public AppConfiguration()
{
AccountManagementCheckFailedLogonAttempts = Convert.ToBoolean(ConfigurationManager.AppSettings["AccountManagementCheckFailedLogonAttempts"].ToString());
AccountManagementMaximumFailedLogonAttempts = Convert.ToInt32(ConfigurationManager.AppSettings["AccountManagementMaximumFailedLogonAttempts"].ToString());
AccountManagementRegisterAutoApprove = Convert.ToBoolean(ConfigurationManager.AppSettings["AccountManagementRegisterAutoApprove"]);
ApplicationName = ConfigurationManager.AppSettings["ApplicationName"];
DefaultFromEmailAddress = ConfigurationManager.AppSettings["DefaultFromEmailAddress"];
DefaultHashStrategy = (HashStrategyKind)Convert.ToInt32(ConfigurationManager.AppSettings["DefaultHashStrategy"]);
EncryptionPassword = ConfigurationManager.AppSettings["EncryptionPassword"];
EncryptionIterationCount = Convert.ToInt32(ConfigurationManager.AppSettings["EncryptionIterationCount"]);
HasRecaptcha = Convert.ToBoolean(ConfigurationManager.AppSettings["HasRecaptcha"]);
HasEmailConfigured = Convert.ToBoolean(ConfigurationManager.AppSettings["HasEmailConfigured"]);
WebsiteBaseUrl = ConfigurationManager.AppSettings["WebsiteBaseUrl"];
}
/// <summary>
/// Given a password, salt and hash strategy, calculate the hash
/// </summary>
/// <param name="plainPassword"></param>
/// <param name="salt"></param>
/// <param name="hashStrategy"></param>
public SecuredPassword(string plainPassword, byte[] salt, HashStrategyKind hashStrategy)
{
_salt = salt;
SetHashStrategy(hashStrategy);
switch (hashStrategy)
{
case HashStrategyKind.Pbkdf25009Iterations:
case HashStrategyKind.Pbkdf28000Iterations:
using (var deriveBytes = new Rfc2898DeriveBytes(plainPassword, salt, (int)_hashingParameter))
{
_hash = deriveBytes.GetBytes(_saltSize);
}
break;
case HashStrategyKind.Argon248KWorkCost:
var argon2Hasher = new PasswordHasher(memoryCost: _hashingParameter);
_hash = Encoding.ASCII.GetBytes(argon2Hasher.Hash(Encoding.ASCII.GetBytes(plainPassword), salt));
break;
}
IsValid = true;
}
