public void CheckPassword_UnsaltedPassword_Exception()
{
string password = "******";
IPasswordHasher subject = new BCryptHasher();
Assert.That(() => subject.CheckPassword(password, password), Throws.ArgumentException);
}
public void CheckPassword_AnotherSaltedPassword_False()
{
string password = "******";
IPasswordHasher subject = new BCryptHasher();
string hashed = subject.HashPassword("anotherPassword");
Assert.That(subject.CheckPassword(password, hashed), Is.False);
}
public void CheckPassword_SameSaltedPassword_True()
{
string password = "******";
IPasswordHasher subject = new BCryptHasher();
string hashed = subject.HashPassword(password);
Assert.That(subject.CheckPassword(password, hashed), Is.True);
}
public User ValidateUser(String username, String password)
{
User user = context.User.FirstOrDefault(
u => u.Username.Equals(username.ToLower()) || u.Email.Equals(username.ToLower()));
if (user != null)
{
IHasher hasher = new BCryptHasher();
bool passwordValid = hasher.CheckPassword(password, user.Password);
if (passwordValid)
{
return(user);
}
}
return(null);
}
