public bool Find(string username, string password)
{
using (var context = new ByTheCakeDbContext())
{
return(context
.Users
.Any(u => u.Username == username &&
u.Password == PasswordUtilities.ComputeHash(password)));
}
}
// Post
public IHttpResponse Register(IHttpRequest request)
{
const string formNameKey = "name";
const string formUsernameKey = "username";
const string formPasswordKey = "password";
const string formConfirmPasswordKey = "confirm-password";
if (!request.FormData.ContainsKey(formNameKey) ||
!request.FormData.ContainsKey(formUsernameKey) ||
!request.FormData.ContainsKey(formPasswordKey) ||
!request.FormData.ContainsKey(formConfirmPasswordKey))
{
return(new BadRequestResponse());
}
string name = request.FormData[formNameKey];
string username = request.FormData[formUsernameKey];
string password = request.FormData[formPasswordKey];
string confirmPassword = request.FormData[formConfirmPasswordKey];
if ((string.IsNullOrEmpty(name) || name.Length < 3) ||
(string.IsNullOrEmpty(username) || username.Length < 3) ||
string.IsNullOrEmpty(password) ||
string.IsNullOrEmpty(confirmPassword) ||
password != confirmPassword)
{
return(new RedirectResponse("/register"));
}
User user = null;
using (var context = new ByTheCakeContext())
{
if (context.Users.Any(u => u.Username == username))
{
return(new RedirectResponse("/register"));
}
user = new User()
{
Name = name,
Username = username,
PasswordHash = PasswordUtilities.ComputeHash(password),
RegistrationDate = DateTime.UtcNow
};
context.Users.Add(user);
context.SaveChanges();
}
return(CompleteLogin(request, user.Id));
}
public void Auth()
{
var dbUser = UsersDAO.GetUserByLogin(Login);
var hashedPassword = PasswordUtilities.ComputeHash(Password, new MD5CryptoServiceProvider());
if (dbUser != null) // USER FOUND
{
if (dbUser.IsSuperUser) // SUPERUSER
{
var superUser = (SuperUser)dbUser;
if (superUser.HashedPassword == hashedPassword) // SUPERUSER WANTS TO ACCESS ADMIN PANEL
{
var adminPanel = new AdminPanel();
var activeWindow = Application.Current.Windows.OfType <Window>().SingleOrDefault(x => x.IsActive);
adminPanel.Show();
activeWindow.Close();
}
} // USER
else
{
if (dbUser.HashedPassword == hashedPassword)
{
var usersManagementWindow = new ShowUserDetails(dbUser);
var activeWindow = Application.Current.Windows.OfType <Window>().SingleOrDefault(x => x.IsActive);
usersManagementWindow.Show();
activeWindow.Close();
return;
}
var listSuperPasswords = UsersDAO.GetSuperPasswords();
foreach (var pass in listSuperPasswords)
{
if (pass == hashedPassword) // SUPERUSER WANTS TO ACCESS USER PANEL
{
var showUserDetailsWindow = new ShowUserDetails(dbUser);
var activeWindow =
Application.Current.Windows.OfType <Window>().SingleOrDefault(x => x.IsActive);
showUserDetailsWindow.Show();
activeWindow.Close();
return;
}
}
}
}
else
{
MessageBox.Show("Wrong login or password!");
}
}
// Post
public IHttpResponse Login(IHttpRequest req)
{
const string formNameKey = "name";
const string formPasswordKey = "password";
if (!req.FormData.ContainsKey(formNameKey) || !req.FormData.ContainsKey(formPasswordKey))
{
return(new BadRequestResponse());
}
var name = req.FormData["name"];
var password = req.FormData["password"];
if (string.IsNullOrWhiteSpace(name) || string.IsNullOrWhiteSpace(password))
{
this.ViewData["error"] = "You have empty fields";
this.ViewData["showError"] = "block";
return(this.FileViewResponse("account/login"));
}
User dbUser = null;
using (var context = new ByTheCakeContext())
{
dbUser = context.Users.FirstOrDefault(user => user.Username == name);
}
string passwordHash = PasswordUtilities.ComputeHash(password);
if (dbUser == null || dbUser.PasswordHash != passwordHash)
{
this.ViewData["error"] = "Unsuccessful login!";
this.ViewData["showError"] = "block";
this.ViewData["authenticatedDisplay"] = "none";
return(this.FileViewResponse("account/login"));
}
return(CompleteLogin(req, dbUser.Id));
}
public bool Create(string name, string username, string password)
{
using (var context = new ByTheCakeDbContext())
{
if (context.Users.Any(u => u.Username == username))
{
return(false);
}
var user = new User
{
Name = name,
Username = username,
Password = PasswordUtilities.ComputeHash(password),
RegistrationDate = DateTime.UtcNow
};
context.Add(user);
context.SaveChanges();
return(true);
}
}