public async Task <UserResponse> Authenticate(string username, string password) { User user = await this.context.Users.SingleOrDefaultAsync(u => u.Email == username); if (user == null) { return(null); } if (user.Password == HashPassword.GetHashString(password)) { var response = new UserResponse(user); return(response); } return(null); }
public string ChangePass(string password) { var username = (User as UserModel).Username.ToLower(); using (var dbContext = new DataContext()) { string newPass = HashPassword.Hash(username, password); var user = dbContext.Users.FirstOrDefault(e => e.Username.ToLower() == username); if (user == null) { return("User không hợp lệ"); } user.Password = newPass; dbContext.SaveChanges(); } return("Thành công"); }
public JsonResult UpdateUserPassword(UserRequest request) { if (!CornerCaseCheckHelper.Check(request.username, 50, CornerCaseCheckHelper.Username)) { return(JsonReturnHelper.ErrorReturn(104, "Invalid username")); } if (!CornerCaseCheckHelper.Check(request.oldPassword, 0, CornerCaseCheckHelper.PassWord)) { return(JsonReturnHelper.ErrorReturn(112, "Invalid oldPassword.")); } if (!CornerCaseCheckHelper.Check(request.password, 0, CornerCaseCheckHelper.PassWord)) { return(JsonReturnHelper.ErrorReturn(111, "Invalid password.")); } if (request.password == request.oldPassword) { return(JsonReturnHelper.ErrorReturn(113, "The old and new passwords are the same.")); } var user = _meshContext.Users.FirstOrDefault(u => u.Email == request.username); //Check Password if (user == null || !CheckHashPassword(request.oldPassword, user.PasswordSalt, user.PasswordDigest)) { return(JsonReturnHelper.ErrorReturn(201, "Incorrect username or password.")); } HashPassword hashPassword = GetHashPassword(request.password); try { user.PasswordDigest = hashPassword.PasswordDigest; user.PasswordSalt = hashPassword.PasswordSalt; _meshContext.Users.Update(user); _meshContext.SaveChanges(); } catch (Exception e) { _logger.LogError(e.ToString()); return(JsonReturnHelper.ErrorReturn(1, "Unexpected error.")); } return(JsonReturnHelper.SuccessReturn()); }
public JsonResult Register(UserRequest request) { if (!CornerCaseCheckHelper.Check(request.username, 50, CornerCaseCheckHelper.Username)) { return(JsonReturnHelper.ErrorReturn(104, "Invalid username")); } if (!CornerCaseCheckHelper.Check(request.password, 0, CornerCaseCheckHelper.PassWord)) { return(JsonReturnHelper.ErrorReturn(111, "Invalid password.")); } var user = _meshContext.Users.FirstOrDefault(u => u.Email == request.username); if (user != null) { return(JsonReturnHelper.ErrorReturn(101, "User already exists.")); } HashPassword hashPassword = GetHashPassword(request.password); //Create new user var newUser = new User() { Email = request.username, Nickname = request.username, PasswordDigest = hashPassword.PasswordDigest, PasswordSalt = hashPassword.PasswordSalt, Avatar = AvatarSaveHelper.PutObject(""), ColorPreference = "blue", LayoutPreference = "default", RevealedPreference = "card" }; //try to save the user try { _meshContext.Users.Add(newUser); _meshContext.SaveChanges(); } catch (Exception e) { _logger.LogError(e.ToString()); return(JsonReturnHelper.ErrorReturn(1, "Unexpected error.")); } return(UserReturnValue(newUser)); }
public ActionResult AddUsers(Users usr)//adaugam utilizatori { if (ModelState.IsValid) { string CallSP = "AddUsers @Nume_Utilizator, @Email, @Parola"; SqlParameter NumeUtilizator = new SqlParameter("Nume_utilizator", usr.Nume_utilizator); SqlParameter Email = new SqlParameter("Email", usr.Email); SqlParameter Parola = new SqlParameter("Parola", HashPassword.ComputeSHA1(usr.Parola)); //SqlParameter Id_Functie = new SqlParameter("Id_Functie", usr.Id_Functie); object[] parameters = new object[] { NumeUtilizator, Email, Parola }; var result = pl.Database.SqlQuery <Users>(CallSP, parameters); return(Json(result, JsonRequestBehavior.AllowGet)); } return(RedirectToAction("Index", "Users")); }
