We'll add a private method below the public methods to create a password hash.
It will take three parameters: one will be passed by value: password, and two will be passed by reference: passwordHash and passwordSalt - this will allow our method to directly alter the values held by the passwordHash and passwordSalt variables.
privatevoidCreatePasswordHash(string password,outbyte[] passwordHash,outbyte[] passwordSalt){using (var hmac =newSystem.Security.Cryptography.HMACSHA512()) // hmac will generate salt key { passwordSalt =hmac.Key; passwordHash =hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)); }}
Implement Register Method
Now that we have a method to create our salted hash, we can implement our register method.
Next, we need another private helper method to check the password a user enters against the hashed password saved to the database in order to implement our Login() method.
This method will work in the opposite direction of our CreatePasswordHash() method.
We'll loop through the computed hash and compare each byte against what's stored in our database. If anything doesn't match, we'll return false - otherwise, we'll return true.