| public static Verify ( string hashedPassword, string password ) : bool | ||
| hashedPassword | string | |
| password | string | |
| Результат | bool | |
public static bool Verify(string hashedPassword, string password)
{
if (hashedPassword == null) throw new ArgumentNullException("hashedPassword");
if (password == null) throw new ArgumentNullException("password");
var parts = Convert.FromBase64String(hashedPassword);
if (parts.Length != 54 || parts[0] != 0)
return false;
var salt = new byte[SaltSize];
Buffer.BlockCopy(parts, 1, salt, 0, SaltSize);
var bytes = new byte[Pbkdf2SubkeyLength];
Buffer.BlockCopy(parts, 17, bytes, 0, Pbkdf2SubkeyLength);
var iters = new byte[sizeof(int)];
Buffer.BlockCopy(parts, 50, iters, 0, sizeof(int));
if (!BitConverter.IsLittleEndian)
Array.Reverse(iters);
var iterations = BitConverter.ToInt32(iters, 0);
byte[] challengeBytes;
using (var algo = new Rfc2898DeriveBytes(password, salt, iterations))
challengeBytes = algo.GetBytes(32);
return ByteArraysEqual(bytes, challengeBytes);
}
public ActionResult Create(SessionViewModel sessionViewModel)
{
User user = null;
if (ModelState.IsValid)
{
user = _repository.GetAll <User>().SingleOrDefault(x => x.Username == sessionViewModel.Username);
if (user == null)
{
ModelState.AddModelError(string.Empty, errorMessage);
}
}
if (ModelState.IsValid)
{
if (!Cryptography.Verify(user.Password, sessionViewModel.Password))
{
ModelState.AddModelError(string.Empty, errorMessage);
}
}
if (ModelState.IsValid)
{
_authenticator.SetCookie(user.Username);
var returnUrl = sessionViewModel.ReturnUrl;
if (returnUrl != null)
{
Uri returnUri;
if (Uri.TryCreate(returnUrl, UriKind.Relative, out returnUri))
{
return(Redirect(sessionViewModel.ReturnUrl));
}
}
return(RedirectToAction("Index", "Home"));
}
return(View("New", sessionViewModel));
}
