mirror of
https://github.com/aaronpo97/the-biergarten-app.git
synced 2026-02-16 18:52:06 +00:00
Update service namespace/directory structure
This commit is contained in:
Aaron Po
53
src/Core/Service/Service.Core/Auth/AuthService.cs
Normal file
53
src/Core/Service/Service.Core/Auth/AuthService.cs
Normal file
@@ -0,0 +1,53 @@
|
||||
using Repository.Core.Entities;
|
||||
using Repository.Core.Repositories.Auth;
|
||||
using Service.Core.Password;
|
||||
|
||||
namespace Service.Core.Auth;
|
||||
|
||||
public class AuthService(
|
||||
IAuthRepository authRepo,
|
||||
IPasswordService passwordService
|
||||
) : IAuthService
|
||||
{
|
||||
public async Task<UserAccount?> RegisterAsync(UserAccount userAccount, string password)
|
||||
{
|
||||
// Check if user already exists
|
||||
var user = await authRepo.GetUserByUsernameAsync(userAccount.Username);
|
||||
if (user is not null)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
// password hashing
|
||||
var hashed = passwordService.Hash(password);
|
||||
|
||||
// Register user with hashed password
|
||||
return await authRepo.RegisterUserAsync(
|
||||
userAccount.Username,
|
||||
userAccount.FirstName,
|
||||
userAccount.LastName,
|
||||
userAccount.Email,
|
||||
userAccount.DateOfBirth,
|
||||
hashed);
|
||||
}
|
||||
|
||||
public async Task<UserAccount?> LoginAsync(string username, string password)
|
||||
{
|
||||
// Attempt lookup by username
|
||||
var user = await authRepo.GetUserByUsernameAsync(username);
|
||||
|
||||
// the user was not found
|
||||
if (user is null) return null;
|
||||
|
||||
// @todo handle expired passwords
|
||||
var activeCred = await authRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId);
|
||||
|
||||
if (activeCred is null) return null;
|
||||
return !passwordService.Verify(password, activeCred.Hash) ? null : user;
|
||||
}
|
||||
|
||||
public async Task InvalidateAsync(Guid userAccountId)
|
||||
{
|
||||
await authRepo.InvalidateCredentialsByUserAccountIdAsync(userAccountId);
|
||||
}
|
||||
}
|
||||
9
src/Core/Service/Service.Core/Auth/IAuthService.cs
Normal file
9
src/Core/Service/Service.Core/Auth/IAuthService.cs
Normal file
@@ -0,0 +1,9 @@
|
||||
using Repository.Core.Entities;
|
||||
|
||||
namespace Service.Core.Auth;
|
||||
|
||||
public interface IAuthService
|
||||
{
|
||||
Task<UserAccount> RegisterAsync(UserAccount userAccount, string password);
|
||||
Task<UserAccount?> LoginAsync(string username, string password);
|
||||
}
|
||||
@@ -1,4 +1,4 @@
|
||||
namespace ServiceCore.Services;
|
||||
namespace Service.Core.Jwt;
|
||||
|
||||
public interface IJwtService
|
||||
{
|
||||
@@ -1,12 +1,10 @@
|
||||
using System;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.IdentityModel.JsonWebTokens;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using JwtRegisteredClaimNames = System.IdentityModel.Tokens.Jwt.JwtRegisteredClaimNames;
|
||||
|
||||
namespace ServiceCore.Services;
|
||||
namespace Service.Core.Jwt;
|
||||
public class JwtService : IJwtService
|
||||
{
|
||||
private readonly string? _secret = Environment.GetEnvironmentVariable("JWT_SECRET");
|
||||
@@ -1,4 +1,4 @@
|
||||
namespace ServiceCore.Services;
|
||||
namespace Service.Core.Password;
|
||||
|
||||
public interface IPasswordService
|
||||
{
|
||||
55
src/Core/Service/Service.Core/Password/PasswordService.cs
Normal file
55
src/Core/Service/Service.Core/Password/PasswordService.cs
Normal file
@@ -0,0 +1,55 @@
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Konscious.Security.Cryptography;
|
||||
|
||||
namespace Service.Core.Password;
|
||||
|
||||
public class PasswordService : IPasswordService
|
||||
{
|
||||
private const int SaltSize = 16; // 128-bit
|
||||
private const int HashSize = 32; // 256-bit
|
||||
private const int ArgonIterations = 4;
|
||||
private const int ArgonMemoryKb = 65536; // 64MB
|
||||
|
||||
