public virtual User FindByUsernameOrEmailAddressAndPassword(string usernameOrEmail, string password)
{
// TODO: validate input
var user = FindByUsername(usernameOrEmail)
?? FindByEmailAddress(usernameOrEmail);
if (user == null)
{
return(null);
}
if (!Crypto.ValidateSaltedHash(user.HashedPassword, password, user.PasswordHashAlgorithm))
{
return(null);
}
else if (!user.PasswordHashAlgorithm.Equals(Constants.PBKDF2HashAlgorithmId, StringComparison.OrdinalIgnoreCase))
{
// If the user can be authenticated and they are using an older password algorithm, migrate them to the current one.
ChangePasswordInternal(user, password);
UserRepository.CommitChanges();
}
return(user);
}
public virtual User FindByUsernameAndPassword(string username, string password)
{
// TODO: validate input
var user = FindByUsername(username);
if (user == null)
{
return(null);
}
if (!Crypto.ValidateSaltedHash(user.HashedPassword, password, user.PasswordHashAlgorithm))
{
return(null);
}
return(user);
}
private User AuthenticatePassword(string password, User user)
{
if (user == null)
{
return(null);
}
// Check for a credential
var creds = user.Credentials
.Where(c => c.Type.StartsWith(
CredentialTypes.Password.Prefix,
StringComparison.OrdinalIgnoreCase)).ToList();
bool valid;
if (creds.Count > 0)
{
valid = ValidatePasswordCredential(creds, password);
if (valid &&
(creds.Count > 1 ||
!creds.Any(c => String.Equals(
c.Type,
CredentialTypes.Password.Pbkdf2,
StringComparison.OrdinalIgnoreCase))))
{
MigrateCredentials(user, creds, password);
}
}
else
{
valid = Crypto.ValidateSaltedHash(
user.HashedPassword,
password,
user.PasswordHashAlgorithm);
}
return(valid ? user : null);
}
