Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Sasha Pleshakov2016-10-10 19:12:10
ASP.NET
Sasha Pleshakov, 2016-10-10 19:12:10

How are passwords encrypted in ASP.NET MVC?

Created a method in the ApplicationUserManager class to search the database by email and password, because FindAsync searches by name and password, but it seems to me that ASP.NET Identity has a different hashing method (I use Crypto.HashPassword), because the method I use produces a different hash.

public async Task<ApplicationUser> FindByEmailAndPasswordAsync(string email, string password)
{
    ThrowIfDisposed();
    var passwordHash = Crypto.HashPassword(password);
    ApplicationUser user;
    using(var db = new ApplicationDbContext())
    {
        user = await db.Users.Where(u => u.Email == email && u.PasswordHash == passwordHash).FirstOrDefaultAsync();
    }
    if(user == null)
    {
        return null;
    }
    return user;
}

Moved to Login controller
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        PasswordHasher ph = new PasswordHasher();
        var passwordHash = ph.HashPassword(model.Password);
        ApplicationUser user;
        using (var db = new ApplicationDbContext())
        {
            user = await db.Users.Where(u => u.Email == model.Email && u.PasswordHash == passwordHash).FirstOrDefaultAsync();
        }
        if (user != null)
        {
        //дальше идет код контроллера, который создается автоматически

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
#
#algooptimize #bottize, 2016-10-10
@mnepoh

asp net identity
usermanager

protected virtual async Task<bool> VerifyPasswordAsync(IUserPasswordStore<TUser, TKey> store, TUser user, string password)
    {
      string hash = await store.GetPasswordHashAsync(user).WithCurrentCulture<string>();
      return this.PasswordHasher.VerifyHashedPassword(hash, password) != PasswordVerificationResult.Failed;
    }


 public virtual async Task<bool> CheckPasswordAsync(TUser user, string password)
    {
      this.ThrowIfDisposed();
      IUserPasswordStore<TUser, TKey> passwordStore = this.GetPasswordStore();
      if ((object) user == null)
        return false;
      return await this.VerifyPasswordAsync(passwordStore, user, password).WithCurrentCulture<bool>();
    }

I see no reason to duplicate the code, you can just use usermanager.

Similar questions
D
Doston Elmurodov2015-09-04 15:23:57
Why does a 288B *.gif file take the longest to load? 1Reply
N
netstalkerrr2015-09-06 18:20:11
ASP.NET. How to upload an mp3 file to a page? 1Reply
D
Dmitry2017-08-14 16:07:28
How to quickly master a language? 1Reply
S
Sergey Konovalov2015-09-14 17:07:12
What to return, Empty collection or null? 4Reply
S
Sergey Konovalov2015-09-18 18:35:29
How to setup cascade delete in Entity Framework? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question