public bool ValidateUser(string email, string password)
{
if (string.IsNullOrWhiteSpace(email) || string.IsNullOrWhiteSpace(password))
{
return(false);
}
var user = _userService.GetUserByEmail(email);
if (user == null)
{
return(false);
}
string salt;
try
{
salt = _passwordHasher.GetSaltFromHash(user.Password);
}
catch (MonsterSecurityException ex)
{
Logger.ErrorFormat(CultureInfo.InvariantCulture, "User with email {0} has invalid password hash", ex, user.Email);
return(false);
}
string hash = _passwordHasher.EncryptPassword(password, salt);
return(user.Password.Equals(hash, StringComparison.InvariantCulture));
}
