46 lines
1.4 KiB
C#
46 lines
1.4 KiB
C#
using System.Security.Cryptography;
|
|
using System.Text;
|
|
using BC = BCrypt.Net.BCrypt;
|
|
using MotoresArgentinosV2.Core.Interfaces;
|
|
|
|
namespace MotoresArgentinosV2.Infrastructure.Services;
|
|
|
|
public class PasswordService : IPasswordService
|
|
{
|
|
public string HashPassword(string password)
|
|
{
|
|
return BC.HashPassword(password);
|
|
}
|
|
|
|
public bool VerifyPassword(string password, string hash, string? salt, bool isLegacy)
|
|
{
|
|
if (isLegacy)
|
|
{
|
|
return VerifyLegacyHash(password, hash, salt);
|
|
}
|
|
|
|
return BC.Verify(password, hash);
|
|
}
|
|
|
|
private bool VerifyLegacyHash(string password, string storedHash, string? salt)
|
|
{
|
|
// Lógica típica de ASP.NET Membership Provider (SHA1)
|
|
// El formato común es Base64(SHA1(Salt + Password))
|
|
if (string.IsNullOrEmpty(salt)) return false;
|
|
|
|
byte[] passwordBytes = Encoding.Unicode.GetBytes(password);
|
|
byte[] saltBytes = Convert.FromBase64String(salt);
|
|
byte[] allBytes = new byte[saltBytes.Length + passwordBytes.Length];
|
|
|
|
Buffer.BlockCopy(saltBytes, 0, allBytes, 0, saltBytes.Length);
|
|
Buffer.BlockCopy(passwordBytes, 0, allBytes, saltBytes.Length, passwordBytes.Length);
|
|
|
|
using (var sha1 = SHA1.Create())
|
|
{
|
|
byte[] hashBytes = sha1.ComputeHash(allBytes);
|
|
string computedHash = Convert.ToBase64String(hashBytes);
|
|
return computedHash == storedHash;
|
|
}
|
|
}
|
|
}
|