public IActionResult ChangePassword(ChangePasswordViewModel vm) { IActionResult result = RedirectToAction("Login", "Login"); try { var user = _securityDb.GetUserItem(vm.UserId); var auth = new Authentication(vm.OldPassword, user.Salt); var profile = _db.GetProfile(vm.UserId, true); if (ModelState.IsValid && auth.Hash == user.Hash && vm.UserId == user.Id) { auth = new Authentication(vm.NewPassword); user.Hash = auth.Hash; user.Salt = auth.Salt; _securityDb.UpdateUserItem(user); profile.AcademicsList = _db.GetAcademics(vm.UserId); profile.CareerExperienceList = _db.GetCareerExperienceList(vm.UserId); profile.PortfolioProjects = _db.GetPortfolioList(vm.UserId); result = VerifyUserView("ProfileEdit", profile.Id, profile); } else { ChangePasswordViewModel passChange = new ChangePasswordViewModel(); result = VerifyUserView("UpdatePassword", profile.Id, passChange); } } catch (Exception) { } return(result); }
public void TestUser() { Authentication auth = new Authentication("Abcd!234"); // Test add user UserItem item = new UserItem(); item.FirstName = "Chris"; item.LastName = "Rupp"; item.Username = "******"; item.Hash = auth.Hash; item.Salt = auth.Salt; item.Email = "!@#$%^@tech.com"; item.RoleId = (int)Authorization.eRole.StandardUser; int id = _db.AddUserItem(item); Assert.AreNotEqual(0, id); // Test get user item by id UserItem itemGet = _db.GetUserItem(id); Assert.AreEqual(item.Id, itemGet.Id); Assert.AreEqual(item.FirstName, itemGet.FirstName); Assert.AreEqual(item.LastName, itemGet.LastName); Assert.AreEqual(item.Username, itemGet.Username); Assert.AreEqual(item.Hash, itemGet.Hash); Assert.AreEqual(item.Salt, itemGet.Salt); Assert.AreEqual(item.Email, itemGet.Email); // Test update user item.FirstName = "What"; item.LastName = "What"; item.Username = "******"; item.Email = "What"; item.Hash = "What"; item.Salt = "What"; Assert.IsTrue(_db.UpdateUserItem(item)); // Test get user item by user name itemGet = _db.GetUserItem(item.Username); Assert.AreEqual(item.Id, itemGet.Id); Assert.AreEqual(item.FirstName, itemGet.FirstName); Assert.AreEqual(item.LastName, itemGet.LastName); Assert.AreEqual(item.Username, itemGet.Username); Assert.AreEqual(item.Hash, itemGet.Hash); Assert.AreEqual(item.Salt, itemGet.Salt); Assert.AreEqual(item.Email, itemGet.Email); // Test delete user _db.DeleteUserItem(id); var users = _db.GetUserItems(); foreach (var user in users) { Assert.AreNotEqual(id, user.Id); } }