Added a way to login and register and a tools project

2019-05-06 13:12:35 -04:00
parent 8e4e504fd8
commit a4cf928fe0
15 changed files with 231 additions and 31 deletions
--- a/BrightGlimmer.Tools/PasswordHasher.cs
+++ b/BrightGlimmer.Tools/PasswordHasher.cs
@@ -0,0 +1,53 @@
+using System;
+using System.Security.Cryptography;
+
+namespace BrightGlimmer.Tools
+{
+    public class PasswordHasher
+    {
+        private readonly int SALT_LENGTH = 16;
+        private readonly int PASS_LENGTH = 20;
+        private readonly int ITERATIONS = 10000;
+
+        public bool Verify(string password, string hash)
+        {
+            var storedHash = Convert.FromBase64String(hash);
+
+            var salt = new byte[SALT_LENGTH];
+            Array.Copy(storedHash, 0, salt, 0, SALT_LENGTH);
+
+            var givenHash = GetHash(password, salt);
+
+            return hash == givenHash;
+        }
+
+        public string GetHash(string password, byte[] salt = null)
+        {
+            if (salt == null)
+            {
+                salt = CreateSalt();
+            }
+            var hash = CreateHash(password, salt);
+
+            var completeHash = new byte[SALT_LENGTH + PASS_LENGTH];
+            Array.Copy(salt, 0, completeHash, 0, SALT_LENGTH);
+            Array.Copy(hash, 0, completeHash, SALT_LENGTH, PASS_LENGTH);
+
+            return Convert.ToBase64String(completeHash);
+        }
+
+        private byte[] CreateHash(string password, byte[] salt)
+        {
+            var pbkdf2 = new Rfc2898DeriveBytes(password, salt, ITERATIONS);
+            return pbkdf2.GetBytes(PASS_LENGTH);
+        }
+
+        private byte[] CreateSalt()
+        {
+            var salt = new byte[SALT_LENGTH];
+            new RNGCryptoServiceProvider().GetBytes(salt);
+
+            return salt;
+        }
+    }
+}