private bool VerifyPassword(User user, string password) { if (string.IsNullOrEmpty(password)) { throw new ArgumentNullException(nameof(password)); } var hash = PasswordHasher.CreateSHA256Hash(password, user.PasswordSalt); return(string.Equals(user.PasswordHash, hash, StringComparison.Ordinal)); }
public User Create(UserRegisterModel user) { var existingUser = _userRepository.FindByEmail(user.EmailAddress); if (existingUser != null) { return(existingUser); } var salt = Convert.ToBase64String(PasswordHasher.CreateSalt(10)); var createdUserId = _userRepository.Create(new User { EmailAddress = user.EmailAddress, FullName = user.FullName, PasswordHash = PasswordHasher.CreateSHA256Hash(user.Password, salt), PasswordSalt = salt }); return(FindById(createdUserId)); }