public ActionResult <User> Login([FromBody] LoginDto login) { var user = _db.Users.FirstOrDefault(x => x.Username == login.Username); if (user == null) { return(StatusCode(500, "Invalid username/password")); } if (user.Password != HashPassword.GeneratePassword(user.Salt, login.Password)) { return(StatusCode(500, "Invalid username/password")); } user.Token = RandomString.GenerateString(8); _db.Users.Update(user); _db.SaveChanges(); return(user); }
public void Register(RegisterModel registerModel) { string username = _userRepository.GetAll() .Where(u => u.Username == registerModel.Username) .Select(u => u.Username) .ToString(); if (username != null) { throw new UserException($"User with username:{registerModel.Username} already exists!"); } if (string.IsNullOrWhiteSpace(registerModel.Password) || string.IsNullOrWhiteSpace(registerModel.ConfirmPassword)) { throw new UserException("Password required!"); } if (registerModel.Password != registerModel.ConfirmPassword) { throw new UserException($"Passwords do not match!"); } if (string.IsNullOrWhiteSpace(registerModel.FirstName) || string.IsNullOrWhiteSpace(registerModel.LastName)) { throw new UserException("Both Firstnam and Lastname are required!"); } if (string.IsNullOrWhiteSpace(registerModel.Username)) { throw new UserException("Username is required!"); } string hashedPasswor = HashPassword.HashPass(registerModel.Password); User user = new User() { Firstname = registerModel.FirstName, Lastname = registerModel.LastName, Username = registerModel.Username, Password = hashedPasswor }; _userRepository.Insert(user); }
public async Task <IHttpActionResult> ResetPassword(int id, [FromBody] ResetAccount form) { try { var account = (from a in db.accounts where a.id == id select a).FirstOrDefault(); if (account != null) { //check same password var pass1 = HashPassword.hashPassword(form.password); var pass2 = HashPassword.hashPassword(form.pre_password); if (pass1 == pass2) { account.password = pass1; account.password2 = pass2; int val = await db.SaveChangesAsync(); //search from list report var findListReport = db.report_account.Where(a => a.account_id == account.id).FirstOrDefault(); if (findListReport != null) { db.Entry(findListReport).State = System.Data.Entity.EntityState.Deleted; await db.SaveChangesAsync(); } if (val > 0) { return(Ok(await FetchDetailsAccount.GetDetailsAccount(id))); } else { return(BadRequest("Reset password error.")); } } else { return(BadRequest("Passwords are not the same.")); } } else { return(BadRequest("Not found accounts.")); } }catch (Exception e) { return(BadRequest(e.Message)); } }
public ActionResult Login(Users login) { var users = new Users(); var UR = new UserRepository(); var HP = new HashPassword(); users = UR.GetUser(login); if (users.username == login.username) { if (HP.CovertPasswordBack(users.password, login.password)) { Session["User"] = users; } } return(RedirectToAction("Index", "UserList")); }
public ActionResult Create(UserModel model) { try { if (unitOfWork.UserRepository.Get(x => x.LoginId == model.LoginId).Any()) { ModelState.AddModelError("Invalid Username", "Username Exists!!!"); } if (ModelState.IsValid) { model.CreatedDate = DateTime.Now; model.Password = HashPassword.GetMd5Hash(MD5.Create(), model.Password); userService.AddUser(model); TempData["Success"] = "New User Added !!"; return(RedirectToAction("Index")); } model.dRoleList = dynamicList.GetRolesSelectList(); model.dDesignationList = dynamicList.GetDesignationList(); model.dOfficeList = dynamicList.GetOfficeList(); TempData["Danger"] = ModelState.Values.SelectMany(x => x.Errors).Select(x => x.ErrorMessage); return(View(@"~\Views\Setup\User\Create.cshtml", model)); } catch (DbEntityValidationException e) { TempData["Danger"] = e.Message; } model.dRoleList = dynamicList.GetRolesSelectList(); model.dDesignationList = dynamicList.GetDesignationList(); model.dOfficeList = dynamicList.GetOfficeList(); return(View(@"~\Views\Setup\User\Create.cshtml", model)); }
