/// <summary>
/// Hashes the password.
/// </summary>
/// <param name="userData">The user data.</param>
/// <param name="password">The password.</param>
/// <param name="passwordConfirm">The password confirm.</param>
private static void HashPassword(UserData userData, string password, string passwordConfirm)
{
// TODO: Enforce password policy
// throw new ApplicationException("Password does not meet strength requirements or do not match so hash could not be generated");
userData.PasswordSalt = GenerateSalt();
userData.PasswordHash = HashPasswordWithSalt(password, userData.PasswordSalt);
}
private bool ConfirmPassword(UserData userData, string password)
{
if (userData.PasswordHash == null || userData.PasswordHash.Length == 0) return true;
return userData.PasswordHash.SequenceEqual(HashPasswordWithSalt(password, userData.PasswordSalt));
}
