Janus007/PlanTempusApp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adds PasswordHasher + DbSetup

Browse source
This commit is contained in:
Janus C. H. Knudsen 2025-01-21 23:26:05 +01:00
parent 4ec4beef21
commit db09261768
7 changed files with 269 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Core/Core.csproj
View file

@ -19,8 +19,4 @@
<PackageReference Include="npgsql" Version="9.0.2" /> <PackageReference Include="npgsql" Version="9.0.2" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<Folder Include="Entities\" />
</ItemGroup>
</Project> </Project>

35
Core/Entities/Users/Class1.cs Normal file
View file

@ -0,0 +1,35 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Core.Entities.Users
{
public class User
{
public int Id { get; set; }
public string Email { get; set; }
public string PasswordHash { get; set; }
public string SecurityStamp { get; set; }
public bool EmailConfirmed { get; set; }
public DateTime CreatedDate { get; set; }
public DateTime? LastLoginDate { get; set; }
}
public class Tenant
{
public int Id { get; set; }
public string ConnectionString { get; set; }
public DateTime CreatedDate { get; set; }
public int CreatedBy { get; set; }
public bool IsActive { get; set; }
}
public class UserTenant
{
public int UserId { get; set; }
public int TenantId { get; set; }
public DateTime CreatedDate { get; set; }
}
}

47
Core/Entities/Users/PasswordHasher.cs Normal file
View file

@ -0,0 +1,47 @@
namespace Core.Entities.Users
{
public static class PasswordHasher
{
private const int _saltSize = 16; // 128 bit
private const int _keySize = 32; // 256 bit
private const int _iterations = 100000;
public static string HashPassword(string password)
{
using (var algorithm = new System.Security.Cryptography.Rfc2898DeriveBytes(
password,
_saltSize,
_iterations,
System.Security.Cryptography.HashAlgorithmName.SHA256))
{
var key = Convert.ToBase64String(algorithm.GetBytes(_keySize));
var salt = Convert.ToBase64String(algorithm.Salt);
return $"{_iterations}.{salt}.{key}";
}
}
public static bool VerifyPassword(string hash, string password)
{
var parts = hash.Split('.', 3);
if (parts.Length != 3)
{
return false;
}
var iterations = Convert.ToInt32(parts[0]);
var salt = Convert.FromBase64String(parts[1]);
var key = Convert.FromBase64String(parts[2]);
using (var algorithm = new System.Security.Cryptography.Rfc2898DeriveBytes(
password,
salt,
iterations,
System.Security.Cryptography.HashAlgorithmName.SHA256))
{
var keyToCheck = algorithm.GetBytes(_keySize);
return keyToCheck.SequenceEqual(key);
}
}
}
}

1
Database/Database.csproj
View file

@ -3,7 +3,6 @@
<PropertyGroup> <PropertyGroup>
<TargetFramework>net8.0</TargetFramework> <TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>

79
Database/Identity/DbSetup.cs Normal file
View file

@ -0,0 +1,79 @@
using Insight.Database;
using System.Data;
namespace Database.Identity
{
public class DbSetup
{
private readonly IDbConnection _db;
public DbSetup(IDbConnection db)
{
_db = db;
}
public void CreateDatabase()
{
var schema = "dev";
if (_db.State != ConnectionState.Open)
_db.Open();
using var transaction = _db.BeginTransaction();
try
{
// Create tables
_db.Execute(@$"
CREATE TABLE IF NOT EXISTS {schema}.users (
id SERIAL PRIMARY KEY,
email VARCHAR(256) NOT NULL UNIQUE,
password_hash VARCHAR(256) NOT NULL,
security_stamp VARCHAR(36) NOT NULL,
email_confirmed BOOLEAN NOT NULL DEFAULT FALSE,
created_date TIMESTAMP NOT NULL,
last_login_date TIMESTAMP NULL
);
CREATE TABLE IF NOT EXISTS {schema}.tenants (
id SERIAL PRIMARY KEY,
connection_string VARCHAR(500) NOT NULL,
created_date TIMESTAMP NOT NULL,
created_by INTEGER REFERENCES users(id),
is_active BOOLEAN DEFAULT true
);
CREATE TABLE IF NOT EXISTS {schema}.user_tenants (
user_id INTEGER REFERENCES users(id),
tenant_id INTEGER REFERENCES tenants(id),
created_date TIMESTAMP NOT NULL,
PRIMARY KEY (user_id, tenant_id)
);
-- Enable RLS både tenants og user_tenants
ALTER TABLE {schema}.tenants ENABLE ROW LEVEL SECURITY;
ALTER TABLE {schema}.user_tenants ENABLE ROW LEVEL SECURITY;
-- RLS policy for tenants
DROP POLICY IF EXISTS tenant_access ON {schema}.tenants;
CREATE POLICY tenant_access ON {schema}.tenants
USING (id IN (
SELECT tenant_id
FROM {schema}.user_tenants
WHERE user_id = current_setting('app.user_id', TRUE)::INTEGER
));
-- RLS policy for user_tenants
DROP POLICY IF EXISTS user_tenant_access ON {schema}.user_tenants;
CREATE POLICY user_tenant_access ON {schema}.user_tenants
USING (user_id = current_setting('app.user_id', TRUE)::INTEGER);");
transaction.Commit();
}
catch
{
transaction.Rollback();
throw;
}
}
}
}