public ActionResult ChgPassword(string username, string password, string newpassword) { BsonDocument doc = usertable.Login(username, password); if (doc != null) { JObject usuario = JsonConvert.DeserializeObject <JObject>(usertable.GetRow(doc["_id"].AsObjectId.ToString())); usuario["pwd"] = HashPassword.CreateHash(newpassword); usuario["lastChgPassword"] = DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss"); usertable.SaveRow(JsonConvert.SerializeObject(usuario), usuario["_id"].ToString()); return(Content("/User/Login")); } else { return(Content("WrongPass")); } }
private bool Login() { if (string.IsNullOrEmpty(userName)) { Result.Message = new BusinessMessage("خطا", "نام کاربری را وارد کنید."); return(false); } if (string.IsNullOrEmpty(password)) { Result.Message = new BusinessMessage("خطا", "رمز عبور را وارد کنید."); return(false); } var user = accountingUow.GetRepository <User>().GetFirst(x => x.UserName.Equals(userName)); if (user == null || !HashPassword.VerifyPassword(password, user.Password)) { Result.Message = new BusinessMessage("خطا", "نام کاربری یا رمز عبور اشتباه است."); return(false); } var roleResult = accountingUow.GetRepository <V_UserRole>().Select(x => x.UserId == user.UserId, x => new Infra.Wpf.Security.Role { RoleId = x.RoleId, Name = x.RoleTitle }); var permissionResult = accountingUow.GetRepository <V_UserRolePermission>().Select(x => x.UserId == user.UserId, x => new Infra.Wpf.Security.Permission { PermissionId = x.PermmisionId, Url = x.Url }, distinct: true); Identity identity = new Identity(user.UserName, user.UserId, roleResult, permissionResult); Principal principal = new Principal(identity, AuthorizeBasedOn.BaseOnPermission); AppDomain.CurrentDomain.SetThreadPrincipal(principal); accountingUow.Logger.Log(new LogInfo() { CallSite = this.GetType().FullName, LogType = LogType.Information, UserId = user.UserId, Message = "Login: UserName = " + user.UserName }); return(true); }
public String newPassword(string key, string password) { JObject keydata = new JObject(); try { keydata = JsonConvert.DeserializeObject <JObject>(keysTable.GetRow(key)); } catch { return("Lo sentimos,Este link ya no es valido"); } JObject usuario = new JObject(); try { usuario = JsonConvert.DeserializeObject <JObject>(usertable.GetRow(keydata["userId"].ToString())); } catch { usuario = null; } if (usuario != null) { usuario["pwd"] = HashPassword.CreateHash(password); JToken lst; if (usuario.TryGetValue("lastChgPassword", out lst)) { usuario["lastChgPassword"] = DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss"); } else { usuario.Add("lastChgPassword", DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss")); } usertable.SaveRow(JsonConvert.SerializeObject(usuario), usuario["_id"].ToString()); keysTable.DeleteRowPhysical(key); return("success"); } else { return("El usuario asociado a este link, no existe"); } }
