72wQXQ94

· 5 years ago · Jun 09, 2020, 09:26 PM
1using System;
2using System.Collections.Generic;
3using System.Threading.Tasks;
4using System.Security.Cryptography;
5using Amazon.DynamoDBv2;
6using Amazon.DynamoDBv2.Model;
7using Amazon.Lambda.Core;
8using Amazon.Lambda.APIGatewayEvents;
9using Newtonsoft.Json;
10
11// Assembly attribute to enable the Lambda function's JSON input to be converted into a .NET class.
12[assembly: LambdaSerializer(typeof(Amazon.Lambda.Serialization.Json.JsonSerializer))]
13
14namespace LogIn
15{
16    public class LogIn
17    {
18        private string accessKey;
19        private string secretKey;
20
21        [LambdaSerializer(typeof(Amazon.Lambda.Serialization.Json.JsonSerializer))]
22        public async Task<APIGatewayProxyResponse> FunctionHandler(APIGatewayProxyRequest inputParam, ILambdaContext context)
23        {
24            #region aws login
25            accessKey = "AKIAI34JK2LTIAUMEBPA";
26            secretKey = "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";
27            var awsCredentials = new Amazon.Runtime.BasicAWSCredentials(accessKey, secretKey);
28            var clientDDB = new AmazonDynamoDBClient(awsCredentials, Amazon.RegionEndpoint.EUWest3);
29            LambdaLogger.Log("Log in succeded");
30            #endregion
31
32            LambdaLogger.Log(inputParam.Body);
33
34            Input userData = JsonConvert.DeserializeObject<Input>(inputParam.Body);
35            LambdaLogger.Log($"pass: {userData.plainPassword}\nuser: {userData.username}");
36
37            GetItemRequest passwordHashRequest = new GetItemRequest
38            {
39                TableName = "Professori",
40                Key = new Dictionary<string, AttributeValue>() { { "IDProfessore", new AttributeValue { S = JsonConvert.DeserializeObject<Input>(inputParam.Body).username } } }
41            };
42
43            GetItemResponse passwordHashResponse = await clientDDB.GetItemAsync(passwordHashRequest);
44
45            if (passwordHashResponse.IsItemSet)
46            {
47                MD5 md5 = System.Security.Cryptography.MD5.Create();
48                byte[] hashBytes = md5.ComputeHash(System.Text.Encoding.ASCII.GetBytes(userData.plainPassword));
49                
50                String pswHash = "";
51                LambdaLogger.Log(hashBytes.Length.ToString());
52                for (int i = 0; i < hashBytes.Length; i++)
53                {
54                    pswHash += hashBytes[i].ToString("X2");
55                }
56
57                if (passwordHashResponse.Item.GetValueOrDefault(userData.username).Equals(pswHash))
58                {
59                    return new APIGatewayProxyResponse
60                    {
61                        StatusCode = 200,
62                        Body = "{\"message\":\"OK\"}"
63                    };
64                }
65
66                return new APIGatewayProxyResponse
67                {
68                    StatusCode = 500,
69                    Body = "{\"message\":\"User credentials are not valid\"}"
70                };
71            }
72
73            return new APIGatewayProxyResponse
74            {
75                StatusCode = 500,
76                Body = "{\"message\":\"User does not exist\"}"
77            };
78        }
79    }
80
81    public class Input
82    {
83        public string username { get; set; }
84        public string plainPassword { get; set; }
85    }
86}