Home/ Questions/Q 9047055
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T11:48:30+00:00

I’m using default asp.net mvc 4 membership system. User sends his username and password

  • 0

I’m using default asp.net mvc 4 membership system. User sends his username and password over ASP.NET Web API in plain text.

So I have his plain password, How to compare it with stored hashed password?

Is there a function takes a string and compares it with hashed one?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have to make sure that your web.config is properly setup to use membership. http://msdn.microsoft.com/en-us/library/6e9y4s5t%28v=vs.100%29.aspx

    Also, I make sure to create a MachineKey in your web.config as well. http://msdn.microsoft.com/en-us/library/ff649308.aspx

    The code that you would put in your controller would be similar to:

    [HttpPost]
public ActionResult Login(AuthenticationModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        if (Membership.ValidateUser(model.Username, model.Password)) {
            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

            if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
             && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
    }
}

    With your model being similar to:

        public class AuthenticationModel
    {
        [Required]
        [Display(Name = "Username")]
        public string UserName { get; set; }

        [Required]
        [DataType(DataType.Password)]
        [Display(Name = "Password")]
        public string Password { get; set; }

        [Display(Name = "Remember Me?")]
        public bool RememberMe { get; set; }
    }
    • 0