public ActionResult EditUser([Bind(Include = "ID,User_Type_ID,User_First_Name,User_Last_Name,User_Phone_Number,User_Email,User_ID,User_Password")] User user)
{
if (ModelState.IsValid)
{
user.User_Password_Salt = HashPasswordService.CreateSalt();
user.User_Password = HashPasswordService.CreateHash(user.User_Password, user.User_Password_Salt);
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("UsersList"));
}
ViewBag.User_Type_ID = new SelectList(db.User_Type, "ID", "Type", user.User_Type_ID);
return(View(user));
}
protected void registerButton_Click(object sender, EventArgs e)
{
if (pageActionType.Value == "register")
{
try
{
if (string.IsNullOrEmpty(this.username.Text) || string.IsNullOrEmpty(this.password.Text))
{
this.message.InnerText = "Introduceti utilizatorul si parola!";
this.message.Visible = true;
}
else if (this.password.Text != this.passwordRe.Text)
{
this.message.InnerText = "Parolele introduse sunt diferite!";
this.message.Visible = true;
}
else if (UserService.Get(x => x.UserName == this.username.Text) != null)
{
this.message.InnerText = "Utilizator existent, alegeti alt utilizator!";
this.message.Visible = true;
}
else
{
var password = HashPasswordService.GeneratePasswordHash(this.password.Text);
var user = new User(this.username.Text, password);
UserService.Create(user);
UserService.SetProfilePicture(user, Image.FromFile(Server.MapPath("~/Content/images/default_profile.jpg")));
UserService.CommitChanges();
Response.RedirectToRoute("Auth", new { action = "signin", userName = user.UserName });
}
this.password.Text = string.Empty;
this.passwordRe.Text = string.Empty;
}
catch (Exception exception)
{
//handle exception
this.message.InnerText = GenericErrorMessage;
this.message.Visible = true;
}
}
else
{
Response.RedirectToRoute("Auth", new { action = "register" });
}
}
protected void signInButton_Click(object sender, EventArgs e)
{
if (pageActionType.Value == "signin")
{
try
{
var user = UserService.Get(x => x.UserName == this.username.Text);
if (user != null && HashPasswordService.ArePasswordsMatching(this.password.Text, user.Password))
{
using (var formsAuthService = new FormsAuthenticationService(Context))
{
string returnUrl;
formsAuthService.SignIn(user.UserName, rememberMe.Checked, user.Id.ToString(), out returnUrl);
if (!File.Exists(user.ProfileImage64Url) || !File.Exists(user.ProfileImage64Url) || !File.Exists(user.ProfileImage128Url))
{
UserService.SetProfilePicture(user, Image.FromFile(Server.MapPath("~/Content/images/default_profile.jpg")));
UserService.CommitChanges();
}
Response.Redirect(returnUrl);
}
}
}
catch (Exception exception)
{
//handle exception
this.message.InnerText = GenericErrorMessage;
this.message.Visible = true;
}
if (!SecurityContext.IsAuthenticated)
{
this.message.InnerText = "Utilizatorul sau parola sunt gresite!";
this.message.Visible = true;
this.password.Text = string.Empty;
}
}
else
{
Response.RedirectToRoute("Auth", new { action = "signin" });
}
}
public ActionResult Login(userLogin objUser)
{
//var error = ModelState.Values;
try
{
if (ModelState.IsValid)
{
using (AGH_DBContext db = new AGH_DBContext())
{
var obj = db.Users.Where(a => a.User_ID.Equals(objUser.User_ID)).FirstOrDefault();
if (obj.Is_User_Deleted == false)
{
// Checks if entered password matches the password in DB
if (HashPasswordService.CompareHash(objUser.User_Password, obj.User_Password_Salt, obj.User_Password))
{
Session["UserID"] = obj.User_ID;
Session["UserRoleID"] = obj.User_Type.ID;
Session["UserName"] = obj.User_First_Name.ToString() + " " + obj.User_Last_Name.ToString();
return(RedirectToAction("Index"));
}
ViewBag.LoginErrorMessage = "Please check your login credentials and try again";
return(View("Login"));
}
ViewBag.LoginErrorMessage = "Your user has been deactivated. GET LOST!";
return(View("Login"));
}
}
return(View(objUser));
}
catch (Exception e)
{
ViewBag.ErrorMessage = e.Message;
return(View("Error"));
}
}
public ActionResult CreateUser([Bind(Include = "ID,User_Type_ID,User_First_Name,User_Last_Name,User_Phone_Number,User_Email,User_ID,User_Password")] User user)
{
try
{
ViewBag.User_Type_ID = new SelectList(db.User_Type, "ID", "Type", user.User_Type_ID);
if (ModelState.IsValid)
{
//using (SHA512 sha512Hash = SHA512.Create())
//{
// // Generate unique salt for each user
// user.User_Password_Salt = Crypto.GenerateSalt();
// // From String to byte array + salt
// byte[] sourceBytes = Encoding.UTF8.GetBytes(user.User_Password + user.User_Password_Salt);
// byte[] hashBytes = sha512Hash.ComputeHash(sourceBytes);
// // Converting hashed byte array back to string format
// user.User_Password = BitConverter.ToString(hashBytes).Replace("-", String.Empty);
//}
user.User_Password_Salt = HashPasswordService.CreateSalt();
user.User_Password = HashPasswordService.CreateHash(user.User_Password, user.User_Password_Salt);
db.Users.Add(user);
db.SaveChanges();
return(RedirectToAction("UsersList"));
}
return(View(user));
}
catch (Exception e)
{
ViewBag.ErrorMessage = e.Message;
return(View("Error"));
}
}
public void ResetPassword(string userName, string newPassword)
{
var sql = $"UPDATE [User] SET [PasswordHash] = '{HashPasswordService.Hash(newPassword)}' WHERE [Login] = '{userName}'";
ExecuteNonQueryInternal(sql);
}
