DataHandler.Accounts

A barebones local account system

Types

AccountData

Represents a user account’s stored data.

  • Properties:

    • string Username
    • PasswordCheckData Password
    • string DataEncryptionKey
    • string RecoveryDataKey

  • Constructors:
    AccountData() { } // For deserialization
    AccountData(string username,
    PasswordCheckData password,
    string dataEncryptionKey,
    string recoveryDataKey)

Fields & Helpers

  • internal SecureData PublicKey
    Default key used to encrypt/decrypt the account list JSON.

  • internal void ChangePublicKey(string NewVal)
    Updates PublicKey to a new value (wrapped in SecureData).

Methods

SetupFiles(string directory)

Initializes a fresh “Users.json” in the specified directory containing an empty account list.

  • Parameters:

    • directory: Path to the folder where Users.json will be created.

  • Returns: Task

CreateUser(string username, SecureData password, string Directory)

Creates a new user entry, storing:

  1. A salted & hashed password (PasswordCheckData).
  2. A random data-encryption key encrypted under the user’s password.
  3. A recovery key encrypted under the data-encryption key.

  • Parameters:

    • username: Desired username (must be unique).
    • password: User’s chosen password.
    • Directory: Path containing Users.json.

  • Returns: Task — The recovery key (for password resets).

  • Exceptions:

    • If username already exists.

LoginUser(string username, string Directory, SecureData password)

Validates credentials and, on success, returns the user’s data-encryption key.

  • Parameters:

    • username, Directory, password.

  • Returns: Task — Decrypted data-encryption key.

  • Exceptions:

    • If user not found or password invalid.
    • Wraps I/O or decryption errors.

ResetPassword(string username, string Directory, SecureData newpassword, SecureData RecoveryPass)

Uses the stored recovery key to re-encrypt a new password and rotation of encryption keys:

  1. Decrypts existing data-encryption key via RecoveryPass.
  2. Generates a fresh hash for newpassword.
  3. Creates a new encryption key & recovery key pair.
  4. Updates the AccountData entry.

  • Parameters:

    • username, Directory
    • newpassword: The new password to set.
    • RecoveryPass: The previously returned recovery key.

  • Returns: Task — The new data-encryption key.

  • Exceptions:

    • If recovery fails or user not found.