/// <summary> /// Method indicates whether sign in process was successful /// </summary> /// <param name="authUser"></param> /// <returns></returns> public async Task <AuthenticateResponse> IsSignInSuccessful(AuthUserData authUser) { bool isLoginNullOrEmpty = string.IsNullOrEmpty(authUser.Login); bool isPasswordNullOrEmpty = string.IsNullOrEmpty(authUser.Password); if (isLoginNullOrEmpty && isPasswordNullOrEmpty) { return(new AuthenticateResponse(AuthResponseMessage.LoginAndPasswordNotProvided, null, null, null, null, null)); } else if (isLoginNullOrEmpty) { return(new AuthenticateResponse(AuthResponseMessage.LoginNotProvided, null, null, null, null, null)); } else if (isPasswordNullOrEmpty) { return(new AuthenticateResponse(AuthResponseMessage.PasswordNotProvided, null, null, null, null, null)); } var userWithAuthLogin = await unitOfWork.UserRepository.GetUserByLoginAsync(authUser.Login); if (userWithAuthLogin == null) { return(new AuthenticateResponse(AuthResponseMessage.UserWithThisLoginNotExists, null, null, null, null, null)); } HashPassword hash = new HashPassword(authUser.Password, authUser.Login); if (userWithAuthLogin.Password.Equals(hash.HashedPassword)) { var userRole = await unitOfWork.UserRoleRepository.GetUserRole(userWithAuthLogin); var authResponseData = Authenticate(userWithAuthLogin, userRole); if (authResponseData == null) { return(new AuthenticateResponse(AuthResponseMessage.ErrorWhileGeneratingToken, null, null, null, null, null)); } return(authResponseData); } return(new AuthenticateResponse(AuthResponseMessage.WrongPassword, null, null, null, null, null)); }
public void Dont_Auth_Incorrect_User() { // Arrange LoginViewModel userData = new LoginViewModel { Login = "******", Password = "******" }; string storedPasswordHash = Convert.ToBase64String(HashPassword.HashPass("pass".ToCharArray(), new byte[0])); IAuthProvider authProv = new FormsAuthProvider(userData.Login, storedPasswordHash, ""); AccountController target = new AccountController(authProv); // Act ActionResult result = target.Login(userData, "#true", SessionStorage.Current); // Assert Assert.IsInstanceOfType(result, typeof(ViewResult)); Assert.IsFalse(((ViewResult)result).ViewData.ModelState.IsValid); }
//check ability to save new student from excel public bool SaveStudent(string username, string password, string fullname, string email, string classbygrade, ClassSurveyDbContext db) { var result = false; try { //save student //if students exist before, then not import again //just import new student not exists in system if (db.Students.Where(x => x.Username.Equals(username)).Count() == 0) { var student = new Student(); student.Username = username; //hash password before adding student.Password = HashPassword.ComputeSha256Hash(password); student.StudentCode = username; student.StudentName = fullname; student.Email = email; student.ClassByGrade = classbygrade; db.Students.Add(student); db.SaveChanges(); int id = db.Students.Max(x => x.Id); //add new user User user = new User() { Username = username, Password = HashPassword.ComputeSha256Hash(password), Position = "Student", StudentId = id }; db.Users.Add(user); db.SaveChanges(); result = true; } } catch (Exception) { throw; } return(result); }
public LoginResponse Login(LoginRequest request) { var client = _context.Client.FirstOrDefault(p => p.Login == request.Login); if (client == null) { throw new UserNotFound(); } var passwordToCompare = HashPassword.HashPass(request.Password, client.Salt); if (!passwordToCompare.Equals(client.Password)) { throw new UserNotFound(); } var userclaim = new[] { new Claim(ClaimTypes.NameIdentifier, client.IdClient.ToString()), new Claim(ClaimTypes.Name, client.FirstName), new Claim(ClaimTypes.Role, "Client"), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "AdCompany", audience: "Clients", claims: userclaim, expires: DateTime.Now.AddMinutes(5), signingCredentials: creds ); client.RefreshToken = Guid.NewGuid().ToString(); client.ExpireDate = DateTime.Now.AddDays(1); _context.SaveChanges(); return(new LoginResponse() { AccessToken = new JwtSecurityTokenHandler().WriteToken(token), RefreshToken = client.RefreshToken }); }
