nishanc/AuthRepository.cs

## AuthRepository.cs
        public async Task<User> Login(string username, string password)
        {
            var user = await _context.Users.FirstOrDefaultAsync(x => x.Username == username); //Get user from database.
            if(user == null)
                return null; // User does not exist.

            if(!VerifyPassword(password, user.PasswordHash,user.PasswordSalt))
                return null;

            return user;
        }

        private bool VerifyPassword(string password, byte[] passwordHash, byte[] passwordSalt)
        {
            using(var hmac = new System.Security.Cryptography.HMACSHA512(passwordSalt)){
                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)); // Create hash using password salt.
                for (int i = 0; i < computedHash.Length; i++){ // Loop through the byte array
                    if(computedHash[i] != passwordHash[i]) return false; // if mismatch
                }
            }
            return true; //if no mismatches.
        }
	public async Task<User> Login(string username, string password)
	{
	var user = await _context.Users.FirstOrDefaultAsync(x => x.Username == username); //Get user from database.
	if(user == null)
	return null; // User does not exist.

	if(!VerifyPassword(password, user.PasswordHash,user.PasswordSalt))
	return null;

	return user;
	}

	private bool VerifyPassword(string password, byte[] passwordHash, byte[] passwordSalt)
	{
	using(var hmac = new System.Security.Cryptography.HMACSHA512(passwordSalt)){
	var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)); // Create hash using password salt.
	for (int i = 0; i < computedHash.Length; i++){ // Loop through the byte array
	if(computedHash[i] != passwordHash[i]) return false; // if mismatch
	}
	}
	return true; //if no mismatches.
	}