public String HashPassword(String password) { var combinedPassword =

1. public String HashPassword(String password)
2. {
3. var combinedPassword = String.Concat(password);
4. var sha256 = new SHA256Managed();
5. var bytes = UTF8Encoding.UTF8.GetBytes(combinedPassword);
6. var hash = sha256.ComputeHash(bytes);
7. return Convert.ToBase64String(hash);
8. }
9.  
10. public void AddUserAccount(UserSignUpView user)
11. {
12.  
13. using (DemoDBEntities db = new DemoDBEntities())
14. {
15.  
16. SYSUser SU = new SYSUser();
17. SU.PasswordEncryptedText = HashPassword(user.Password);
18. SU.LoginName = user.LoginName;
19.  
20. SU.RowCreatedSYSUserID = user.SYSUserID > 0 ?
21.  
22. user.SYSUserID : 1;
23. SU.RowModifiedSYSUserID = user.SYSUserID > 0 ?
24.  
25. user.SYSUserID : 1; ;
26. SU.RowCreatedDateTime = DateTime.Now;
27. SU.RowMOdifiedDateTime = DateTime.Now;
28.  
29.  
30.  
31. db.SYSUsers.Add(SU);
32. db.SaveChanges();
33.  
34. public Boolean ValidatePassword(String enteredPassword, String storedHash)
35. {
36. var hasher = HashPassword(enteredPassword);
37. return String.Equals(storedHash, hasher);
38. }
39. public string GetUserPassword(string enteredPassword)
40. {
41. using (DemoDBEntities db = new DemoDBEntities())
42. {
43. var hash = HashPassword(enteredPassword);
44. var user = db.SYSUsers.Where(o =>
45. o.PasswordEncryptedText.Equals(enteredPassword));
46. if (user.Any())
47. return user.FirstOrDefault().PasswordEncryptedText;
48. else
49. return string.Empty;
50. }
51. }
52.  
53. public ActionResult LogIn(UserLoginView ULV, string returnUrl)
54.  
55. {
56. if (ModelState.IsValid)
57. {
58.  
59. UserManager UM = new UserManager();
60. string password = UM.GetUserName(ULV.LoginName);
61. string hash = UM.GetUserPassword(ULV.Password);
62. //var password = ComputeHash(password, new SHA256CryptoServiceProvider());
63.  
64.  
65.  
66. if (string.IsNullOrEmpty(hash))
67. ModelState.AddModelError("", "The user login or password provided is incorrect.");
68. else {
69. if (ULV.Password.Equals(hash)&&(ULV.LoginName.Equals(password)))
70. {
71. FormsAuthentication.SetAuthCookie(ULV.LoginName, false);
72. return RedirectToAction("Welcome", "Home");
73. }
74. else {
75. ModelState.AddModelError("", "The password provided is incorrect.");
76. }
77. }
78. }