public static void AddUser(string email, string password, string firstName, string lastName, int department, int level)
{
Uzer u = new Uzer();
u.Valid = true;
u.Email = email;
u.FirstName = firstName;
u.LastName = lastName;
u.Department = department;
u.UzerLevel = level;
string salt = UserPasswordUtil.GenerateSalt();
u.Salt = salt;
u.Password = UserPasswordUtil.GeneratePasswordAfterSalt(password, salt);
SmallSimpleOAContext ctx = new SmallSimpleOAContext();
ctx.Add(u);
ctx.SaveChanges();
}
public IActionResult DoLogin(string email, string password)
{
//HttpContext.Session.SetInt32("uid", 2007);
//return RedirectToAction("Home", "Home");
if (email == null || password == null)
{
return(RedirectToAction("Login", "Login", new { pwdNotCorrect = "1" }));
}
Uzer user = UserService.FindUserByEmail(email);
if (user == null)
{
return(RedirectToAction("Login", "Login", new { pwdNotCorrect = "1" }));
}
string hash = MD5Util.MD5Value(password + user.Salt);
if (hash.Equals(user.Password))
{
string salt = UserPasswordUtil.GenerateSalt();
user.Salt = salt;
string newPwd = UserPasswordUtil.GeneratePasswordAfterSalt(password, salt);
user.Password = newPwd;
user.LastLogin = DateTime.Now;
UserService.UpdateUser(user);
HttpContext.Session.SetInt32("uid", user.Id);
HttpContext.Session.SetInt32("ulevel", (int)user.UzerLevel);
HttpContext.Session.SetString("uname", user.FirstName + " " + user.LastName);
return(RedirectToAction("Home", "Home"));
}
else
{
return(RedirectToAction("Login", "Login", new { pwdNotCorrect = "1" }));
}
}
