c# - Not getting user with correct credentials with asp.net identity and owin -

-

i doing custom authentication in mvc using asp.net identity , owin framework unfortunately not getting user correct credentials below method:

 var user = usermanager.find(email, hashednewpassword);

i have stored email , password below in database table:

id      emailadress      password 1       abc@yahoo.com    123456

right doing later on hash password , store in table.this testing microsoft owin framework.

but not getting user credentials:

emaild id:abc@yahoo.com   password:123456.

this code:

controller:

[authorize]         public class authenticationcontroller : controller         {             public authenticationcontroller()                 : this(new usermanager<usermodel>(new userstore(new myentities())))             {             }              public authenticationcontroller(usermanager<usermodel> usermanager)             {                 usermanager = usermanager;             }              public usermanager<usermodel> usermanager { get; private set; }                [httppost]             [allowanonymous]             [validateantiforgerytoken]             public async task<actionresult> login(string email, string password, string returnurl)             {                 if (modelstate.isvalid)                 {                     var user = usermanager.find(email, password); //getting null here                 }             }         }  usermodel:    public class usermodel : iuser     {         public string id { get; private set; }         public string username { { return email; } set { email = value; } }         public string firstname { get; set; }         public string lastname { get; set; }         public string email { get; set; }           public usermodel(string email, string firstname, string lastname)         {             email = email;             firstname = firstname;             lastname = lastname;         }          public usermodel(users dbuser)         {             if (dbuser == null)                 return;              id = dbuser.id.tostring();             email = dbuser.emailaddress;              firstname = dbuser.firstname;             lastname = dbuser.lastname;         }     }         public class userstore : iuserstore<usermodel>, iuserpasswordstore<usermodel>         {             public task<usermodel> findbynameasync(string username)             {                 return task.factory.startnew(() =>                 {                     httpcontext.current = _httpcontext ?? httpcontext.current;                     var dbuser = getdbuser(username);                     if (dbuser == null)                         return null;                     return new usermodel(dbuser);                 });             }                 private users getdbuser(string username)             {                 using (var db = new myentities())                 {                     return db.users.firstordefault(u => u.emailaddress.equals(username, stringcomparison.ordinalignorecase));                 }             }               public task<string> getpasswordhashasync(usermodel user)             {                 return task.factory.startnew(() =>                 {                     httpcontext.current = _httpcontext ?? httpcontext.current;                     var userobj = getdbuser(user);                      int len = userobj.password.length % 4;                     //solved error below code :invalid length base-64 char array                     if (len > 0) userobj.password = userobj.password.padright(userobj.password.length + (4 - len), '=');                     return userobj.password;  //sometimes progam gets stuck here on debugging                 });             }               private users getdbuser(usermodel user)             {                 if (user.id == null)                     return null;                 return getdbuser(convert.toint32(user.id));             }              private users getdbuser(int userid)             {                 using (var db = new myentities())                 {                     return db.users.firstordefault(u => u.id == userid);                 }             }         }

can please me recognize problem???

if understand correctly, you're storing password plain text in database? if that's case, that's problem. can't choose hash later; identity needs hashed in order match password. how authentication works:

  1. user submits username , password
  2. identity hashes submitted password
  3. identity looks user matching submitted username , compares password on record hashed submitted password. if matches, user signed in.

so, when identity compares hashed version of 123456 plain-text 123456, never match. in order match, password saved in db must hashed well.


Comments

Post a Comment

Popular posts from this blog

sql - invalid in the select list because it is not contained in either an aggregate function -

-
i can't figure out rewrite sql statement avoid error below msg 8120, level 16, state 1, line 26 column 'staffmember.staffmemberid' invalid in select list because not contained in either aggregate function or group clause. sql statment select (select [dbo].[udf_readstaffmemberbasic](sm.staffmemberid) xml path ('staffmembersummary'), root ('items'), type ), count(sm.staffmemberid) totalresults, ceiling(cast(count(sm.staffmemberid) decimal)/ @pagesize) totalpages staffmember sm inner join staffmembertoadditionalrole ar on sm.staffmemberid = ar.staffmemberid (sm.firstname '%' + @name + '%' or sm.surname '%' + @name + '%') , (@floorid null or sm.floorid = @floorid) , (@directorateid null or sm.directorateid = @directorateid) , (@additionalroleid null or ar.additionalroleid = @additionalroleid) order sm.staffmemberid offset @page * @pagesize rows fe...
Read more

Angularjs unit testing - ng-disabled not working when adding text to textarea -

-
i trying test angularjs component using karma, mocha, power-assert. have textarea , button in component, button disabled based on length of text in textarea. when run component in browser works perfectly. can't figure out how test functionality. here's bit of code. inquiryform.js function inquiryform($scope) { // plan add logic here } angular.module('myapp').component('inquiryform', { controller: inquiryform, controlleras: 'inquiryform', templateurl: 'inquiryform.html' }); inquiryform.html <div class="contact"> <div>thanks contacting us.</div> <form> <textarea ng-model="inquiryform.inquirytext" name=""></textarea> <input type="submit" value="send" ng-disabled="!inquiryform.inquirytext.length"> </form> </div> inquiryformtest.js describe('inquiry form ', () => { let $r...
Read more

How to start daemon on android by adb -

-
can me please, head swollen... i trying run daemon on android emu/device command: adb -s <device_name> shell su -c /dir/daemon <port_number> but nothink happens, , no errors! if do: adb -s <device> shell and form shell cmdline: su -c /dir/daemon <port_number> than work fine. try use shell-script , run: adb -s <device_name> shell sh su -c /dir/script.sh <port_number> and try generate script qt code port number , use: adb -s <device_name> shell sh su -c /dir/script.sh but not helped... problem if enter adb shell previous run daemon - work. problem on different device/emu/iso_image different command format not work. example: adb -s <device_name> shell su -c /dir/daemon <port_number> // work @ emu, not @ iso and vice: adb -s <device_name> shell su -c "/dir/daemon <port_number>" // work @ iso etc. everybody can answer what's matter? sorry english adb shell su -c ...
Read more