45 lines
1.3 KiB
C#
45 lines
1.3 KiB
C#
using Microsoft.AspNetCore.Cryptography.KeyDerivation;
|
|
using System.Security.Cryptography;
|
|
|
|
namespace OnProfNext.Server.Services
|
|
{
|
|
public static class PasswordHasher
|
|
{
|
|
public static string HashPassword(string password)
|
|
{
|
|
byte[] salt = RandomNumberGenerator.GetBytes(16);
|
|
|
|
byte[] hash = KeyDerivation.Pbkdf2(
|
|
password: password,
|
|
salt: salt,
|
|
prf: KeyDerivationPrf.HMACSHA256,
|
|
iterationCount: 100000,
|
|
numBytesRequested: 32);
|
|
|
|
return $"{Convert.ToBase64String(salt)}:{Convert.ToBase64String(hash)}";
|
|
}
|
|
|
|
public static bool VerifyPassword(string password, string storedHash)
|
|
{
|
|
var parts = storedHash.Split(':');
|
|
|
|
if (parts.Length != 2)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
var salt = Convert.FromBase64String(parts[0]);
|
|
var stored = Convert.FromBase64String(parts[1]);
|
|
|
|
var hash = KeyDerivation.Pbkdf2(
|
|
password: password,
|
|
salt: salt,
|
|
prf: KeyDerivationPrf.HMACSHA256,
|
|
iterationCount: 100000,
|
|
numBytesRequested: 32);
|
|
|
|
return hash.SequenceEqual(stored);
|
|
}
|
|
}
|
|
}
|