public async Task <IHttpActionResult> ResetPasswordUser([FromBody] account form) { try { var identity = (ClaimsIdentity)User.Identity; var username = identity.Claims.Where(a => a.Type == ClaimTypes.Name).Select(c => c.Value).FirstOrDefault(); var account = (from a in db.accounts where a.username == username select a).FirstOrDefault(); if (account != null) { //check same password var pass1 = HashPassword.hashPassword(form.password); var pass2 = HashPassword.hashPassword(form.password2); if (pass1 == pass2) { account.password = pass1; account.password2 = pass2; int val = await db.SaveChangesAsync(); if (val > 0) { return(Ok(await FetchDetailsAccount.GetDetailsAccount(account.id))); } else { return(BadRequest("Reset password error.")); } } else { return(BadRequest("Passwords are not the same.")); } } else { return(BadRequest("Not found accounts.")); } } catch (Exception e) { return(BadRequest(e.Message)); } }
public void Auth_Correct_User() { // Arrange LoginViewModel userData = new LoginViewModel { Login = "******", Password = "******" }; string storedPasswordHash = Convert.ToBase64String(HashPassword.HashPass(userData.Password.ToCharArray(), new byte[0])); IAuthProvider authProv = new FormsAuthProvider(userData.Login, storedPasswordHash, ""); AccountController target = new AccountController(authProv); SessionStorage storage = SessionStorage.Current; // Act ActionResult result = target.Login(userData, "#true", storage); // Assert Assert.IsInstanceOfType(result, typeof(RedirectResult)); Assert.IsTrue(((RedirectResult)result).Url.Contains("#true")); }
public async Task <IActionResult> CreateOrUpdate([FromForm] WebsiteViewModel input) { var model = new WebsiteModel() { Name = input.Name, Url = input.Url, Category = input.Category, Login = new LoginModel() { Email = input.Login.Email, Password = HashPassword.GetHashedPassword(input.Login.Password), }, IsDeleted = false, HomepageSnapshot = ImageToByteArray(input.Image) }; var record = await this.websiteRepository.CreateOrUpdate(model); return(Ok(record)); }
public IActionResult InserirAdmin([FromBody] UsuariosDomain Usuarios) { var users = _context.Usuarios; if (Usuarios == null) { return(BadRequest("Dados do usuário incorretos")); } foreach (var usua in users) { if (Usuarios.Email == usua.Email) { return(BadRequest("E-mail já cadastrado")); } } try { HashPassword geradorHash = new HashPassword(); var hash = geradorHash.GenerateHash(Usuarios.Senha); if (hash != null) { Usuarios.Senha = hash; } _context.Usuarios.Add(Usuarios); _context.SaveChanges(); UsuarioPermissoesDomain permissoes = new UsuarioPermissoesDomain(); permissoes.UsuarioId = Usuarios.id; permissoes.PermissaoId = 1; permissoes.DataCriacao = DateTime.Now; _context.UsuarioPermissoes.Add(permissoes); _context.SaveChanges(); return(Ok("Cadastrado com sucesso")); } catch (System.Exception ex) { return(BadRequest(ex.Message)); } }
//check if we can save new teachers public bool SaveTeacher(string username, string password, string name, string email, ClassSurveyDbContext db) { var result = false; try { //if teacher not exists in system before //just add new teachers when they dont exist in system if (db.Teachers.Where(x => x.Username.Equals(username)).Count() == 0) { var teacher = new Teacher(); teacher.Username = username; //hash password before adding teacher.Password = HashPassword.ComputeSha256Hash(password); teacher.TeacherName = name; teacher.Email = email; db.Teachers.Add(teacher); db.SaveChanges(); int id = db.Teachers.Max(x => x.Id); //add new user User user = new User() { Username = username, Password = HashPassword.ComputeSha256Hash(password), Position = "Teacher", TeacherId = id }; db.Users.Add(user); db.SaveChanges(); result = true; } } catch (Exception) { throw; } return(result); }
