public void Verify_IncorrectSalt_ReturnsFalse()
{
// Arrange
const string plainText = "test";
var salt = _hashGenerator.Salt();
var incorrectSalt = _hashGenerator.Salt();
var hash = _hashGenerator.Hash(plainText, salt);
// Act
var result = _hashGenerator.Verify(plainText, incorrectSalt, hash);
// Assert
Assert.IsFalse(result);
}
public async Task <User> LoginPasswordAsync(string email, string password)
{
var user = await _repository.ReadByEmailAsync(email)
?? throw new EmailNotFoundException();
if (!_hashGenerator.Verify(password, user.Salt, user.Password))
{
throw new InvalidPasswordException();
}
user.Token = _tokenGenerator.GenerateJwt(user.Id, user.Email, user.Username);
return(user.WithoutSensitiveData());
}