C
C#4mo ago
clownshark5503

CheckPasswordSignInAsync returns fail when password is correct

 [HttpPost("login")]
 public async Task<IActionResult> Login(LoginDto loginDto)
 {
     if (!ModelState.IsValid)
         return BadRequest(ModelState);
     
     var user = await _userManager.Users.FirstOrDefaultAsync(x => x.Email == loginDto.Email);

     if (user == null)
         return Unauthorized("Invalid Email"); 
    
     var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
    
    
     if (!result.Succeeded)
         return Unauthorized("Email or Password not found/incorrect");

     return Ok(
         new NewUserDto
         {
             UserName = user.UserName,
             Email = user.Email,
             Token = _tokenService.CreateToken(user)
         }); 
 }
 [HttpPost("login")]
 public async Task<IActionResult> Login(LoginDto loginDto)
 {
     if (!ModelState.IsValid)
         return BadRequest(ModelState);
     
     var user = await _userManager.Users.FirstOrDefaultAsync(x => x.Email == loginDto.Email);

     if (user == null)
         return Unauthorized("Invalid Email"); 
    
     var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
    
    
     if (!result.Succeeded)
         return Unauthorized("Email or Password not found/incorrect");

     return Ok(
         new NewUserDto
         {
             UserName = user.UserName,
             Email = user.Email,
             Token = _tokenService.CreateToken(user)
         }); 
 }
When the following line is run: 
var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
result is always Failed. Under the hood CheckPasswordSignInAsync runs CheckPasswordAsync which runs VerifyPasswordAsync which runs 
 return PasswordHasher.VerifyHashedPassword(user, hash, password);
 return PasswordHasher.VerifyHashedPassword(user, hash, password);
I can't view VerifyHashedPassword so I am now stuck. I suspect something is up with user but I have no idea what could be wrong with that either. Has anyone had this problem before? Update: It turns out in VerifyHashedPassword there is a switch statement, the input to wich is derived from decoding the hashed password and it always goes to the default case which returns failure.
No description
No description
No description
18 Replies
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
I do not and I don't know how to set that up to be honest(I'll look into it after I send this message). It does reproduce with a new account. The last thing it does before returning the message "Email or Password not found/incorrect" is line 691 in CheckPasswordAsync, it skips all the break points I have set up after it.
No description
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
Its a message that I wrote: 
     if (!result.Succeeded)
         return Unauthorized("Email or Password not found/incorrect");
     if (!result.Succeeded)
         return Unauthorized("Email or Password not found/incorrect");
Its right after 
var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
var result = await _signInManager.CheckPasswordSignInAsync(user, loginDto.Password ,false);
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
Do you mean on something like stackblitz?
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
https://github.com/KevDev23/minibackend I chunked it down, let me know if it does something wonky. Have a good weekend!
GitHub
GitHub - KevDev23/minibackend: temp for help sorting out a error
temp for help sorting out a error. Contribute to KevDev23/minibackend development by creating an account on GitHub.
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
I'll have touch upon it tomorrow. Rn I only needed it to have 1 admin account so theres a file(ManagerSeeder) that should insert a user.
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
The seeder for the database seems fine, have you tried logging in?
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
The ManagerSeeder file is there, I'm going to check to see I didn't delete the dependency injection that runs it from Program.cs on accident
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
OH ok ManagerSeeder inserts a user, it doesn't do anything with create. Create does nothing because I prioritized something else and then ran into the bugs I was having problems with and now we're here. Visual Studio asked if I wanted to drop in CRUD functions for me and I went "yeah why not"
Unknown User
Unknown User4mo ago
Message Not Public
Sign In & Join Server To View
clownshark5503
clownshark5503OP4mo ago
There is a user, one is created by default with ManagerSeeder when run if the Manager table is empty You can modify how that works if you think something about the user accounts has to change

Did you find this page helpful?