public void RemindPass(string email, string url) { // Создаем данные для отправки // Генерируем код потверждения string code = JsonConvert.SerializeObject(new { guid = Guid.NewGuid(), login = login }); code = code.Replace('"', '\''); url = url + "?code=" + code; char[] newPass = HashPassword.GeneratePassword(6); // Генерируем новый пароль длиной в 6 символов // Отправляем письмо с паролем и кодом подтверждения MailSender.SendEmailToNewPass(email, login, newPass, url, MailSender.FromEmailServer.gmail); logger.Warn(string.Format("Mail to recover access sended to email: '{0}'.", email)); // Сохраняем новый пароль, код подтверждения и дату устаревания в хранилище данных string newPassHash = Convert.ToBase64String(HashPassword.HashPass(newPass, new byte[0])); BlogSettings.Current.TurnOnPassRemind(newPassHash, code, DateTime.Now.AddDays(1)); }
public ActionResult Login(Users user) { using (Entities db = new Entities()) { //user.password = HashPassword.hash(user.password); foreach (Users u in db.Users.ToArray()) { if (u.login == user.login && HashPassword.hash(user.password, u.salt) == u.password) { Session["UserID"] = u.Id; Session["UserLogin"] = u.login; return(Redirect("~/Wallet/Index")); } } } ModelState.AddModelError("LoginError", "Login or Password is wrong."); return(View()); }
public void Update() { User u = new User(); u.u_id = int.Parse(txtUid.Text); u.user_name = txtUserName.Text; u.password = txtPassword.Text == null ? lblpasshide.Text : HashPassword.CreateMD5(txtPassword.Text); u.status = chkStatus.Checked == true ? true : false; u.gender = chkGender.Checked == true ? true : false; u.full_name = txtName.Text; u.date_create = DateTime.Now; u.mobile = txtPhone.Text; u.email = txtEmail.Text; int result = UserDAO.Instance.Update(u); if (result > 0) { MessageBox.Show("Update success", "Update"); Load(); } }
public string ResetPass(string username) { var currentUsername = (User as UserModel).Username.ToLower(); if (AdminUsers.Contains(currentUsername) == false) { return("Bạn không có quyền truy cập"); } using (var dbContext = new DataContext()) { string newPass = HashPassword.Hash(username, "123456a@"); var user = dbContext.Users.FirstOrDefault(e => e.Username.ToLower() == username); if (user == null) { return("User không hợp lệ"); } user.Password = newPass; dbContext.SaveChanges(); } return("Thành công"); }
public ActionResult SettingsPost(SettingsIndexViewModel model) { if (ModelState.IsValid) { if (!string.IsNullOrEmpty(model.NewPassword) && string.IsNullOrEmpty(model.CurrentPassword)) { ModelState.AddModelError("CurrentPassword", "Для смены пароля нужно указать текущий пароль"); } else if (string.IsNullOrEmpty(model.NewPassword) && !string.IsNullOrEmpty(model.CurrentPassword)) { ModelState.AddModelError("NewPassword", "Вы не указали новый пароль"); } } string newPassHash = null; // если производится корректная смена пароля, то ниже получит значение if (ModelState.IsValid && !string.IsNullOrEmpty(model.NewPassword)) { // Берем логин с сервера, потому что на клиенте он мог измениться if (authProvider.IsValidUser(BlogSettings.Current.AdminLogin, model.CurrentPassword.ToCharArray())) { // Получаем хэш пароля newPassHash = Convert.ToBase64String( HashPassword.HashPass(model.NewPassword.ToCharArray(), new byte[0])); } else { ModelState.AddModelError("CurrentPassword", "Указанный пароль не соответствует текущему"); } } if (ModelState.IsValid) { // Сохранение новых настроек BlogSettings.Current.ChangeSettings(model.Settings, newPassHash, false); BlogEngineTK.WebUI.MvcApplication.ClearAppCache(); } return(View(model)); }
