i'm trying switch .net identity old custom membership provider in existing mvc application, , maintain dapper orm, not entityframework comes out of box.
i'm stuck @ trying implement own ipasswordhasher, need existing credentials work. in hashpassword want return sha-computed hash of cleartext input combined user-specific salt, method receives clear text value, , no reference user login attempted.
where can salt? or going @ in wrong way?
i had pretty same thing migration. , recommended migration article provides solution problem.
you need merge old password hash salt 1 password field, separated special symbol (in article |, can choose own separator).
and passwordhasher should check password special symbol, , if present separate salt password , apply hashing.
here code snippet linked above article, though i've removed noise checking of plain-text password storage. presumes hash stored in format sh1hash|salt
public class sqlpasswordhasher : passwordhasher { public override string hashpassword(string password) { return base.hashpassword(password); } public override passwordverificationresult verifyhashedpassword(string hashedpassword, string providedpassword) { string[] passwordproperties = hashedpassword.split('|'); if (passwordproperties.length != 2) { // use default identity implementation return base.verifyhashedpassword(hashedpassword, providedpassword); } else { string passwordhash = passwordproperties[0]; string salt = passwordproperties[1]; if (string.equals(encryptpassword(providedpassword, salt), passwordhash, stringcomparison.currentcultureignorecase)) { return passwordverificationresult.successrehashneeded; } else { return passwordverificationresult.failed; } } } //this copied existing sql provider private string encryptpassword(string pass, string salt) { byte[] bin = encoding.unicode.getbytes(pass); byte[] bsalt = convert.frombase64string(salt); byte[] bret = null; hashalgorithm hm = hashalgorithm.create("sha1"); if (hm keyedhashalgorithm) { keyedhashalgorithm kha = (keyedhashalgorithm)hm; if (kha.key.length == bsalt.length) { kha.key = bsalt; } else if (kha.key.length < bsalt.length) { byte[] bkey = new byte[kha.key.length]; buffer.blockcopy(bsalt, 0, bkey, 0, bkey.length); kha.key = bkey; } else { byte[] bkey = new byte[kha.key.length]; (int iter = 0; iter < bkey.length; ) { int len = math.min(bsalt.length, bkey.length - iter); buffer.blockcopy(bsalt, 0, bkey, iter, len); iter += len; } kha.key = bkey; } bret = kha.computehash(bin); } else { byte[] ball = new byte[bsalt.length + bin.length]; buffer.blockcopy(bsalt, 0, ball, 0, bsalt.length); buffer.blockcopy(bin, 0, ball, bsalt.length, bin.length); bret = hm.computehash(ball); } return convert.tobase64string(bret); } } 
Comments
Post a Comment