public void ChangePassword(string password)
{
var salt = Password.CreateRandomSalt();
var hashedPassword = new Password(password, salt);
ApplyChange(new AccountPasswordChanged(Id, hashedPassword.ComputeSaltedHash(), salt));
}
public void ComputeSaltedHash_Hashes_The_Password()
{
var password = "******";
var hasher = new Password(password, 30);
Assert.NotEqual("test123", hasher.ComputeSaltedHash());
}
public void EqualsSaltedHash_Compares_A_HashedPassword()
{
var password = "******";
var hashed1 = new Password(password, 30).ComputeSaltedHash();
var hashed2 = new Password(password, 33).ComputeSaltedHash();
var hashed3 = new Password("aaa", 30).ComputeSaltedHash();
Assert.True(new Password(password, 30).EqualsSaltedHash(hashed1));
Assert.False(new Password(password, 30).EqualsSaltedHash(hashed2));
Assert.False(new Password(password, 30).EqualsSaltedHash(hashed3));
}
private bool VerifyPassword(AccountPassword account, string password)
{
var givenPassword = new Password(password, account.PasswordSalt);
return givenPassword.EqualsSaltedHash(account.Password);
}
public bool VerifyPassword(string password)
{
var givenPassword = new Password(password, PasswordSalt);
return givenPassword.EqualsSaltedHash(PasswordHash);
}