public IActionResult Put([FromBody] User user) { var u = Users.FirstOrDefault(x => x.Id == user.Id); byte[] salt = null; if (string.IsNullOrEmpty(user.Password)) { user.Password = u.Password; salt = u.Salt; } else { salt = HashPassword.GenerateSalt(); } if (user.Password.Length < 6) { return(StatusCode(500, "User password need to have min 6 signs")); } var newPassword = HashPassword.GeneratePassword(salt, user.Password); user.Password = newPassword; user.Salt = salt; var existingUser = Users.FirstOrDefault(x => (x.Username == user.Username || x.Email == user.Email) && x.Id != user.Id); if (existingUser != null) { return(StatusCode(500, "Already exist user with that username or email")); } u.Password = newPassword; u.Salt = salt; u.Email = user.Email; u.FirstName = user.FirstName; u.LastName = user.LastName; u.Username = user.Username; _db.Users.Update(u); _db.SaveChanges(); return(Ok()); }
private void button_create_Click(object sender, EventArgs e) { User user = new User(); if (textbox_pwd.Text == textbox_pwd2.Text) { user.HashPassword = HashPassword.Hash(textbox_pwd2.Text); } else { MessageBox.Show( "Passwords are not match!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } user.Name = textbox_name.Text; user.Login = textbox_login.Text; user.Age = Convert.ToInt32(textbox_age.Text); try { _userService.CreateUser(user); MessageBox.Show( "New user was created!", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information); this.Close(); } catch { MessageBox.Show( "You have troubles!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } }
public async Task <IActionResult> Register(RegisterViewModel registerViewModel) { if (ModelState.IsValid) { try { await using var transaction = dbContext.Database.BeginTransaction(); var salt = HashPassword.CreateSalt(); var hash = HashPassword.GenerateSaltedHash(Encoding.UTF8.GetBytes(registerViewModel.Password), salt); var user = new User { UserLogin = registerViewModel.Login, UserSalt = Convert.ToBase64String(salt), UserHash = Convert.ToBase64String(hash), UserType = "passenger" }; await dbContext.User.AddAsync(user); await dbContext.SaveChangesAsync(); var passenger = new Passenger { IdUser = user.IdUser, PassengerFullName = registerViewModel.FullName, PassengerBirthday = registerViewModel.Birthday, IdPassengerPassportType = registerViewModel.IdPassportType, PassengerPassport = registerViewModel.PassportData }; await dbContext.Passenger.AddAsync(passenger); await dbContext.SaveChangesAsync(); transaction.Commit(); await Authenticate(user); return(RedirectToAction("Index", "Home")); } catch { return(NotFound()); } } ViewBag.PassportType = new SelectList(dbContext.PassportType.ToList(), "IdPassportType", "Passport"); return(View(registerViewModel)); }
/// <summary> /// Logs in the user and creates a session. /// </summary> /// <param name="emailAddress">emailddress of the user</param> /// <param name="password">password of the user</param> public void Login(string emailAddress, string password) { IRetrieveDb<User, String> RetrieveDb = new RetrieveFromUserWithEmail(); HashPassword hash = new HashPassword(); var email = emailAddress; var nonHashedPassword = password; try { var user = RetrieveDb.RetrieveFrom(email); var hashPassword = hash.HashString(password); var hashDbPassword = hash.HashString(user.Password, user.Salt); var isValidPassword = HashPassword.ValidatePassword(password, user.Password); if (isValidPassword) { FormsAuthentication.SetAuthCookie(email, false); USession.CurrentUser.UserId = user.UserId; USession.CurrentUser.Username = email; USession.CurrentUser.FirstName = user.FirstName; USession.CurrentUser.LastName = user.LastName; } else { //password not match throw new InvalidUserException(); } } catch (InvalidUserException ex) { throw ex; } catch (Exception ex) { throw new UnknownErrorException(ex); } }