Hello, I wanted to post this to help anyone that may be facing the same problem and spare them the pain. The problem we had was that the password hashing done in Auth0’s predefined login templates for the ASP NET Membership Provider custom database did not match the hashing the was done on our side. In our case the hashing was done with sha1
and by prefixing the plain password with the salt. So this is how it should look in the custom Auth0 login script:
function hashPassword(password, passwordSalt) {
const hash = crypto.createHash('sha1');
const salt = Buffer.from(passwordSalt,'base64');
password = Buffer.from(password,'ucs2');
hash.update(Buffer.concat([salt, password]));
return hash.digest('base64');
}
It may be slightly different depending on your ASP NET Membership version. We were using an older version. Maybe it could be that the salt is suffixed, not prefixed for example. You can try multiple variations around this. We tried hundreds of variations until we reached this working one.
Also, another small note is that when fetching user data from the SQL query result, the format was an array, roughly like this:
[
{
"value": "12345",
"metadata": {
"columnName": "UserId",
...,
...
}
},
{
"value": "john.doe@email.com"
"metadata": {
"columnName": "Email",
...,
...
}
}
]
The default template’s code doesn’t work on this format (it is using fields.Email
, fields.UserId
etc.), so you have to change the parts accessing the columns data. For example, you could simply do this:
getMembershipQuery.on('row', function(fields) {
user = {
profile: {
user_id: fields[0].value,
nickname: fields[1].value,
email: fields[1].value,
}
};
});
or you could filter by the columName
.
Hope this helps!