Chris
Reputation: 3129
How to use PasswordHasher's VerifyHashedPassword method?
I am trying to figure out how to use the VerifyHashedPassword method, and this is what I got so far. How am I supposed to know whether the password has been verified or not?
public bool VerifyPassword(string pass)
{
PasswordHasher passwordHasher = new PasswordHasher();
HDA = new HWCDA();
HWCE = new HWCEntities();
string userPass = HWCE.AspNetUsers.Where(w => w.UserID == 1).Select(s => s.PasswordHash).FirstOrDefault().ToString();
bool result = false;
passwordHasher.VerifyHashedPassword(userPass, pass);
return false;
}
Upvotes: 2
Views: 7294
Answers (1)
Matt M
Reputation: 3779
The VerifyHashedPassword method returns a PasswordVerificationResult, which is an enum with possible values of Failed, Success, or SuccessRehashNeeded. You're not evaluating the result of the method at all. What you want is something more like:
var result = passwordHasher.VerifyHashedPassword(userPass, pass);
return result == PasswordVerificationResult.Success;
You can check the MSDN docs.
Upvotes: 7
Related Questions
- Generate a PasswordHash and SecurityStamp
- How to correctly check password hash ASP.NET Core
- Identity - VerifyHashedPassword method does not work well
- ASP.NET Identity 2.0: How to rehash password
- ASP>NET Identity: How to compare a password entered by the user with a hashed password?
- How to compare the hash-password with ordinary one?
- ASP.NET Identity - Verify Password Without Framework
- C# IUserStore implementation GetPasswordHash
- Password hash and verification don't match
- ASP.Net Identity Manual Password Hashing