Home/ Questions/Q 6995933
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T20:05:35+00:00

Is there a Membership.ValidateUser alternative that only checks username password combo? In other words,

  • 0

Is there a Membership.ValidateUser alternative that only checks username password combo? In other words, is there a way I can tell that the username and password are correct but the user is not valid? It may come handy when implementing confirmation email for registrations.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes,

    simply do a lookup in the user datastore.

    eg.

    public static string IsUserValid(string username, string password)
{
    if(!String.IsNullOrEmpty(username) && !String.IsNullOrEmpty(password))
    {

         var allIsGood = true;
         // query user datastore for username and password
         // change allIsGood to true or false based on result

         return allIsGood;
    }

    return false;
}

    EDIT:

    for the encrypted password I use and MD5 Hash. so this helper class might be helpful

    #region Usings

using System.Security.Cryptography;
using System.Text;

#endregion

namespace Shared.Tools
{
public static class Crypto
{
    public static string CalculateMd5Hash(string input)
    {
        // step 1, calculate MD5 hash from input
        var md5 = System.Security.Cryptography.MD5.Create();
        var inputBytes = Encoding.ASCII.GetBytes(input);
        var hash = md5.ComputeHash(inputBytes);

        // step 2, convert byte array to hex string
        var sb = new StringBuilder();
        for (var i = 0; i < hash.Length; i++)
        {
            sb.Append(hash[i].ToString("x2"));
        }
        return sb.ToString();
    }

    public static string GetHashValue(this MD5 hash, string value)
    {
        return GetHashValue(hash, Encoding.UTF8.GetBytes(value));
    }

    public static string GetHashValue(this MD5 hash, byte[] value)
    {
        var data = hash.ComputeHash(value);
        var md5 = "";
        for (var i = 0; i < data.Length; i++)
        {
            md5 += data[i].ToString("x2").ToLowerInvariant();
        }

        return md5;
    }

    public static string MD5(this string value)
    {
        var algorithm =
            System.Security.Cryptography.MD5.Create();

        var data = Encoding.ASCII.GetBytes(value);
        data = algorithm.ComputeHash(data);
        var md5 = "";
        for (var i = 0; i < data.Length; i++)
        {
            md5 += data[i].ToString("x2").ToLower();
        }

        return md5;
    }
}
}

    and you might do something like this for your test method

    public static string IsUserValid(string username, string password)
{
    // using Linq to Entities/Sql
    return  YourDataContext
            .Users
            .Where(u => u.UserName == username
                     && u.Password == password.MD5)
            .FirstOrDefault() != null;
}

    I haven’t compiled or tested this but it should give you the gist of what you are after.

    • 0