Example #1
0
        public async Task <bool> ChangePasswordAsync(string oldPassword, string newPassword, int userId)
        {
            var existing = await _usersRepository.GetUserByIdAsync(userId);

            if (existing == null)
            {
                throw new Exception("User does not exists");
            }

            if (PasswordHelpers.GenerateHashForSaltAndPassword(existing.Salt, oldPassword) != existing.PasswordHash)
            {
                throw new Exception("Old password is not valid");
            }

            if (!PasswordHelpers.IsValidPassword(newPassword, new PasswordRequirements()))
            {
                throw new Exception("Password doesn't meet requirements");
            }

            string salt;
            string passwordHash;

            PasswordHelpers.GenerateSaltAndHash(newPassword, out salt, out passwordHash);

            return(await _usersRepository.ChangePasswordAsync(userId, passwordHash, salt));
        }
Example #2
0
        internal async Task <bool> VerifyPassword(COHUserStore store, COHApplicationUser user, string password)
        {
            var hash = await store.GetPasswordHashAsync(user);

            var verify = PasswordHelpers.GenerateHashForSaltAndPassword(user.Salt, password);

            return(hash == verify);
        }