private async Task CheckPasswordRisk(string email, string password) { var passwordSha1Hash = password.Sha1Hash(); if (await masterRepository.ExistsAsync <RiskPassword>(await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = passwordSha1Hash }))) { throw new PasswordRiskException($"Password has appeared in a data breach and is at risk, user '{email}'."); } }
private async Task ValidatePasswordPolicy(string email, string password) { if (password.Length < RouteBinding.PasswordLength) { throw new PasswordLengthException($"Password is to short, user '{email}'."); } if (RouteBinding.CheckPasswordComplexity) { CheckPasswordComplexity(email, password); } if (RouteBinding.CheckPasswordRisk) { var passwordSha1Hash = Sha1Hash(password); if (await masterRepository.ExistsAsync <RiskPassword>(await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = passwordSha1Hash }))) { throw new PasswordRiskException($"Password has appeared in a data breach and is at risk, user '{email}'."); } } }