public virtual void SetPassword(User user, string password) { byte[] salt = CreateSalt(64); IHashAlgorithm hashAlgorithm = _hashAlgorithmProvider.GetHashAlgorithm(null); user.PasswordHash = hashAlgorithm.GenerateSaltedHash(GetBytes(password), salt); user.PasswordSalt = salt; user.CurrentEncryption = null; }
public bool ValidateUser(User user, string password) { IHashAlgorithm hashAlgorithm = _hashAlgorithmProvider.GetHashAlgorithm(user.CurrentEncryption); return(CompareByteArrays(user.PasswordHash, hashAlgorithm.GenerateSaltedHash(GetBytes(password), user.PasswordSalt))); }