Add password verification !

Manager.Framework/Business/ProfileLogic.cs

@@ -22,20 +22,25 @@ namespace Manager.Framework.Business
             _logger = logger;
         }
 
-        public bool Authenticate(string email, string password)
+        public void TestPassword(string email, string userPassword, string password)
         {
             if (string.IsNullOrWhiteSpace(email))
             {
                 _logger.LogError($"Authenticate error: No e-mail provided");
                 throw new UnauthorizedAccessException("Authentication error");
             }
+
             if (string.IsNullOrEmpty(password))
             {
                 _logger.LogError($"Authenticate error: No password provided");
                 throw new UnauthorizedAccessException("Authentication error");
             }
 
-            return true;
+            if (!PasswordUtils.Compare(userPassword, password, PasswordsPepper))
+            {
+                _logger.LogError($"Authenticate error: passwords doesn't match");
+                throw new UnauthorizedAccessException("Authentication error");
+            }
         }
 
         /// <summary>

ManagerService/Controllers/AuthenticationController.cs

@@ -53,14 +53,14 @@ namespace ManagerService.Service.Controllers
                 email = "test@email.be";
                 password = "W/7aj4NB60i3YFKJq50pbw=="; // password = "kljqsdkljqsd";
 #endif
-                var token = _tokensService.Authenticate(email.ToLower(), password);
-
                 // Set user token ? 
                 var user = _UserDatabaseService.GetByEmail(email.ToLower());
 
                 if (user == null)
                     throw new KeyNotFoundException("User not found");
 
+                var token = _tokensService.Authenticate(user, password);
+
                 MqttClientService.SetServices(_DeviceDatabaseService, _ConfigurationDatabaseService);
 
                 return new OkObjectResult(token);

ManagerService/Services/TokensService.cs

@@ -51,17 +51,16 @@ namespace ManagerService.Service.Services
         /// <param name="email">Email</param>
         /// <param name="password">Password</param>
         /// <returns>Token DTO in case of success</returns>
-        public TokenDTO Authenticate(string email, string password)
+        public TokenDTO Authenticate(User user, string password)
         {
             try
             {
                 var claims = new List<System.Security.Claims.Claim>();
                 var expiration = DateTime.UtcNow.AddMinutes(_tokenSettings.AccessTokenExpiration);
 
-                // Todo nothing good here..
-                var profile = _profileLogic.Authenticate(email, password);
+                _profileLogic.TestPassword(user.Email, user.Password, password);
 
-                claims.Add(new Claim(ClaimTypes.Email, email));
+                claims.Add(new Claim(ClaimTypes.Email, user.Email));
 
                 // TODO: add refresh token support
 
@@ -85,12 +84,12 @@ namespace ManagerService.Service.Services
             }
             catch (UnauthorizedAccessException ex)
             {
-                _logger?.LogError(ex, $"Authenticate error for user '{email}': unauthorized access");
+                _logger?.LogError(ex, $"Authenticate error for user '{user.Email}': unauthorized access");
                 throw;
             }
             catch (Exception ex)
             {
-                _logger?.LogError(ex, $"Authenticate error for user '{email}': {ex.Message}");
+                _logger?.LogError(ex, $"Authenticate error for user '{user.Email}': {ex.Message}");
                 throw;
             }
         }