public bool Login(string userid, string password)
{
try
{
/* Fetch the stored value */
SQL002DBEntities DBContext = new SQL002DBEntities();
UserIdentity user = DBContext.UserIdentities.Where(u => u.UserId == userid).SingleOrDefault();
/* Extract the bytes */
byte[] hashBytes = Convert.FromBase64String(user.Password);
/* Get the salt */
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
/* Compute the hash on the password the user entered */
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
/* Compare the results */
for (int i = 0; i < 20; i++)
{
if (hashBytes[i + 16] != hash[i])
{
return(false);
//throw new UnauthorizedAccessException();
}
}
return(true);
}
catch (Exception ex)
{
return(false);
}
}
public bool Register(string userName, string password)
{
try
{
byte[] salt = _HashManager.GetSalt();
byte[] hashValue = _HashManager.GetHashValue(password, salt);
string savingPassword = _HashManager.CombineAndConvert(salt, hashValue);
using (SQL002DBEntities entities = new SQL002DBEntities())
{
entities.RegisterUserIdentity(userName, savingPassword);
entities.SaveChanges();
}
return(true);
}
catch (Exception ex)
{
return(false);
}
}
