SoDOff-Project/sodoff
1
0
Fork 1
mirror of https://github.com/SoDOff-Project/sodoff.git synced 2025-10-11 08:18:49 -07:00
Code Issues Packages Projects Releases Wiki Activity

password rehashing

Browse Source 
asp net identity v3 uses a new hashing algorithm (hmac-sha256)
This commit is contained in:
Spirtix 2025-06-26 18:06:29 +02:00
parent 640d7ba664
commit 3ffced2b60
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Controllers/Common/AuthenticationController.cs
View File

@ -48,11 +48,15 @@ public class AuthenticationController : Controller {
} else { } else {
user = ctx.Users.FirstOrDefault(e => e.Username == data.UserName); user = ctx.Users.FirstOrDefault(e => e.Username == data.UserName);
} }
PasswordVerificationResult result = new PasswordHasher<object>().VerifyHashedPassword(null, user.Password, data.Password);
if (user is null || new PasswordHasher<object>().VerifyHashedPassword(null, user.Password, data.Password) != PasswordVerificationResult.Success) { if (user is null || result == PasswordVerificationResult.Failed) {
return Ok(new ParentLoginInfo { Status = MembershipUserStatus.InvalidPassword }); return Ok(new ParentLoginInfo { Status = MembershipUserStatus.InvalidPassword });
} }
if (result == PasswordVerificationResult.SuccessRehashNeeded) {
user.Password = new PasswordHasher<object>().HashPassword(null, data.Password);
}
// Create session // Create session
Session session = new Session { Session session = new Session {
User = user, User = user,