C# (CSharp) PasswordSecurity.VerifyPassword Examples

Example #1

File: AccountDomatin.cs Project: InnocentThief/Neos.Leaderboard

        /// <summary>
        /// Verifies the provided credentials against the stored user password.
        /// </summary>
        /// <param name="username">The username.</param>
        /// <param name="password">The password in plaintext.</param>
        /// <returns>An awaitable task that returns the <see cref="Account"/>.</returns>
        /// <remarks>If the user does not exist, a new one will be created.</remarks>
        public async Task <Account> LoginAsync(string username, string password)
        {
            if (string.IsNullOrWhiteSpace(username))
            {
                throw new ArgumentNullException(nameof(username));
            }
            if (string.IsNullOrWhiteSpace(password))
            {
                throw new ArgumentNullException(nameof(password));
            }

            // Get user by username
            var account = await accountRepository.GetAccountAsync(username);

            if (account == null)
            {
                // Create new account
                account = await accountRepository.CreateAccountAsync(username, password);
            }
            else
            {
                // Check password
                var credentials = new SecurityCredentials
                {
                    PasswordHash = account.PasswordHash,
                    SaltValue    = account.Salt
                };
                var comparisonResult = PasswordSecurity.VerifyPassword(credentials, password);
                if (!comparisonResult)
                {
                    return(null);
                }
            }
            return(account);
        }

Example #2

File: AccountController.cs Project: prince910/OnlineShop

        public async Task <IActionResult> Login(LoginViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            AccountModel result = Db.Accounts.Where(m => m.EmailAddress == model.EmailAddress).FirstOrDefault();

            if (result == null && PasswordSecurity.VerifyPassword(model.Password, result.Password))
            {
                return(View(model));
            }

            var identity = new ClaimsIdentity(new[] {
                new Claim(ClaimTypes.Name, result.getName()),
                new Claim(ClaimTypes.Email, result.EmailAddress)
            }, CookieAuthenticationDefaults.AuthenticationScheme);

            var principal = new ClaimsPrincipal(identity);

            await HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme,
                principal);

            return(RedirectToAction("Index", "Home"));
        }

Example #3

        public static bool CreateNewSession(string username, string password, out string errorMessage)
        {
            errorMessage = "";

            if (CurrentUser != null)
            {
                errorMessage = "Has existing Session.";
                return(false);
            }

            if (HasExceededLogInAttempt(ref errorMessage))
            {
                return(false);
            }

            var user = new UserAccount();

            if (!user.LoadItem(username))
            {
                errorMessage = "Invalid Credentials";
                return(false);
            }

            if (!user.Active)
            {
                errorMessage = "Account is Disabled";
                return(false);
            }

            if (!PasswordSecurity.VerifyPassword(password, user.Password))
            {
                errorMessage = "Invalid Credentials";
                return(false);
            }

            CurrentUser = user;
            return(true);
        }