No edit summary |
No edit summary |
||
| (2 intermediate revisions by one other user not shown) | |||
| Line 2: | Line 2: | ||
HashPassword(pwd:String):String | HashPassword(pwd:String):String | ||
VerifyHashedPassword(hash:String; pwd:String):Integer | VerifyHashedPassword(hash:String; pwd:String):Integer | ||
SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email. | '''Note for''' '''.Net Core''': SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email. If that is not present, you will see "SysUser: No member named Email" in the Turnkey log. | ||
These methods must have Tagged Value Eco.ExternalLateBound on them. Set any value - we only check its existence. | '''.Net Core''' These methods must have Tagged Value Eco.ExternalLateBound on them. Set any value - we only check its existence. | ||
'''NOTE''': When you run with CodeDress, you should '''leave Body empty''' for ExternalLateBound methods. If it is not empty, this will be executed instead of ExternalOverride. Leaving it empty will force the Codegen to create a stub - but this will be ignored for ExternalLateBound. Mind that you may need to add return statements, etc to the stub to make it compile. Like this: | '''NOTE''': When you run with CodeDress, you should '''leave Body empty''' for ExternalLateBound methods. If it is not empty, this will be executed instead of ExternalOverride. Leaving it empty will force the Codegen to create a stub - but this will be ignored for ExternalLateBound. Mind that you may need to add return statements, etc to the stub to make it compile. Like this: | ||
| Line 17: | Line 17: | ||
[[File:2018-08-02 13h38 18.png|none|thumb|281x281px|x]] | [[File:2018-08-02 13h38 18.png|none|thumb|281x281px|x]] | ||
[[Category:Security]] | [[Category:Security]] | ||
{{Edited|July|12|2024}} | |||
Latest revision as of 11:09, 29 May 2024
In order to Hash and Validate Turnkey passwords, add two ExternalLateBound methods to SysUser.
HashPassword(pwd:String):String VerifyHashedPassword(hash:String; pwd:String):Integer
Note for .Net Core: SysUser must also have an attribute Email:string(?) in .net core since the underlying pwd salt uses the email. If that is not present, you will see "SysUser: No member named Email" in the Turnkey log.
.Net Core These methods must have Tagged Value Eco.ExternalLateBound on them. Set any value - we only check its existence.
NOTE: When you run with CodeDress, you should leave Body empty for ExternalLateBound methods. If it is not empty, this will be executed instead of ExternalOverride. Leaving it empty will force the Codegen to create a stub - but this will be ignored for ExternalLateBound. Mind that you may need to add return statements, etc to the stub to make it compile. Like this:
public string HashPassword(string pwd)
{
return "";
}
The VerifyHashedPassword returns an integer that is defined as:
Failed = 0, Success = 1, SuccessRehashNeeded = 2
