public Task ChangePassword(User user, string newPassword)
{
ConvertPasswordFormat(user);
// This is needed to support changing a no password user to a password user
if (string.IsNullOrEmpty(user.Password))
{
PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
newPasswordHash.Salt = _cryptographyProvider.GenerateSalt();
newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
newPasswordHash.Hash = GetHashedChangeAuth(newPassword, newPasswordHash);
user.Password = newPasswordHash.ToString();
return(Task.CompletedTask);
}
PasswordHash passwordHash = new PasswordHash(user.Password);
if (passwordHash.Id == "SHA1" &&
passwordHash.Salt.Length == 0)
{
passwordHash.Salt = _cryptographyProvider.GenerateSalt();
passwordHash.Id = _cryptographyProvider.DefaultHashMethod;
passwordHash.Hash = GetHashedChangeAuth(newPassword, passwordHash);
}
else if (newPassword != null)
{
passwordHash.Hash = GetHashed(user, newPassword);
}
user.Password = passwordHash.ToString();
return(Task.CompletedTask);
}
public Task ChangePassword(User user, string newPassword)
{
ConvertPasswordFormat(user);
// This is needed to support changing a no password user to a password user
if (string.IsNullOrEmpty(user.Password))
{
PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt();
newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes);
newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash);
user.Password = newPasswordHash.ToString();
return(Task.CompletedTask);
}
PasswordHash passwordHash = new PasswordHash(user.Password);
if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt))
{
passwordHash.SaltBytes = _cryptographyProvider.GenerateSalt();
passwordHash.Salt = PasswordHash.ConvertToByteString(passwordHash.SaltBytes);
passwordHash.Id = _cryptographyProvider.DefaultHashMethod;
passwordHash.Hash = GetHashedStringChangeAuth(newPassword, passwordHash);
}
else if (newPassword != null)
{
passwordHash.Hash = GetHashedString(user, newPassword);
}
if (string.IsNullOrWhiteSpace(passwordHash.Hash))
{
throw new ArgumentNullException(nameof(passwordHash.Hash));
}
user.Password = passwordHash.ToString();
return(Task.CompletedTask);
}
/// <summary>
/// Creates a new <see cref="PasswordHash" /> instance.
/// </summary>
/// <param name="cryptoProvider">The <see cref="ICryptoProvider" /> instance used.</param>
/// <param name="password">The password that will be hashed.</param>
/// <returns>A <see cref="PasswordHash" /> instance with the hash method, hash, salt and number of iterations.</returns>
public static PasswordHash CreatePasswordHash(this ICryptoProvider cryptoProvider, string password)
{
byte[] salt = cryptoProvider.GenerateSalt();
return(new PasswordHash(
cryptoProvider.DefaultHashMethod,
cryptoProvider.ComputeHashWithDefaultMethod(
Encoding.UTF8.GetBytes(password),
salt),
salt,
new Dictionary <string, string>
{
{ "iterations", DefaultIterations.ToString(CultureInfo.InvariantCulture) }
}));
}
public PasswordHash(ICryptoProvider cryptoProvider)
{
_id = cryptoProvider.DefaultHashMethod;
_salt = cryptoProvider.GenerateSalt();
_hash = Array.Empty <Byte>();
}
