public static CreateStudentStatus CreateStudent(int studentID, string password)
{
try {
using (WBDbContext db = new WBDbContext()) {
if (db.Students.Any(s => s.StudentID == studentID))
return CreateStudentStatus.IDTaken;
byte[] salt = Utils.CreateSalt();
Student student = new Student {
StudentID = studentID,
Salt = Convert.ToBase64String(salt),
Password = Utils.HashStringSHA256(password, salt)
};
db.Students.Add(student);
db.SaveChanges();
}
} catch (Exception) {
// I don't care what exception we catch, I just don't want the page to break.
return CreateStudentStatus.Failure;
}
return CreateStudentStatus.Success;
}
public static ChangePasswordStatus ChangePassword(this User passedUser, string oldPassword, string newPassword)
{
if (passedUser.ValidateUser(oldPassword) < 0)
return ChangePasswordStatus.IncorrectPassword;
if (passedUser.ValidateUser(newPassword) > 0)
return ChangePasswordStatus.InvalidPassword;
using (WBDbContext db = new WBDbContext()) {
var user = db.Users
.Where(u => u.UserID == passedUser.UserID)
.FirstOrDefault();
if (user == null)
return ChangePasswordStatus.UserNotFound;
byte[] salt = Utils.CreateSalt();
user.Salt = Convert.ToBase64String(salt);
user.Password = Utils.HashStringSHA256(newPassword, salt);
db.SaveChanges();
return ChangePasswordStatus.Success;
}
}
public static CreateUserStatus CreateUser(string username, string password)
{
try {
using (WBDbContext db = new WBDbContext()) {
if (db.Users.Any(u => u.Username.ToLower() == username.ToLower()))
return CreateUserStatus.UsernameTaken;
byte[] salt = Utils.CreateSalt();
int userId = GetNextUserId();
User user = new User {
UserID = userId,
Username = username,
Salt = Convert.ToBase64String(salt),
Password = Utils.HashStringSHA256(password, salt)
};
db.Users.Add(user);
db.SaveChanges();
}
} catch (Exception) {
// I don't care what exception we catch, I just don't want the page to break.
return CreateUserStatus.Failure;
}
return CreateUserStatus.Success;
}