コード例 #1
0
        public static bool TryToAuthenticate(string password)
        {
            var hash     = string.Empty;
            var settings = Database.Instance.GetSettings();

            try
            {
                hash = Password.ComputeHash(password, settings.PasswordSalt);
            }
            catch (Exception)
            {
                // Password validation failed
            }

            if (Password.AreEqual(settings.PasswordHash, hash))
            {
                HttpContext.Current.Session[AUTHENTICATED] = true;

                return(true);
            }

            return(false);
        }
コード例 #2
0
        public void PasswordHashingTest()
        {
            var passwordLength = Password.PASSWORD_HASH_SIZE * 2;
            var salt           = "73a7b6dc8d1d75a0352c3ba917266afa";
            var password       = "******";

            var hash1 = Password.ComputeHash(password, salt);
            var hash2 = Password.ComputeHash(password, salt);
            var hash3 = Password.ComputeHash(password, salt);
            var hash4 = Password.ComputeHash(password + "5", salt);

            Assert.IsTrue(hash1.Length == passwordLength);
            Assert.IsTrue(hash2.Length == passwordLength);
            Assert.IsTrue(hash3.Length == passwordLength);
            Assert.IsTrue(hash4.Length == passwordLength);

            Assert.IsTrue(Password.AreEqual(hash1, hash2));
            Assert.IsTrue(Password.AreEqual(hash1, hash3));
            Assert.IsTrue(Password.AreEqual(hash2, hash3));

            Assert.IsFalse(Password.AreEqual(hash1, hash4));
            Assert.IsFalse(Password.AreEqual(hash2, hash4));
            Assert.IsFalse(Password.AreEqual(hash3, hash4));
        }