Exemplo n.º 1
0
        public bool IsPasswordValid(string userId, string password)
        {
            // Get user entry from storage.
            var userPasswordInfo = _passwordRepository.GetUserInfo(userId);

            // has the password expired?
            if (_passwordExpiryService.HasPasswordExpired(userPasswordInfo.Expiry))
            {
                return(false);
            }

            // need a crypto class to handle different types of algorithms.
            var newHash  = _cryptoService.HashPassword(password, userPasswordInfo.HashSalt);
            var areEqual = newHash.HashedPassword.Equals(userPasswordInfo.HashedPassword);

            return(areEqual);
        }