/// <inheritdoc />
public PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword,
string providedPassword)
{
Check.NotNull(user, nameof(user));
Check.NotNullOrEmpty(hashedPassword, nameof(hashedPassword));
Check.NotNullOrEmpty(providedPassword, nameof(providedPassword));
// Determine if the hashedPassword is valid
if (!HashInformation.TryParse(hashedPassword, out var hashInfo))
{
return(PasswordVerificationResult.Failed);
}
// Verify the password
var verifyResult = BCrypt.Net.BCrypt.Verify(providedPassword, hashedPassword);
if (!verifyResult)
{
return(PasswordVerificationResult.Failed);
}
// Determine if the password needs rehashing
if (hashInfo.WorkFactor < _options.WorkFactor || hashInfo.Revision != _options.SaltRevision ||
hashInfo.Revision == SaltRevision.Revision2)
{
return(PasswordVerificationResult.SuccessRehashNeeded);
}
// Done
return(PasswordVerificationResult.Success);
}
public static bool TryParse(string hash, out HashInformation result)
{
result = null;
if (string.IsNullOrWhiteSpace(hash))
{
return(false);
}
// Try to parse the hash information
try
{
result = Parse(hash);
return(true);
}
catch
{
// Ignore
}
// Could not parse the hash information
return(false);
}