Auth integration

2026-05-22 10:28:02 +02:00
parent 64c5f6aa2c
commit 7ab824e7c1
39 changed files with 681 additions and 57 deletions
@@ -0,0 +1,57 @@
+using System.Security.Cryptography;
+using System.Text;
+using Microsoft.EntityFrameworkCore;
+
+namespace timetracker.Data;
+
+public class AuthService(IDbContextFactory<TimetrackerDbContext> factory)
+{
+    public async Task<User?> LoginAsync(string username, string password)
+    {
+        await using var db = await factory.CreateDbContextAsync();
+        var user = await db.Users
+            .FirstOrDefaultAsync(u => u.Username == username);
+        if (user == null) return null;
+        return VerifyPassword(password, user.PasswordHash, user.PasswordSalt) ? user : null;
+    }
+
+    public async Task<(User? User, string? Error)> RegisterAsync(string username, string password)
+    {
+        if (string.IsNullOrWhiteSpace(username) || username.Length < 3)
+            return (null, "Benutzername muss mindestens 3 Zeichen lang sein.");
+        if (string.IsNullOrWhiteSpace(password) || password.Length < 6)
+            return (null, "Passwort muss mindestens 6 Zeichen lang sein.");
+
+        await using var db = await factory.CreateDbContextAsync();
+        if (await db.Users.AnyAsync(u => u.Username == username))
+            return (null, "Benutzername bereits vergeben.");
+
+        var (hash, salt) = HashPassword(password);
+        var user = new User { Username = username, PasswordHash = hash, PasswordSalt = salt };
+        db.Users.Add(user);
+        await db.SaveChangesAsync();
+        return (user, null);
+    }
+
+    private static (string hash, string salt) HashPassword(string password)
+    {
+        var saltBytes = RandomNumberGenerator.GetBytes(32);
+        var salt = Convert.ToBase64String(saltBytes);
+        var hash = ComputeHash(password, salt);
+        return (hash, salt);
+    }
+
+    private static bool VerifyPassword(string password, string hash, string salt)
+        => ComputeHash(password, salt) == hash;
+
+    private static string ComputeHash(string password, string salt)
+    {
+        var hash = Rfc2898DeriveBytes.Pbkdf2(
+            Encoding.UTF8.GetBytes(password),
+            Convert.FromBase64String(salt),
+            iterations: 200_000,
+            HashAlgorithmName.SHA256,
+            outputLength: 32);
+        return Convert.ToBase64String(hash);
+    }
+}