public static bool Authenticate (string name, string password)
{
if (name == null || password == null)
return false;
Initialize ();
HttpContext context = HttpContext.Current;
if (context == null)
throw new HttpException ("Context is null!");
name = name.ToLower (Helpers.InvariantCulture);
AuthenticationSection section = (AuthenticationSection) WebConfigurationManager.GetSection (authConfigPath);
FormsAuthenticationCredentials config = section.Forms.Credentials;
FormsAuthenticationUser user = config.Users[name];
string stored = null;
if (user != null)
stored = user.Password;
if (stored == null)
return false;
bool caseInsensitive = true;
switch (config.PasswordFormat) {
case FormsAuthPasswordFormat.Clear:
caseInsensitive = false;
/* Do nothing */
break;
case FormsAuthPasswordFormat.MD5:
password = HashPasswordForStoringInConfigFile (password, FormsAuthPasswordFormat.MD5);
break;
case FormsAuthPasswordFormat.SHA1:
password = HashPasswordForStoringInConfigFile (password, FormsAuthPasswordFormat.SHA1);
break;
}
return String.Compare (password, stored, caseInsensitive ? StringComparison.OrdinalIgnoreCase : StringComparison.Ordinal) == 0;
}