public IUser CreateUser(string username, string password) { var user = new Account() { Name = username, CreateAt = DateTime.UtcNow, UpdateAt = DateTime.UtcNow }; SetPasswordHash(user, password); _repository.Create(user); return user; }
private void SetPasswordHash(Account user, string password) { var saltBytes = new byte[0x10]; using (var random = new RNGCryptoServiceProvider()) { random.GetBytes(saltBytes); } var passwordBytes = Encoding.Unicode.GetBytes(password); var combinedBytes = saltBytes.Concat(passwordBytes).ToArray(); byte[] hashBytes; using (var hashAlgorithm = HashAlgorithm.Create("SHA1")) { hashBytes = hashAlgorithm.ComputeHash(combinedBytes); } user.Password = Convert.ToBase64String(hashBytes); user.PasswordSalt = Convert.ToBase64String(saltBytes); user.PasswordFormat = MembershipPasswordFormat.Hashed; }