0

I am trying to validate a user against table aspnet_Membership that is created by asp.net MVC 5 entity framework . As most of you know it has hash password.

I think I found a link for C# ASP.NET Identity default Password Hasher, how does it work and is it secure?

Any idea how to validate from Delphi? Thanks.

Community
  • 1
  • 1
ary
  • 939
  • 2
  • 13
  • 32
  • I would not try to do this directly from data access layer. instead I would add a C# WebApi Server method custom built by you, to invoke the official code. You can't predict what changes will hit the C# Membership logic in the future. It's a bad idea to deploy something that will be guaranteed to change in future. Asp.Net authentication services are evolving rapidly. – Warren P Jul 22 '15 at 13:23

2 Answers2

1

Finally I was able to get this done with help from my colleague and this link courtesy Malcolm Swaine at http://www.codeproject.com/Articles/32600/Manually-validating-an-ASP-NET-user-account-with-a

Here is the final code that should do the trick.

uses  DECHash,Data.Cloud.CloudAPI;
...
..
function GetHash_ASPNetMemberShip(const Password, Salt:string):string;
var
  bPassword ,bSalt ,bSaltPassword: TBytes;
begin
   bPassword:= TEncoding.Unicode.GetBytes(Password)  ;
   bSalt:= DecodeBytes64(Salt);
   SetLength(bSaltPassword, length(bPassword)+length(bSalt));
   Move(bSalt[0],bSaltPassword[0],length(bSalt));
  Move(bPassword[0],bSaltPassword[length(bSalt)],length(bPassword));
  Result := THash_SHA1.CalcBuffer(bSaltPassword[0],  Length(bSaltPassword), TFormat_MIME64);
end;
ary
  • 939
  • 2
  • 13
  • 32
-1

I use Delphi XE8. Trying this example got error: [dcc32 Fatal Error] Unit1.pas(7): F2613 Unit 'DECHash' not found. Where I can find this unit? Google has't know nothing about it.

Anna
  • 1