Hash passwords using crypto and then save to database
Question
Currently i have this code
// POST: users/Create
// To protect from overposting attacks, please enable the specific properties you want to bind to, for
// more details see http://go.microsoft.com/fwlink/?LinkId=317598.
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Create([Bind(Include = "id,naam,wachtwoord,email,isadmin")] user user)
{
user.wachtwoord = Crypto.HashPassword(user.wachtwoord);
if (ModelState.IsValid)
{
db.users.Add(user);
db.SaveChanges();
return RedirectToAction("Index");
}
return View(user);
}
now it breaks if i use the user.wachtwoord=crypto.hashpassword
now my question is in this case whats the proper way to save a user password trough the httppost method and also how can i later unhash the password on a login controller?
Greetings
2 answers
solution1
1 ACCPTED 2015-09-16 14:23:44
IF you want to implement a custom solution, one could be: using a one way hashing algorithm with a salt and storing that value in a users table as the user password. You wouldn't be "unhashing" the password on the login controller, you would hash the password that the user has provided in the login controller with the salt and you would compare with the one in the DB (or the repository where you saved the user credentials).
solution2
0 2015-09-16 17:49:21
Why don't you consider ASP.NET Identity? There you get this out of the box.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.