public void VerifyPassword_ComparingWrongPassword_ShouldNotBeEqual() { // Arrange HashingSettings settings = new HashingSettings(HashingMethodType.SHA256); HashingService hashingService = new HashingService(settings); string username = "******"; string correctPassword = "******"; string wrongPassword = "******"; IHashedUser hashedUser = null; bool passwordMatched = false; // Act hashedUser = hashingService.CreateHashedUser(username, correctPassword); passwordMatched = hashingService.VerifyPassword(wrongPassword, hashedUser.Password, hashedUser.Salt); Console.WriteLine("Original Correct Password: "******"Original Wrong Password: "******"Hashed Password: "******"Hashed Salt: " + hashedUser.Salt); // Assert Assert.IsFalse(passwordMatched); }
public async Task <ActionResult <bool> > VerifyUser([FromBody] AuthUser authUser) { bool verifyUserSucceed; AuthUser verifyUser = authUser; AuthUser existingUser = new AuthUser(); HashingSettings settings = new HashingSettings(HashingMethodType.SHA256); HashingService hashingService = new HashingService(settings); var user = _context.Users.Where(x => x.Email == verifyUser.Email).FirstOrDefault(); if (user == null) { return(false); } using (SqlConnection con = new SqlConnection("Data Source=MSI\\SQLExpress;Initial Catalog=StreamingTinder;Integrated Security=SSPI;")) { using (SqlCommand cmd = new SqlCommand("select * from AuthUsers WHERE Email = @Email", con)) { cmd.Parameters.AddWithValue("@Email", user.Email); con.Open(); using (SqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { existingUser.Email = reader["Email"].ToString(); existingUser.Password = reader["Password"].ToString(); existingUser.Salt = reader["Salt"].ToString(); } } } } // Run hashing compare verifyUserSucceed = hashingService.VerifyPassword(verifyUser.Password, existingUser.Password, existingUser.Salt); return(verifyUserSucceed); }