public void CanSha1HashAndCheckSimplePassword()
{
//Create a basic password...
var originalPass = "******";
//Hash it...
var hash = _crypto.HashPassword(originalPass);
//Assert that they're actually different...
Assert.AreNotEqual(originalPass, hash);
//And assert that they're not instances of the same object (I'm being anal here)
Assert.AreNotSame(originalPass, hash);
//Now use the validation function to check to see if they're equivalent
Assert.IsTrue(_crypto.CheckPassword(originalPass, hash));
}
public CheckUserCredentialsDto CheckUserCredentials(CheckUserCredentialsQuery query)
{
var user = _session.Query <User>().FirstOrDefault(x => x.Email == query.Email);
return(user != null &&
_cryptoService.CheckPassword(user.Password, query.Password, user.Salt)
? new CheckUserCredentialsDto
{
UserId = user.Id,
Roles = user.Roles.Select(x => x.Name).ToList(),
HasDetails = user.FirstName != null,
IsVerified = user.VerificationCode == null
}
: null);
}