76
Database/Identity/UserService.cs Normal file
View file

@ -0,0 +1,76 @@
using Core.Entities.Users;
using Insight.Database;
using System.Data;
namespace Database.Identity
{
public class UserService
{
private readonly IDbConnection _db;
public UserService(IDbConnection db)
{
_db = db;
}
public async Task CreateUserWithTenant(string email, string password, string tenantConnectionString)
{
var schema = "dev";
if (_db.State != ConnectionState.Open)
_db.Open();
using var transaction = _db.BeginTransaction();
try
{
// Create user
var user = new User
{
Email = email,
PasswordHash = PasswordHasher.HashPassword(password),
SecurityStamp = Guid.NewGuid().ToString(),
EmailConfirmed = false,
CreatedDate = DateTime.UtcNow
};
var userId = await _db.ExecuteScalarAsync<int>(@$"
INSERT INTO {schema}.users (email, password_hash, security_stamp, email_confirmed, created_date)
VALUES (@Email, @PasswordHash, @SecurityStamp, @EmailConfirmed, @CreatedDate)
RETURNING id", user);
// Create tenant
var tenant = new Tenant
{
ConnectionString = tenantConnectionString,
CreatedDate = DateTime.UtcNow,
CreatedBy = userId,
IsActive = true
};
var tenantId = await _db.ExecuteScalarAsync<int>(@$"
INSERT INTO {schema}.tenants (connection_string, created_date, created_by, is_active)
VALUES (@ConnectionString, @CreatedDate, @CreatedBy, @IsActive)
RETURNING id", tenant);
// Link user to tenant
var userTenant = new UserTenant
{
UserId = userId,
TenantId = tenantId,
CreatedDate = DateTime.UtcNow
};
await _db.ExecuteAsync(@$"
INSERT INTO {schema}.user_tenants (user_id, tenant_id, created_date)
VALUES (@UserId, @TenantId, @CreatedDate)", userTenant);
transaction.Commit();
}
catch
{
transaction.Rollback();
throw;
}
}
}
}

8
TestPostgresLISTEN/Program.cs
View file

@ -1,12 +1,9 @@
using Npgsql; using Npgsql;
using System;
using System.Threading.Tasks;
class Program class Program
{ {
static async Task Main(string[] args) static async Task Main(string[] args)
{ {
// Tilpas connection string til dine behov
var connectionString = "Host=192.168.1.57;Database=ptdb01;Username=postgres;Password=3911"; var connectionString = "Host=192.168.1.57;Database=ptdb01;Username=postgres;Password=3911";
try try
@ -16,7 +13,6 @@ class Program
Console.WriteLine("Forbundet til databasen. Lytter efter notifikationer..."); Console.WriteLine("Forbundet til databasen. Lytter efter notifikationer...");
// Opsæt notification handling
conn.Notification += (o, e) => conn.Notification += (o, e) =>
{ {
Console.WriteLine($"Notifikation modtaget:"); Console.WriteLine($"Notifikation modtaget:");
@ -26,19 +22,15 @@ class Program
Console.WriteLine("------------------------"); Console.WriteLine("------------------------");
}; };
// Start lytning
await using (var cmd = new NpgsqlCommand("LISTEN config_changes;", conn)) await using (var cmd = new NpgsqlCommand("LISTEN config_changes;", conn))
{ {
await cmd.ExecuteNonQueryAsync(); await cmd.ExecuteNonQueryAsync();
} }
// Hold programmet kørende og lyt efter notifikationer
Console.WriteLine("Tryk på en tast for at stoppe..."); Console.WriteLine("Tryk på en tast for at stoppe...");
// Mens vi venter på input, skal vi huske at wait for notifikationer
while (!Console.KeyAvailable) while (!Console.KeyAvailable)
{ {
// Wait for notification for 1 second, then continue loop
await conn.WaitAsync(); await conn.WaitAsync();
} }
} }