public ActionResult CreateAccount(CreateAccountViewModel viewModel)
{
LocalAuthenticationController.RequireLocalAuthMode();
if (!ModelState.IsValid)
{
return(ViewCreateAccount(viewModel));
}
var theSelectedOrganization = HttpRequestStorage.DatabaseEntities.Organizations.GetOrganization(viewModel.OrganizationID);
Check.EnsureNotNull(theSelectedOrganization);
var existingUser = HttpRequestStorage.DatabaseEntities.People.GetPersonByEmail(viewModel.Email, false);
if (existingUser != null)
{
SetMessageForDisplay($"{existingUser.GetFullNameFirstLastAndOrgAsUrl(CurrentFirmaSession)} already has an account.");
return(RedirectToAction(new SitkaRoute <UserController>(x => x.Detail(existingUser))));
}
var newUser = CreateNewFirmaPersonWithoutKeystone(theSelectedOrganization, viewModel);
HttpRequestStorage.DatabaseEntities.SaveChanges();
var saltAndHash = PBKDF2PasswordHash.CreateHash(viewModel.Password);
var personLoginAccount = new PersonLoginAccount(newUser, newUser.Email, DateTime.Now,
saltAndHash.PasswordHashed, saltAndHash.PasswordSalt, true, 0, 0);
HttpRequestStorage.DatabaseEntities.AllPersonLoginAccounts.Add(personLoginAccount);
HttpRequestStorage.DatabaseEntities.SaveChanges();
SetMessageForDisplay($"{newUser.GetFullNameFirstLastAndOrgAsUrl(CurrentFirmaSession)} successfully added. You may want to assign them a role.");
return(RedirectToAction(new SitkaRoute <UserController>(x => x.Detail(newUser))));
}
public IEnumerable <ValidationResult> Validate(ValidationContext validationContext)
{
var errors = new List <ValidationResult>();
var personLoginAccount = HttpRequestStorage.DatabaseEntities.Person.PersonLoginAccount;
var isSelfEdit = personLoginAccount.PersonID == PersonID;
if (isSelfEdit && !PBKDF2PasswordHash.ValidatePassword(personLoginAccount.PasswordSalt, OldPassword, personLoginAccount.PasswordHash))
{
errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Bad password", z => z.OldPassword));
}
if (string.IsNullOrEmpty(NewPassword))
{
errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Please specify a new password", z => z.NewPassword));
}
if (string.IsNullOrEmpty(ConfirmNewPassword))
{
errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Please confirm the new password", z => z.ConfirmNewPassword));
}
if (NewPassword != ConfirmNewPassword)
{
errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Passwords must match.", z => z.NewPassword));
}
if (!PasswordHelper.VerifyPasswordComplexity(NewPassword))
{
errors.Add(new ValidationResult(PasswordHelper.GetPasswordComplexityErrorMessage(NewPassword)));
}
return(errors);
}
private static bool DoPasswordsMatch(PersonLoginAccount personLoginAccount, string passwordPlainText)
{
string passwordStoredHash = personLoginAccount.PasswordHash;
string passwordStoredSalt = personLoginAccount.PasswordSalt;
bool matchesPassword = PBKDF2PasswordHash.ValidatePassword(passwordStoredSalt, passwordPlainText, passwordStoredHash);
return(matchesPassword);
}
public ActionResult ChangePassword(PersonPrimaryKey personPrimaryKey, ChangePasswordViewModel viewModel)
{
LocalAuthenticationController.RequireLocalAuthMode();
var personBeingEdited = personPrimaryKey.EntityObject;
if (!ModelState.IsValid)
{
return(ViewChangePassword(viewModel, CurrentFirmaSession));
}
var personAccount = personBeingEdited.PersonLoginAccount;
var saltAndHash = PBKDF2PasswordHash.CreateHash(viewModel.NewPassword);
personAccount.PasswordSalt = saltAndHash.PasswordSalt;
personAccount.PasswordHash = saltAndHash.PasswordHashed;
HttpRequestStorage.DatabaseEntities.SaveChanges();
SetMessageForDisplay($"{personBeingEdited.GetFullNameFirstLast()}'s password had been updated.");
return(new ModalDialogFormJsonResult());
}
