private void TestValidatePasswordsTrue() { string password = "******"; string salt = HashProfile.GenerateSalt(); string hashedPassword = HashProfile.GetSaltedHashData(password, salt); Assert.True(HashProfile.ValidatePasswords(password, hashedPassword, salt)); }
private void TestValidatePasswordsDifferentSalts() { string password = "******"; string correctSalt = HashProfile.GenerateSalt(); string incorrectSalt = HashProfile.GenerateSalt(); string hashedPassword = HashProfile.GetSaltedHashData(password, correctSalt); Assert.False(HashProfile.ValidatePasswords(password, hashedPassword, incorrectSalt)); }
private void TestValidatePasswordsDifferentPasswords() { string password = "******"; string secondPassword = "******"; string salt = HashProfile.GenerateSalt(); string hashedPassword = HashProfile.GetSaltedHashData(password, salt); Assert.False(HashProfile.ValidatePasswords(secondPassword, hashedPassword, salt)); }
public async Task <IActionResult> Login(LoginViewModel loginViewModel) { if (!ModelState.IsValid) { return(View("Login", loginViewModel)); } DbUser user = await DbContext.Users.Where(s => s.Login == loginViewModel.Login).SingleOrDefaultAsync(); if (user == null || !HashProfile.ValidatePasswords(loginViewModel.Password, user.Password, user.PasswordSalt)) { ModelState.AddModelError("", "Wrong login or password"); return(View("Login", loginViewModel)); } if (!user.EmailConfirmed) { ModelState.AddModelError("", "Verify your email address"); return(View("Login", loginViewModel)); } CookieProfile.SignUserCookie(HttpContext, user); return(RedirectToAction("Index", "Tasks")); }