public bool IsValidUsernameAndPassword(string userName, string password)
{
using (SqlConnection connection = new SqlConnection(connectionString))
{
connection.Open();
using (var command = connection.CreateCommand())
{
command.CommandText = $"SELECT Password, PasswordSalt FROM Players WHERE NickName = '{userName}'";
using (var reader = command.ExecuteReader())
{
if (reader.Read())
{
var crypto = new SimpleCrypto.PBKDF2();
var salt = reader.GetString(reader.GetOrdinal("PasswordSalt"));
var hash = reader.GetString(reader.GetOrdinal("Password"));
var hashedPassword = crypto.Compute(password, salt);
return(crypto.Compare(hash, hashedPassword));
}
return(false);
}
}
}
}
public async Task <User> CheckCredentials(string loginOrEmail, string password)
{
var user = await GetUserbyLoginOrEmail(loginOrEmail);
if (user != null)
{
var encPass = crypto.Compute(password, user.PasswordSalt);
if (crypto.Compare(encPass, user.PasswordHash))
{
return(user);
}
}
return(null);
}
public bool ValidatePassword()
{
if (String.IsNullOrWhiteSpace(this.Password))
{
return(false);
}
var path = HttpContext.Current.Server.MapPath("~/App_Data/Security.txt");
var f = File.ReadAllLines(path);
var salt = f[0];
var actualHash = f[1];
var crypto = new SimpleCrypto.PBKDF2();
var candidateHash = crypto.Compute(this.Password, salt);
return(crypto.Compare(actualHash, candidateHash));
}
public bool compareUsrPassword(string userpwd, string inputpassword)
{
var crypto = new SimpleCrypto.PBKDF2();
return(crypto.Compare(userpwd, inputpassword));
}