Consolidate auth logic, update password service, and update namespaces

2026-02-16 10:42:08 +00:00 · 2026-02-08 23:05:08 -05:00
parent 881a94893f
commit ff1ce15419
33 changed files with 588 additions and 270 deletions
--- a/src/Core/Service/Service.Core/Services/AuthService.cs
+++ b/src/Core/Service/Service.Core/Services/AuthService.cs
@@ -1,35 +1,53 @@
-using DataAccessLayer.Entities;
-using DataAccessLayer.Repositories.UserAccount;
+using Repository.Core.Entities;
+using Repository.Core.Repositories.Auth;

 namespace ServiceCore.Services
 {
-    public class AuthService(IUserAccountRepository userRepo, IUserCredentialRepository credRepo) : IAuthService
+    public class AuthService(
+        IAuthRepository authRepo,
+        IPasswordService passwordService
+    ) : IAuthService
    {
-        public async Task<UserAccount> RegisterAsync(UserAccount userAccount, string password)
+        public async Task<UserAccount?> RegisterAsync(UserAccount userAccount, string password)
        {
-            throw new NotImplementedException();
+            // Check if user already exists
+            var user = await authRepo.GetUserByUsernameAsync(userAccount.Username);
+            if (user is not null)
+            {
+                return null;
+            }
+
+            // password hashing
+            var hashed = passwordService.Hash(password);
+
+            // Register user with hashed password
+            return await authRepo.RegisterUserAsync(
+                userAccount.Username,
+                userAccount.FirstName,
+                userAccount.LastName,
+                userAccount.Email,
+                userAccount.DateOfBirth,
+                hashed);
        }

        public async Task<UserAccount?> LoginAsync(string username, string password)
        {
            // Attempt lookup by username
-            var user = await userRepo.GetByUsernameAsync(username);
-        
+            var user = await authRepo.GetUserByUsernameAsync(username);
+
            // the user was not found
            if (user is null) return null;

            // @todo handle expired passwords
-            var activeCred = await credRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId);
-            
-            if (activeCred is null) return null;    
-            if (!PasswordHasher.Verify(password, activeCred.Hash)) return null;
-            
-            return user;
+            var activeCred = await authRepo.GetActiveCredentialByUserAccountIdAsync(user.UserAccountId);
+
+            if (activeCred is null) return null;
+            return !passwordService.Verify(password, activeCred.Hash) ? null : user;
        }

        public async Task InvalidateAsync(Guid userAccountId)
        {
-            await credRepo.InvalidateCredentialsByUserAccountIdAsync(userAccountId);
+            await authRepo.InvalidateCredentialsByUserAccountIdAsync(userAccountId);
        }
    }
 }
--- a/src/Core/Service/Service.Core/Services/IAuthService.cs
+++ b/src/Core/Service/Service.Core/Services/IAuthService.cs
@@ -1,4 +1,4 @@
-using DataAccessLayer.Entities;
+using Repository.Core.Entities;

 namespace ServiceCore.Services
 {
@@ -7,4 +7,4 @@ namespace ServiceCore.Services
        Task<UserAccount> RegisterAsync(UserAccount userAccount, string password);
        Task<UserAccount?> LoginAsync(string username, string password);
    }
-}
+}
--- a/src/Core/Service/Service.Core/Services/IPasswordService.cs
+++ b/src/Core/Service/Service.Core/Services/IPasswordService.cs
@@ -0,0 +1,7 @@
+namespace ServiceCore.Services;
+
+public interface IPasswordService
+{
+    public string Hash(string password);
+    public bool Verify(string password, string stored);
+}
--- a/src/Core/Service/Service.Core/Services/IUserService.cs
+++ b/src/Core/Service/Service.Core/Services/IUserService.cs
@@ -1,4 +1,4 @@
-using DataAccessLayer.Entities;
+using Repository.Core.Entities;

 namespace ServiceCore.Services
 {
@@ -9,4 +9,4 @@ namespace ServiceCore.Services

        Task UpdateAsync(UserAccount userAccount);
    }
-}
+}
--- a/src/Core/Service/Service.Core/Services/PasswordService.cs
+++ b/src/Core/Service/Service.Core/Services/PasswordService.cs
@@ -4,14 +4,14 @@ using Konscious.Security.Cryptography;

 namespace ServiceCore.Services
 {
-    public static class PasswordHasher
+    public class PasswordService : IPasswordService
    {
        private const int SaltSize = 16; // 128-bit
        private const int HashSize = 32; // 256-bit
        private const int ArgonIterations = 4;
        private const int ArgonMemoryKb = 65536; // 64MB

-        public static string Hash(string password)
+        public string Hash(string password)
        {
            var salt = RandomNumberGenerator.GetBytes(SaltSize);
            var argon2 = new Argon2id(Encoding.UTF8.GetBytes(password))
@@ -26,7 +26,7 @@ namespace ServiceCore.Services
            return $"{Convert.ToBase64String(salt)}:{Convert.ToBase64String(hash)}";
        }

-        public static bool Verify(string password, string stored)
+        public bool Verify(string password, string stored)
        {
            try
            {
@@ -53,4 +53,4 @@ namespace ServiceCore.Services
            }
        }
    }
-}
+}
--- a/src/Core/Service/Service.Core/Services/UserService.cs
+++ b/src/Core/Service/Service.Core/Services/UserService.cs
@@ -1,5 +1,5 @@
-using DataAccessLayer.Entities;
-using DataAccessLayer.Repositories.UserAccount;
+using Repository.Core.Entities;
+using Repository.Core.Repositories.UserAccount;

 namespace ServiceCore.Services
 {
@@ -14,7 +14,7 @@ namespace ServiceCore.Services
        {
            return await repository.GetByIdAsync(id);
        }
-        
+
        public async Task UpdateAsync(UserAccount userAccount)
        {
            await repository.UpdateAsync(userAccount);