Validate username and password without authenticating the user

Question

Validate username and password without authenticating the user

2.8k views Asked by ilter At 09 June 2015 at 19:05

Using Asp.Net Identity 2.x with WebApi 2.x (both latest), is it possible to just validate a given username and password in order to know if the provided information is valid, without actually authenticating the user?

I am working on a partial login in our identity service and it's essential that I don't authenticate the user till the approval of EULA licanse agreement after providing the valid credentials. That is where I'am struggling...

Sorry for not providing any code, I hope the problem is obvious :)

Original Q&A

There are 1 answers

**LeftyX** · Accepted Answer · 2015-06-10 10:51:45

If you have created/defined a UserManager (see here) in your project you can try to find your user by his/her username and, if found, call VerifyHashedPassword method using the PasswordHasher member.

string userName = "my-user-name";
string password = "my-password";

var user = await ApplicationUserManager.FindByNameAsync(userName);
if (user != null)
{
    PasswordVerificationResult result = ApplicationUserManager.PasswordHasher.VerifyHashedPassword(user.PasswordHash, password);
}

It returns a PasswordVerificationResult: Failed, Success, SuccessRehashNeeded.

NOTES:

ApplicationUserManager is my implementation of UserManager.

TechQA.

Validate username and password without authenticating the user

There are 1 answers

Related Questions in ASP.NET-WEB-API

Related Questions in ASP.NET-IDENTITY-2

Popular Questions

Popular Tags

Trending Questions