Authentication in External Application

Joshua Adams asked on June 22, 2021 04:42

I am building a react js app to connect to our kentico database. I have an authentication built and am having trouble matching the password sha2salt. It seems that everything according to the documentation says that the sha256managed class is used. I have also verified that the password salt does not exist in our web.config file, which means that our value should be password + userguid. My value that I calculate with the following function does not match our database record. Any ideas on what I need to do?

 //phrase consists of password and the userguid combined with no spaces
 public static string Sha256encrypt(string phrase)
        UTF8Encoding encoder = new UTF8Encoding();
        SHA256Managed sha256hasher = new SHA256Managed();
        byte[] hashedDataBytes = sha256hasher.ComputeHash(encoder.GetBytes(phrase));
        return Convert.ToBase64String(hashedDataBytes);

Recent Answers

Sean Wright answered on July 6, 2021 17:54

I would recommend using the Kentico Xperience NuGet packages in your external application / API.

They provide ASP.NET / ASP.NET Core Identity integrations which means you don't need to replicate this low-level functionality.

It doesn't matter if this API isn't the presentation site of your application - the authentication will work the same.

0 votesVote for this answer Mark as a Correct answer

Joshua Adams answered on July 6, 2021 18:28

Thanks for the answer. Is there a nuget package that we can use for version 8? Thats what the site is currently in. As far as i understand the api and the database would need to be using the the same level of kentico if I understand correctly.

0 votesVote for this answer Mark as a Correct answer

Sean Wright answered on July 6, 2021 18:40 (last edited on July 6, 2021 18:40)

Unfortunately, version 9.0 is the earliest NuGet package available. Version 8 is very much out of support/active development now.

You can try referencing all the .dlls in the \Lib folder from the .NET API project that React is interacting with.

You are correct, both projects will need to be using the same versions of the Kentico library binaries (including the same hotfix version).

Another option is to create a minimal .NET API in the CMS application project using IHttpHandler.

I would recommend upgrading to at least version 12 of Kentico, which is the last version to support the Portal Engine development model you are using in your Kentico 8 site. Or, consider a rebuild in Kentico Xperience 13.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.