aboutsummaryrefslogtreecommitdiff
path: root/src/DevHive.Services/Services
diff options
context:
space:
mode:
authorSyndamia <kamen.d.mladenov@protonmail.com>2020-12-18 08:40:26 +0200
committerSyndamia <kamen.d.mladenov@protonmail.com>2020-12-18 08:40:26 +0200
commit36632a99578ea1fe29757e6a8a37f7fd76ac8b9e (patch)
tree7b04b2ff2b250df826bee3c8bf7db17af5508abc /src/DevHive.Services/Services
parent323e0ba9d83b503496633fa75ce66eca1fac265c (diff)
downloadDevHive-36632a99578ea1fe29757e6a8a37f7fd76ac8b9e.tar
DevHive-36632a99578ea1fe29757e6a8a37f7fd76ac8b9e.tar.gz
DevHive-36632a99578ea1fe29757e6a8a37f7fd76ac8b9e.zip
Removed password hash from JWT
Diffstat (limited to 'src/DevHive.Services/Services')
-rw-r--r--src/DevHive.Services/Services/UserService.cs7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs
index af8a6f0..0fa41e8 100644
--- a/src/DevHive.Services/Services/UserService.cs
+++ b/src/DevHive.Services/Services/UserService.cs
@@ -40,7 +40,7 @@ namespace DevHive.Services.Services
if (user.PasswordHash != GeneratePasswordHash(loginModel.Password))
throw new ArgumentException("Incorrect password!");
- return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
+ return new TokenModel(WriteJWTSecurityToken(user.UserName, user.Roles));
}
public async Task<TokenModel> RegisterUser(RegisterServiceModel registerModel)
@@ -64,7 +64,7 @@ namespace DevHive.Services.Services
await this._userRepository.AddAsync(user);
- return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
+ return new TokenModel(WriteJWTSecurityToken(user.UserName, user.Roles));
}
public async Task<UserServiceModel> GetUserById(Guid id)
@@ -110,14 +110,13 @@ namespace DevHive.Services.Services
return string.Join(string.Empty, SHA512.HashData(Encoding.ASCII.GetBytes(password)));
}
- private string WriteJWTSecurityToken(string userName, string passwordHash, IList<Role> roles)
+ private string WriteJWTSecurityToken(string userName, IList<Role> roles)
{
byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret);
List<Claim> claims = new()
{
new Claim(ClaimTypes.Name, userName),
- new Claim(ClaimTypes.Hash, passwordHash)
};
foreach(var role in roles)
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-16 16:23:39 +0000