private void TestValidatePasswordsTrue()
{
string password = "******";
string salt = HashProfile.GenerateSalt();
string hashedPassword = HashProfile.GetSaltedHashData(password, salt);
Assert.True(HashProfile.ValidatePasswords(password, hashedPassword, salt));
}
private void TestValidatePasswordsDifferentSalts()
{
string password = "******";
string correctSalt = HashProfile.GenerateSalt();
string incorrectSalt = HashProfile.GenerateSalt();
string hashedPassword = HashProfile.GetSaltedHashData(password, correctSalt);
Assert.False(HashProfile.ValidatePasswords(password, hashedPassword, incorrectSalt));
}
private void TestValidatePasswordsDifferentPasswords()
{
string password = "******";
string secondPassword = "******";
string salt = HashProfile.GenerateSalt();
string hashedPassword = HashProfile.GetSaltedHashData(password, salt);
Assert.False(HashProfile.ValidatePasswords(secondPassword, hashedPassword, salt));
}
public async Task <IActionResult> Login(LoginViewModel loginViewModel)
{
if (!ModelState.IsValid)
{
return(View("Login", loginViewModel));
}
DbUser user = await DbContext.Users.Where(s => s.Login == loginViewModel.Login).SingleOrDefaultAsync();
if (user == null || !HashProfile.ValidatePasswords(loginViewModel.Password, user.Password, user.PasswordSalt))
{
ModelState.AddModelError("", "Wrong login or password");
return(View("Login", loginViewModel));
}
if (!user.EmailConfirmed)
{
ModelState.AddModelError("", "Verify your email address");
return(View("Login", loginViewModel));
}
CookieProfile.SignUserCookie(HttpContext, user);
return(RedirectToAction("Index", "Tasks"));
}
