From d104a6810dcca58e7003833e5b7c74a7722df879 Mon Sep 17 00:00:00 2001
From: Syndamia <kamen.d.mladenov@protonmail.com>
Date: Thu, 17 Dec 2020 21:24:55 +0200
Subject: Added username and password hash to JWT

---
 src/DevHive.Services/Services/UserService.cs | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'src/DevHive.Services/Services/UserService.cs')

diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs
index 7092d61..b60cc4c 100644
--- a/src/DevHive.Services/Services/UserService.cs
+++ b/src/DevHive.Services/Services/UserService.cs
@@ -40,7 +40,7 @@ namespace DevHive.Services.Services
 			if (user.PasswordHash != GeneratePasswordHash(loginModel.Password))
 				throw new ArgumentException("Incorrect password!");
 
-			return new TokenModel(WriteJWTSecurityToken(user.Roles));
+			return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
 		}
 
 		public async Task<TokenModel> RegisterUser(RegisterServiceModel registerModel)
@@ -64,7 +64,7 @@ namespace DevHive.Services.Services
 
 			await this._userRepository.AddAsync(user);
 
-			return new TokenModel(WriteJWTSecurityToken(user.Roles));
+			return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
 		}
 
 		public async Task<UserServiceModel> GetUserById(Guid id)
@@ -122,11 +122,15 @@ namespace DevHive.Services.Services
 			return string.Join(string.Empty, SHA512.HashData(Encoding.ASCII.GetBytes(password)));
 		}
 
-		private string WriteJWTSecurityToken(IList<Role> roles)
+		private string WriteJWTSecurityToken(string userName, string passwordHash, IList<Role> roles)
 		{
 			byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret);
 
-			List<Claim> claims = new();
+			List<Claim> claims = new()
+			{
+				new Claim(ClaimTypes.Name, userName),
+				new Claim(ClaimTypes.Hash, passwordHash)
+			};
 
 			foreach(var role in roles)
 			{
-- 
cgit v1.2.3