async Task <bool> PasswordMatches(string password, PasswordAuthentication auth)
{
var data = StoredPassword.Deserialize(auth.EncodedStoredPassword);
var passwordBytes = password.ToBytes();
var hash = await hasher.Hash(passwordBytes, data.Salt, data.Options);
if (!data.Hash.ArrayEquals(hash))
{
return(false);
}
// TODO automatically upgrade algorithm here if it's outdated
return(true);
}
