How to use Ablecommerce database for User Authentication
Posted: Fri Jul 14, 2017 10:52 pm
Hello,
We are currently using AbleCommerce 7, and we would like the users registered in our ablecommerce shop to be able to log in on our website too. How can we do this? I already tried hashing the passwords entered on our website, and compare it with the ablecommerce login in the database, although the hash is always different. Most likely since the salt value is not correct.
I have tried the following code (i found it on the forum) to hash the password, for salt value i use "a". If it's not correct, how can i determine the correct salt value?
I also tried to use the CommerceBuilder.Users namespace, and "UserDataSource.LoadForUserName" method, but this always requires some other references, and i'm afraid i'll end up adding almost every component of the AbleCommerce. Is it known what configurations should i use, and what references and namespaces should i add to get this work?
Is there any other (or better) preferred method or solution to utilize the users from the Ablecommerce database? Thanks in advance!
We are currently using AbleCommerce 7, and we would like the users registered in our ablecommerce shop to be able to log in on our website too. How can we do this? I already tried hashing the passwords entered on our website, and compare it with the ablecommerce login in the database, although the hash is always different. Most likely since the salt value is not correct.
I have tried the following code (i found it on the forum) to hash the password, for salt value i use "a". If it's not correct, how can i determine the correct salt value?
Code: Select all
//_pw is an MD5
ConvertFromHexHash(_pw, HexToBytes("a"));
private static Byte[] HexToBytes(string hexhash)
{
if (string.IsNullOrEmpty(hexhash)) return null;
if (hexhash.Length % 2 == 1) hexhash = "0" + hexhash;
int arr_size = hexhash.Length / 2;
Byte[] bytes = new Byte[arr_size];
for (int i = 0; i < arr_size; i++)
bytes[i] = Convert.ToByte(hexhash.Substring(i * 2, 2), 16);
return bytes;
}
private static string ConvertFromHexHash(string hexhash, byte[] saltBytes)
{
//FIRST, TURN THE HEX DIGEST INTO AN ARRAY OF BYTES
byte[] hashBytes = HexToBytes(hexhash);
if ((hashBytes == null) || (hashBytes.Length == 0)) return string.Empty;
//MAKE SURE THE SALT BYTES ARRAY IS NOT NULL
if (saltBytes == null) saltBytes = new byte[0];
//CREATE NEW ARRAY THAT WILL COMBINE HASH VALUE WITH SALT BYTES
byte[] hashWithSaltBytes = new byte[hashBytes.Length + saltBytes.Length];
//COPY HASH BYTES INTO ARRAY
for (int i = 0; i < hashBytes.Length; i++)
hashWithSaltBytes[i] = hashBytes[i];
//APPEND SALT BYTES INTO ARRAY
for (int i = 0; i < saltBytes.Length; i++)
hashWithSaltBytes[hashBytes.Length + i] = saltBytes[i];
//ENCODE THE COMBINED BYTE ARRAY TO BASE 64 STRING
string hashValue = Convert.ToBase64String(hashWithSaltBytes);
//UPDATED HASH VALUE IS READY FOR STORAGE
return hashValue;
}Code: Select all
//Simple Login functions using AbleCommerce CommerceBuilder DLLs
public static bool SimpleLogin(string _user, string _pw)
{
User loginUser = UserDataSource.LoadForUserName(_user);
if (loginUser != null)
{
if (User.Login(_user, _pw))
{
return true;
}
else
{
return false;
}
}
return false;
}