C#•5mo ago

✅ Hashing password - ASP.NET Core Identity PasswordHasher

Hi guys, I'm trying to use ASP.NET Core Identity PasswordHasher. I followed this documentation : https://andrewlock.net/exploring-the-asp-net-core-identity-passwordhasher/ but I have errors of conversion (string to User). First, what's the best way to hash password ? Then, what documentation should your recommend to learn to use it ? Thank you!

Andrew Lock | .NET Escapades

Exploring the ASP.NET Core Identity PasswordHasher

In this post I take a look at the PasswordHasher<> implementation from the ASP.NET Core Identity framework, and how it supports multiple hashing algorithms.

11 Replies

Angius•5mo ago

What's the code and what are the errors?

Unknown User•5mo ago

Message Not Public

konstantine•5mo ago

Thank's, but I don't find any clear and complete ressource on Identity and hashing password, i'ts directly Microsoft that gives the link of Andrew Lock's doc. Do you know any ?

Unknown User•5mo ago

Message Not Public

konstantine•5mo ago

I work with the 8.0 version, is taht ok ? Thank you 🙂

Unknown User•5mo ago

Message Not Public

konstantine•5mo ago

Thank you 🙂 I often can't find what I want with Microsoft's documentation... Like, here, I have some infos about Identity methods but no examples for how I have to use them. Do I have to use

public virtual string HashPassword (TUser user, string password);

public virtual string HashPassword (TUser user, string password);

directly in my model ? Or in the controller ? I'm lost ^^ I tried to use this code https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/PasswordHasher.cs And I have errors : -"no definition in Resources for InvalidPasswordHasherIterationCount", -"no definition in Resources for InvalidPasswordHasherCompatibilityMode"...

Unknown User•5mo ago

Message Not Public

konstantine•5mo ago

Hi @TeBeCo , I still have trouble using Identity, if you want to take a look... Here my post request :

[Route("api/[controller]")]
[ApiController]
public class UsersController(DbNetflimContext context, PasswordHasher<User> passwordHasher) : ControllerBase
{
    private readonly DbNetflimContext _context = context;
    private readonly PasswordHasher<User> _passwordHasher;
[...]

[HttpPost]
public async Task<ActionResult<User>> PostUser(User user)
{ 

    Console.WriteLine($"Mot de passe avant hachage : {user.PasswordUser}");

    user.PasswordUser = _passwordHasher.HashPassword(user, user.PasswordUser);

    Console.WriteLine($"Mot de passe après hachage : {user.PasswordUser}");

    _context.Users.Add(user);
    string jsonString = JsonSerializer.Serialize(user);
    _context.Users.Add(user);
    try
    {
        await _context.SaveChangesAsync();
    }
    catch (DbUpdateException)
    {
        if (UserExists(user.UserId))
        {
            return Conflict();
        }
        else
        {
            throw;
        }
    }

    return CreatedAtAction("GetUser", new { id = user.UserId }, user);
}

[Route("api/[controller]")]
[ApiController]
public class UsersController(DbNetflimContext context, PasswordHasher<User> passwordHasher) : ControllerBase
{
    private readonly DbNetflimContext _context = context;
    private readonly PasswordHasher<User> _passwordHasher;
[...]

[HttpPost]
public async Task<ActionResult<User>> PostUser(User user)
{ 

    Console.WriteLine($"Mot de passe avant hachage : {user.PasswordUser}");

    user.PasswordUser = _passwordHasher.HashPassword(user, user.PasswordUser);

    Console.WriteLine($"Mot de passe après hachage : {user.PasswordUser}");

    _context.Users.Add(user);
    string jsonString = JsonSerializer.Serialize(user);
    _context.Users.Add(user);
    try
    {
        await _context.SaveChangesAsync();
    }
    catch (DbUpdateException)
    {
        if (UserExists(user.UserId))
        {
            return Conflict();
        }
        else
        {
            throw;
        }
    }

    return CreatedAtAction("GetUser", new { id = user.UserId }, user);
}

I have 500 error from the frontend, I never enter the post request. And I have this issue:

System.InvalidOperationException: Unable to resolve service for type 'Microsoft.AspNetCore.Identity.PasswordHasher`1[ToDoAPI.Models.User]' while attempting to activate 'ToDoAPI.Controllers.UsersController'.

System.InvalidOperationException: Unable to resolve service for type 'Microsoft.AspNetCore.Identity.PasswordHasher`1[ToDoAPI.Models.User]' while attempting to activate 'ToDoAPI.Controllers.UsersController'.

I can't implement correctly the dependance in the Program.cs Here my implementation on the Program.cs :

builder.Services.AddDefaultIdentity<User>().AddUserStore<DbNetflimContext>();

builder.Services.AddDefaultIdentity<User>().AddUserStore<DbNetflimContext>();

I installed 2 more NuGets : Microsoft.AspNetCore.Identity.EntityFrameworkCore and Microsoft.AspNetCore.Identity.UI

Unknown User•5mo ago

Message Not Public

konstantine•5mo ago

Thank you !! I don't get how to use Identity reading the code source of it, I'm a begginer, and C# is hard without the proper documentation 😢 I don't want to use it manually. I'm trying to use the whole framework, but I'm having a hard time! Here what I'm trying to do. I would like to hash the passwords of my users, when users create an account. And then to use it for the authentication part of the application. I'm considering working with BCrypt instead of Identity

Gaming

Programming

✅ Hashing password - ASP.NET Core Identity PasswordHasher