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using System.Security.Cryptography;
+
+namespace BAuth.Controllers
+{
+    [ApiController]
+    [Route("api/[controller]")]
+    public class AuthController : Controller
+    {
+        public static User user = new User();
+        [HttpPost("register")]
+        public async Task<ActionResult<User>> Register(UserDto request)
+        {
+            CreatePasswordHash(request.Password,out byte[] passwordHash,out byte[] passwordSalt);
+            user.Name = request.Name;
+            user.PasswordSalt = passwordSalt;
+            user.PasswordHash = passwordHash;
+            return Ok(user);
+
+        }
+
+         [HttpPost("login")]
+        public async Task<ActionResult<User>> LogIn(UserDto request)
+        {
+            if(user.Name != request.Name)
+            {
+                return BadRequest("User not found!");
+            }
+            if(!VerifyPassword(request.Password, user.PasswordHash,user.PasswordSalt))
+            {
+                return BadRequest("Wrong password!");
+            }
+            var token = CreateToken()
+            return Ok(token);
+        }
+
+          private void CreatePasswordHash(string password, out byte[]passwordHash, out byte[]PasswordSalt)
+         {
+            using (var hmac = new HMACSHA256())
+            {
+                PasswordSalt = hmac.Key;
+                passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
+            }
+         }
+         private bool VerifyPassword(string password, out byte[]passwordHash, out byte[]PasswordSalt)
+         {
+            using (var hmac = new HMACSHA256(PasswordSalt))
+            {
+                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
+                return computedHash.SequenceEqual(passwordHash);
+            }
+         }
+
+  
+    }
+}

Controllers/UserController.cs

@@ -1,56 +1,56 @@
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Mvc;
+// using Microsoft.AspNetCore.Identity;
+// using Microsoft.AspNetCore.Mvc;
 
-namespace BAuth.Controllers
-{
-    [ApiController]
-    [Route("api/[controller]")]
-    public class UserController : Controller
-    {
-         public static List<User> users = new List<User>()
-            {
-                new User
-                {
-                    Name = "John",
-                    Password = "pass1"
-                 },
-                new User
-                    {
-                        Name = "Dave",
-                         Password = "pass11"
-                    }
+// namespace BAuth.Controllers
+// {
+//     [ApiController]
+//     [Route("api/[controller]")]
+//     public class UserController : Controller
+//     {
+//          public static List<User> users = new List<User>()
+//             {
+//                 new User
+//                 {
+//                     Name = "John",
+//                     Password = "pass1"
+//                  },
+//                 new User
+//                     {
+//                         Name = "Dave",
+//                          Password = "pass11"
+//                     }
 
-            };
+//             };
 
-        [HttpGet]
-        public async Task<ActionResult<List<User>>> GetAll()
-        {
-            return Ok(users);
-        }
+//         [HttpGet]
+//         public async Task<ActionResult<List<User>>> GetAll()
+//         {
+//             return Ok(users);
+//         }
 
-        [HttpGet ("{name}")]
-        public async Task<ActionResult<List<User>>>GetUser( string name)
-        {
-            var user = users.Find(user=>user.Name == name);
-            if (user == null)
-            {
-                return BadRequest("User not found");
-            }
-            return Ok(user);
-        }
+//         [HttpGet ("{name}")]
+//         public async Task<ActionResult<List<User>>>GetUser( string name)
+//         {
+//             var user = users.Find(user=>user.Name == name);
+//             if (user == null)
+//             {
+//                 return BadRequest("User not found");
+//             }
+//             return Ok(user);
+//         }
 
-        [HttpPost]
-        public async Task<ActionResult<List<User>>>AddUser(User user)
-        {
-            users.Add(user);
-            return Ok(users);
-        }
-        [HttpDelete ("{name}")]
-         public async Task<ActionResult<List<User>>>DeleteUSer(string name)
-         {
-            var user = users.Find(user=>user.Name == name);
-            users.Remove(user);
-            return Ok(users);
-         }
-    }
-}
+//         [HttpPost]
+//         public async Task<ActionResult<List<User>>>AddUser(User user)
+//         {
+//             users.Add(user);
+//             return Ok(users);
+//         }
+//         [HttpDelete ("{name}")]
+//          public async Task<ActionResult<List<User>>>DeleteUSer(string name)
+//          {
+//             var user = users.Find(user=>user.Name == name);
+//             users.Remove(user);
+//             return Ok(users);
+//          }
+//     }
+// }

Data/UserDbContext.cs

@@ -0,0 +1,13 @@
+using Microsoft.EntityFrameworkCore;
+
+namespace BAuth
+{
+    public class UserDbContext : DbContext
+    {
+        public UserDbContext(DbContextOptions<UserDbContext> options):base(options)
+        {
+            
+        }
+        public DbSet<User> Users {get;set;}
+    }
+}

Program.cs

@@ -1,6 +1,7 @@
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
+// builder.Services.AddDbContext<UserDbContext>
 
 builder.Services.AddControllers();
 // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle

User.cs

@@ -4,7 +4,9 @@ namespace BAuth
 {
     public class User
     {
+        public Int32 ID {get;set;}
         public string Name { get; set; }
-        public string Password {get;set;}
+        public byte[] PasswordSalt {get;set;}
+        public byte[] PasswordHash {get;set;}
     }
 }

UserDto.cs

@@ -0,0 +1,8 @@
+namespace BAuth
+{
+    public class UserDto
+    {
+        public string Name {get;set;} = string.Empty;
+        public string Password{get;set;} = string.Empty;
+    }
+}