Class UmbracoPasswordHasher<TUser>
Provides password hashing and verification functionality for Umbraco users. This generic class implements the Microsoft.AspNetCore.Identity.IPasswordHasher<TUser> interface for user types in Umbraco.
Inheritance
Namespace: Umbraco.Cms.Core.Security
Assembly: Umbraco.Infrastructure.dll
Syntax
public class UmbracoPasswordHasher<TUser> : PasswordHasher<TUser> where TUser : UmbracoIdentityUserType Parameters
| Name | Description |
|---|---|
| TUser |
Constructors
View SourceUmbracoPasswordHasher(LegacyPasswordSecurity, IJsonSerializer)
Initializes a new instance of the UmbracoPasswordHasher<TUser> class.
Declaration
public UmbracoPasswordHasher(LegacyPasswordSecurity legacyPasswordSecurity, IJsonSerializer jsonSerializer)Parameters
| Type | Name | Description |
|---|---|---|
| LegacyPasswordSecurity | legacyPasswordSecurity | An instance of LegacyPasswordSecurity used for legacy password operations. |
| IJsonSerializer | jsonSerializer | An instance of IJsonSerializer used for serializing password data. |
Properties
View SourceLegacyPasswordSecurity
Gets the implementation used for legacy password security operations.
Declaration
public LegacyPasswordSecurity LegacyPasswordSecurity { get; }Property Value
| Type | Description |
|---|---|
| LegacyPasswordSecurity |
Methods
View SourceHashPassword(TUser, string)
Hashes the provided plain text password for the specified user using the current password hashing algorithm.
Declaration
public override string HashPassword(TUser user, string password)Parameters
| Type | Name | Description |
|---|---|---|
| TUser | user | The user for whom the password is being hashed. |
| string | password | The plain text password to hash. |
Returns
| Type | Description |
|---|---|
| string | A hashed representation of the password. |
VerifyHashedPassword(TUser, string, string)
Verifies a user's hashed password
Declaration
public override PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword, string providedPassword)Parameters
| Type | Name | Description |
|---|---|---|
| TUser | user | The user whose password is being verified. |
| string | hashedPassword | The stored hashed password. |
| string | providedPassword | The plain-text password to verify. |
Returns
| Type | Description |
|---|---|
| PasswordVerificationResult | The verification result indicating whether the password matches. |
Remarks
This will check the user's current hashed password format stored with their user row and use that to verify the hash. This could be any hashes from the very old v4, to the older v6-v8, to the older aspnet identity and finally to the most recent