public void Login()
{
string username = Request.Form["username"].ToString();
string passwd = Request.Form["password"].ToString();
using (var db = new Models.SimpleShopDbContext())
{
var admin = db.Admins.FirstOrDefault(p => p.Name == username);
if (admin != null)
{
byte[] passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(passwd + admin.Salt);
byte[] hashBytes = new System.Security.Cryptography.SHA256Managed().ComputeHash(passwordAndSaltBytes);
string hashString = Convert.ToBase64String(hashBytes);
if (hashString == admin.Passwd)
{
// user login successfully
Response.Redirect("/AdminManager/Default/Main");
}
else
{
throw new ApplicationException("invalid user name and password");
}
}
else
{
Response.Redirect("/AdminManager/Default/Index");
}
}
}
public void RegisterDeal()
{
string username = Request.Form["username"].ToString();
string passwd = Request.Form["passwd"].ToString();
string salt = Guid.NewGuid().ToString();
byte[] passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(passwd + salt);
byte[] hashBytes = new System.Security.Cryptography.SHA256Managed().ComputeHash(passwordAndSaltBytes);
string hashString = Convert.ToBase64String(hashBytes);
using (var db = new Models.SimpleShopDbContext())
{
var admin = db.Admins.Add(new Models.Admin {
Name = username, Passwd = hashString, CellPhone = "13283888062", Salt = salt
});
var rs = db.SaveChanges();
if (rs > 0)
{
Response.Write(Newtonsoft.Json.JsonConvert.SerializeObject(admin));
}
}
}
