public ActionResult Login([Bind(Include = "UserId,UserName,PasswordHash,DisplayName,Email,DateCreated,DateModfied,DateDeleted")] User user) { String passwordhash = EncryptandDecrypt.Crypt(user.PasswordHash); User cuser = userService.Load(x => x.UserName == user.UserName && x.PasswordHash == passwordhash && !x.DateDeleted.HasValue).SingleOrDefault(); if (cuser != null) { Session["DisplayName"] = cuser.DisplayName; Session["UserName"] = cuser.UserName; Session["UserId"] = cuser.UserId; ViewBag.Error = "User Logged IN"; return(RedirectToAction("Index", "Forms")); } TempData["Error"] = "UserName or Password do not match"; ViewBag.Error = "UserName or Password do not match"; return(RedirectToAction("Login", "Users")); }
public ActionResult Register([Bind(Include = "UserId,UserName,PasswordHash,DisplayName,Email,DateCreated,DateModfied,DateDeleted")] User user) { if (ModelState.IsValid) { User existinguser = userService.Load(u => u.UserName == user.UserName).SingleOrDefault(); if (existinguser == null) { user.PasswordHash = EncryptandDecrypt.Crypt(user.PasswordHash); user.DateCreated = DateTime.Now; userService.Add(user); userService.Save(); Session["UserName"] = user.UserName; Session["DisplayName"] = user.DisplayName; Session["UserId"] = user.UserId; return(RedirectToAction("Index", "Forms")); } TempData["Error"] = "User with given Username already existed."; return(RedirectToAction("Register", "Users")); } return(View(user)); }
public ActionResult Setting(String oldPassword, String newPassword) { int UserId = Convert.ToInt32(Session["UserId"]); User dbUser = userService.LoadByID(UserId); String dbPasswordHash = dbUser.PasswordHash; String dbPasswordUnhash = EncryptandDecrypt.Decrypt(dbPasswordHash); bool PasswordMatch = String.Equals(dbPasswordUnhash, oldPassword); if (!PasswordMatch) { TempData["Error"] = "Old Password did not match our Records"; return(RedirectToAction("Setting", "Users")); } else { dbUser.PasswordHash = EncryptandDecrypt.Crypt(newPassword); dbUser.DateModfied = DateTime.Now; userService.Save(); TempData["Success"] = "Password Updated Successfully"; return(RedirectToAction("Setting", "Users")); } }