I am trying to figure out how to use the VerifyHashedPassword method, and this is what I got so far. How am I supposed to know whether the password has been verified or not?
public bool VerifyPassword(string pass)
{
PasswordHasher passwordHasher = new PasswordHasher();
HDA = new HWCDA();
HWCE = new HWCEntities();
string userPass = HWCE.AspNetUsers.Where(w => w.UserID == 1).Select(s => s.PasswordHash).FirstOrDefault().ToString();
bool result = false;
passwordHasher.VerifyHashedPassword(userPass, pass);
return false;
}
The VerifyHashedPassword method returns a PasswordVerificationResult, which is an enum with possible values of Failed, Success, or SuccessRehashNeeded. You're not evaluating the result of the method at all. What you want is something more like:
var result = passwordHasher.VerifyHashedPassword(userPass, pass);
return result == PasswordVerificationResult.Success;
You can check the MSDN docs.