public string Hash(string password)
|
||||
{
|
||||
var salt = RandomNumberGenerator.GetBytes(SaltSize);
|
||||
var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
{
|
||||
Salt = salt,
|
||||
DegreeOfParallelism = Math.Max(Environment.ProcessorCount, 1),
|
||||
MemorySize = ArgonMemoryKb,
|
||||
Iterations = ArgonIterations
|
||||
};
|
||||
|
||||
var hash = argon2.GetBytes(HashSize);
|
||||
return $"{Convert.ToBase64String(salt)}:{Convert.ToBase64String(hash)}";
|
||||
}
|
||||
|
||||
public bool Verify(string password, string stored)
|
||||
{
|
||||
try
|
||||
{
|
||||
var parts = stored.Split(':', StringSplitOptions.RemoveEmptyEntries);
|
||||
if (parts.Length != 2) return false;
|
||||
|
||||
var salt = Convert.FromBase64String(parts[0]);
|
||||
var expected = Convert.FromBase64String(parts[1]);
|
||||
|
||||
var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
{
|
||||
Salt = salt,
|
||||
DegreeOfParallelism = Math.Max(Environment.ProcessorCount, 1),
|
||||
MemorySize = ArgonMemoryKb,
|
||||
Iterations = ArgonIterations
|
||||
};
|
||||
|
||||
var actual = argon2.GetBytes(expected.Length);
|
||||
return CryptographicOperations.FixedTimeEquals(actual, expected);
|
||||
}
|
||||
catch
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -3,7 +3,7 @@
|
||||
<TargetFramework>net10.0</TargetFramework>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
<RootNamespace>ServiceCore</RootNamespace>
|
||||
<RootNamespace>Service.Core</RootNamespace>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
|
||||
@@ -1,53 +0,0 @@
|
||||
using Repository.Core.Entities;
|
||||
using Repository.Core.Repositories.Auth;
|
||||
|
||||
namespace ServiceCore.Services
|
||||
{
|
||||
public class AuthService(
|
||||
IAuthRepository authRepo,
|
||||
IPasswordService passwordService
|
||||
) : IAuthService
|
||||
{
|
||||
public async Task<UserAccount?> RegisterAsync(UserAccount userAccount, string password)
|
||||
{
|
||||
// Check if user already exists
|
||||
var user = await authRepo.GetUserByUsernameAsync(userAccount.Username);
|
||||
if (user is not null)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
// password hashing
|
||||
var hashed = passwordService.Hash(password);
|
||||
|
||||
// Register user with hashed password
|
||||
return await authRepo.RegisterUserAsync(
|
||||
userAccount.Username,
|
||||
userAccount.FirstName,
|
||||
userAccount.LastName,
|
||||
userAccount.Email,
|
||||
userAccount.DateOfBirth,
|
||||
hashed);
|
||||
}
|
||||
|
||||
public async Task<UserAccount?> LoginAsync(string username, string password)
|
||||
{
|
||||
// Attempt lookup by username
|
||||
var user = await authRepo.GetUserByUsernameAsync(username);
|
||||
|
||||
// the user was not found
|
||||
if (user is null) return null;
|
||||
|
||||
// @todo handle expired passwords
|
||||
var activeCred = await authRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId);
|
||||
|
||||
if (activeCred is null) return null;
|
||||
return !passwordService.Verify(password, activeCred.Hash) ? null : user;
|
||||
}
|
||||
|
||||
public async Task InvalidateAsync(Guid userAccountId)
|
||||
{
|
||||
await authRepo.InvalidateCredentialsByUserAccountIdAsync(userAccountId);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
using Repository.Core.Entities;
|
||||
|
||||
namespace ServiceCore.Services
|
||||
{
|
||||
public interface IAuthService
|
||||
{
|
||||
Task<UserAccount> RegisterAsync(UserAccount userAccount, string password);
|
||||
Task<UserAccount?> LoginAsync(string username, string password);
|
||||
}
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
using Repository.Core.Entities;
|
||||
|
||||
namespace ServiceCore.Services
|
||||
{
|
||||
public interface IUserService
|
||||
{
|
||||
Task<IEnumerable<UserAccount>> GetAllAsync(int? limit = null, int? offset = null);
|
||||
Task<UserAccount?> GetByIdAsync(Guid id);
|
||||
|
||||
