public async Task <bool> VerifyPassword(int userId, string password)
{
var passwordHashes = await _passwordRepository.Get(userId);
if (passwordHashes == null || passwordHashes.Count == 0)
{
_logger.LogInformation($"User:{userId} has no passwords.");
return(false);
}
// Check current password
if (CheckPassword(passwordHashes[0].PasswordHashAndSalt, password))
{
return(true);
}
// Check historic passwords just and log if match
CheckExpiredPasswords(userId, passwordHashes, password);
return(false);
}