| public static Hash ( string password, int iterations = 100000 ) : string | ||
| password | string | |
| iterations | int | |
| return | string | |
public static string Hash(string password, int iterations = 100000)
{
if (password == null) throw new ArgumentNullException("password");
byte[] salt;
byte[] bytes;
using (var algo = new Rfc2898DeriveBytes(password, SaltSize, iterations))
{
salt = algo.Salt;
bytes = algo.GetBytes(Pbkdf2SubkeyLength);
}
var iters = BitConverter.GetBytes(iterations);
if (!BitConverter.IsLittleEndian)
Array.Reverse(iters);
var parts = new byte[54];
Buffer.BlockCopy(salt, 0, parts, 1, SaltSize);
Buffer.BlockCopy(bytes, 0, parts, 17, Pbkdf2SubkeyLength);
Buffer.BlockCopy(iters, 0, parts, 50, sizeof(int));
return Convert.ToBase64String(parts);
}
public ActionResult Start(StartRegistrationModel startRegistrationModel)
{
if (_repository.GetAll <User>().Any(x => x.Username == startRegistrationModel.Username))
{
ModelState.AddModelError("Username", "Username is already in use");
}
if (_repository.GetAll <User>().Any(x => x.EmailAddress == startRegistrationModel.EmailAddress))
{
ModelState.AddModelError("EmailAddress", "Email address is already in use");
}
if (ModelState.IsValid)
{
var verificationCode = Cryptography.RandomString(12);
var user = new Registration
{
Id = Guid.NewGuid(),
Username = startRegistrationModel.Username,
EmailAddress = startRegistrationModel.EmailAddress,
Password = Cryptography.Hash(startRegistrationModel.Password),
Expires = DateTime.UtcNow.AddDays(3),
VerificationCode = Cryptography.Hash(verificationCode)
};
var registrationConfirmation = new RegistrationConfirmation
{
Username = startRegistrationModel.Username,
EmailAddress = startRegistrationModel.EmailAddress,
VerificationCode = verificationCode
};
_confirmationEmailer.Send(registrationConfirmation);
_repository.SaveOrUpdate(user);
return(RedirectToAction(
"Complete", "Registration", new { startRegistrationModel.Username, startRegistrationModel.EmailAddress }));
}
return(View(startRegistrationModel));
}