Task UpdateAsync(UserAccount userAccount);
|
||||
}
|
||||
}
|
||||
@@ -1,56 +0,0 @@
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Konscious.Security.Cryptography;
|
||||
|
||||
namespace ServiceCore.Services
|
||||
{
|
||||
public class PasswordService : IPasswordService
|
||||
{
|
||||
private const int SaltSize = 16; // 128-bit
|
||||
private const int HashSize = 32; // 256-bit
|
||||
private const int ArgonIterations = 4;
|
||||
private const int ArgonMemoryKb = 65536; // 64MB
|
||||
|
||||
public string Hash(string password)
|
||||
{
|
||||
var salt = RandomNumberGenerator.GetBytes(SaltSize);
|
||||
var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
{
|
||||
Salt = salt,
|
||||
DegreeOfParallelism = Math.Max(Environment.ProcessorCount, 1),
|
||||
MemorySize = ArgonMemoryKb,
|
||||
Iterations = ArgonIterations
|
||||
};
|
||||
|
||||
var hash = argon2.GetBytes(HashSize);
|
||||
return $"{Convert.ToBase64String(salt)}:{Convert.ToBase64String(hash)}";
|
||||
}
|
||||
|
||||
public bool Verify(string password, string stored)
|
||||
{
|
||||
try
|
||||
{
|
||||
var parts = stored.Split(':', StringSplitOptions.RemoveEmptyEntries);
|
||||
if (parts.Length != 2) return false;
|
||||
|
||||
var salt = Convert.FromBase64String(parts[0]);
|
||||
var expected = Convert.FromBase64String(parts[1]);
|
||||
|
||||
var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
{
|
||||
Salt = salt,
|
||||
DegreeOfParallelism = Math.Max(Environment.ProcessorCount, 1),
|
||||
MemorySize = ArgonMemoryKb,
|
||||
Iterations = ArgonIterations
|
||||
};
|
||||
|
||||
var actual = argon2.GetBytes(expected.Length);
|
||||
return CryptographicOperations.FixedTimeEquals(actual, expected);
|
||||
}
|
||||
catch
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,23 +0,0 @@
|
||||
using Repository.Core.Entities;
|
||||
using Repository.Core.Repositories.UserAccount;
|
||||
|
||||
namespace ServiceCore.Services
|
||||
{
|
||||
public class UserService(IUserAccountRepository repository) : IUserService
|
||||
{
|
||||
public async Task<IEnumerable<UserAccount>> GetAllAsync(int? limit = null, int? offset = null)
|
||||
{
|
||||
return await repository.GetAllAsync(limit, offset);
|
||||
}
|
||||
|
||||
public async Task<UserAccount?> GetByIdAsync(Guid id)
|
||||
{
|
||||
return await repository.GetByIdAsync(id);
|
||||
}
|
||||
|
||||
public async Task UpdateAsync(UserAccount userAccount)
|
||||
{
|
||||
await repository.UpdateAsync(userAccount);
|
||||
}
|
||||
}
|
||||
}
|
||||
11
src/Core/Service/Service.Core/User/IUserService.cs
Normal file
11
src/Core/Service/Service.Core/User/IUserService.cs
Normal file
@@ -0,0 +1,11 @@
|
||||
using Repository.Core.Entities;
|
||||
|
||||
namespace Service.Core.User;
|
||||
|
||||
public interface IUserService
|
||||
{
|
||||
Task<IEnumerable<UserAccount>> GetAllAsync(int? limit = null, int? offset = null);
|
||||
Task<UserAccount?> GetByIdAsync(Guid id);
|
||||
|
||||
Task UpdateAsync(UserAccount userAccount);
|
||||
}
|
||||
22
src/Core/Service/Service.Core/User/UserService.cs
Normal file
22
src/Core/Service/Service.Core/User/UserService.cs
Normal file
@@ -0,0 +1,22 @@
|
||||
using Repository.Core.Entities;
|
||||
using Repository.Core.Repositories.UserAccount;
|
||||
|
||||
namespace Service.Core.User;
|
||||
|
||||
public class UserService(IUserAccountRepository repository) : IUserService
|
||||
{
|
||||
public async Task<IEnumerable<UserAccount>> GetAllAsync(int? limit = null, int? offset = null)
|
||||
{
|
||||
return await repository.GetAllAsync(limit, offset);
|
||||
}
|
||||
|
||||
public async Task<UserAccount?> GetByIdAsync(Guid id)
|
||||
{
|
||||
return await repository.GetByIdAsync(id);
|
||||
}
|
||||
|
||||
public async Task UpdateAsync(UserAccount userAccount)
|
||||
{
|
||||
await repository.UpdateAsync(userAccount);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user