public ActionResult UpdatePassword(UserUpdatePasswordModel model)
{
var user = _session.Load <User>(_executionContext.UserId);
if (!Encryption.Verify(model.OldPassword, user.Password))
{
ModelState.AddModelError("OldPassword", "Incorrect original password");
return(View("UpdatePassword", model));
}
if (model.NewPassword != model.ConfirmNewPassword)
{
ModelState.AddModelError("ConfirmNewPassword", "New password confirmation incorrect");
return(View("UpdatePassword", model));
}
user.ChangePassword(Encryption.HashPassword(model.NewPassword));
return(RedirectToAction("Index", "Home"));
}
public ActionResult Create(SessionViewModel sessionViewModel)
{
User user = null;
if (ModelState.IsValid)
{
user = _session.Query <User>().SingleOrDefault(x => x.Username == sessionViewModel.Username);
if (user == null)
{
ModelState.AddModelError(string.Empty, errorMessage);
}
}
if (ModelState.IsValid)
{
if (!Encryption.Verify(sessionViewModel.Password, user.Password))
{
ModelState.AddModelError(string.Empty, errorMessage);
}
}
if (ModelState.IsValid)
{
_authenticator.SetCookie(user.Id, false, user.Roles.ToArray());
var returnUrl = sessionViewModel.ReturnUrl;
if (returnUrl != null)
{
Uri returnUri;
if (Uri.TryCreate(returnUrl, UriKind.Relative, out returnUri))
{
return(Redirect(sessionViewModel.ReturnUrl));
}
}
return(RedirectToAction("Index", "Home"));
}
return(View("New", sessionViewModel));
}