Beispiel #1
0
        public bool CheckIfPasswordsMatch(string plainTextPassword, int accountId)
        {
            //compares stored password (hash of password + randomly generated salt) with hash of entered password and the stored salt
            var storedPassword        = _accountQueries.GetPasswordFromDatabase(accountId);
            var hashedEnteredPassword = _encryptionUtility.EncryptStringAndSalt(plainTextPassword, _accountQueries.GetSaltFromDatabase(accountId));

            if (storedPassword != hashedEnteredPassword)
            {
                return(false);
            }

            return(true);
        }