No edit summary |
(Automatically adding template at the end of the page.) |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
In order to Hash and Validate Turnkey passwords | In order to Hash and Validate Turnkey passwords, add two ExternalLateBound methods to SysUser. | ||
HashPassword(pwd:String):String | HashPassword(pwd:String):String | ||
VerifyHashedPassword(hash:String; pwd:String):Integer | VerifyHashedPassword(hash:String; pwd:String):Integer | ||
SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email. | SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email. | ||
These methods must have Tagged Value Eco.ExternalLateBound on them | These methods must have Tagged Value Eco.ExternalLateBound on them. Set any value - we only check its existence. | ||
'''NOTE''': When you run with | '''NOTE''': When you run with CodeDress, you should '''leave Body empty''' for ExternalLateBound methods. If it is not empty, this will be executed instead of ExternalOverride. Leaving it empty will force the Codegen to create a stub - but this will be ignored for ExternalLateBound. Mind that you may need to add return statements, etc to the stub to make it compile. Like this: | ||
public string HashPassword(string pwd) | public string HashPassword(string pwd) | ||
{ | { | ||
Line 16: | Line 16: | ||
SuccessRehashNeeded = 2 | SuccessRehashNeeded = 2 | ||
[[File:2018-08-02 13h38 18.png|none|thumb|281x281px|x]] | [[File:2018-08-02 13h38 18.png|none|thumb|281x281px|x]] | ||
[[Category:Security]] | |||
{{Edited|July|12|2024}} |
Latest revision as of 15:35, 10 February 2024
In order to Hash and Validate Turnkey passwords, add two ExternalLateBound methods to SysUser.
HashPassword(pwd:String):String VerifyHashedPassword(hash:String; pwd:String):Integer
SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email.
These methods must have Tagged Value Eco.ExternalLateBound on them. Set any value - we only check its existence.
NOTE: When you run with CodeDress, you should leave Body empty for ExternalLateBound methods. If it is not empty, this will be executed instead of ExternalOverride. Leaving it empty will force the Codegen to create a stub - but this will be ignored for ExternalLateBound. Mind that you may need to add return statements, etc to the stub to make it compile. Like this:
public string HashPassword(string pwd) { return ""; }
The VerifyHashedPassword returns an integer that is defined as:
Failed = 0, Success = 1, SuccessRehashNeeded = 2