private bool IsValidUser(User user, User authUser)
{
if (user == null)
{
return false;
}
//Temopraily commented, since we must use old encryption /TB
if (!_passwordHasher.ValidatePassword(authUser, user))
{
return false;
}
return true;
}
public bool ValidatePassword(User unsecureUser, User realUser)
{
return ValidatePassword(unsecureUser.VarPassword, realUser.VarPassword);
}
public bool ValidatePassword(User unsecureUser, User realUser)
{
string passwordSalt = realUser.VarPwdSalt;
string unsecureEncryptedPassword = Compute(unsecureUser.VarPassword, passwordSalt);
if (realUser.VarPassword.Equals(unsecureEncryptedPassword))
{
return true;
}
return false;
}
