public static bool IsValidPassword(User user, SecureString entry) { Censorship security = new Censorship(); Password encryptedEntry = security.Sha256Encrypt(entry, user.Password.Salt); return user.Password.Hash.SequenceEqual(encryptedEntry.Hash); }
//---------2---------3---------4---------5---------6---------7---------8---------9 private void LoginButton_Click(object sender, RoutedEventArgs e) { if ((string)LoginButton.Content == "Login") { User user; bool userExists = Source.TryGetUser(UsernameInput.Text, out user); bool? isValidPassword = null; if (userExists) { using (SecureString entry = PasswordInput.SecurePassword) { isValidPassword = Censorship.IsValidPassword(user, entry); } } if (userExists & isValidPassword ?? false) { Home window = new Home(user); window.Show(); } else { MessageBox.Show("FAILED"); } } else // Create { Guid salt = Guid.NewGuid(); Password firstEntry; Password secondEntry; using (SecureString password = PasswordInput.SecurePassword) { Censorship security = new Censorship(); firstEntry = security.Sha256Encrypt(password, salt); } using (SecureString password = ReEnterPasswordInput.SecurePassword) { Censorship security = new Censorship(); secondEntry = security.Sha256Encrypt(password, salt); } bool passwordsMatch = firstEntry.Hash.SequenceEqual(secondEntry.Hash); bool usernameExists = Source.UsernameExists(UsernameInput.Text); if (passwordsMatch && !usernameExists) { User user = new User(); user.Username = UsernameInput.Text; user.Password = firstEntry; Source.AddUser(user); Home window = new Home(user); window.Show(); } else { MessageBox.Show("Passwords do not match or user already exists."); } } }