public async Task <IActionResult> PromijeniLozinku(PromijeniLozinkuViewModel model)
{
int.TryParse(User?.FindFirst("Id")?.Value, out int korisnikId);
var korisnik = _korisnikRepo.Get(korisnikId);
if (korisnik == null)
{
return(NotFound());
}
var oldPw = HashingPasswords.GenerateHashArgon2(model.TrenutnaLozinka, korisnik.PasswordSalt);
if (korisnik.PasswordHash != oldPw)
{
ModelState.AddModelError("TrenutnaLozinka", "Lozinka je netačna");
return(View(model));
}
var salt = HashingPasswords.GenerateSalt();
var pw = HashingPasswords.GenerateHashArgon2(model.NovaLozinka, salt);
korisnik.PasswordHash = pw;
korisnik.PasswordSalt = salt;
_korisnikRepo.Update(korisnik);
_korisnikRepo.SaveChanges();
await Authentication.Logout(HttpContext);
return(RedirectToAction("Login", "Account"));
}
public async Task <IActionResult> Register(RegisterViewModel model)
{
var salt = HashingPasswords.GenerateSalt();
var pw = HashingPasswords.GenerateHashArgon2(model.Lozinka, salt);
var uloga = nameof(TipKorisnikaEnum.Korisnik);
var korisnik = new Models.Korisnik()
{
PasswordHash = pw,
PasswordSalt = salt,
Uloga = uloga,
KorisnickoIme = model.KorisnickoIme,
Ime = model.Ime,
Prezime = model.Prezime,
Banovan = false
};
_korisnikRepo.Add(korisnik);
_korisnikRepo.SaveChanges();
var identity = CreateNewIdentity(model.KorisnickoIme, uloga, korisnik.KorisnikId.ToString());
var principal = new ClaimsPrincipal(identity);
await Authentication.Login(HttpContext, principal);
return(RedirectToAction("Index", "Home"));
}
public static TeamsOfUser Login(string username, string password)
{
using (var ctx = new EFContext())
{
var userTeams = (from u in ctx.Users
join ut in ctx.UserTeams.Include(x => x.User).Include(x => x.Team) on u.UserId equals ut.UserId into gj
from x in gj.DefaultIfEmpty()
select new
{
x.Team,
User = u
}).Where(x => x.User.UserName == username).ToList();
if (userTeams.Count <= 0)
{
return(null);
}
var model = new TeamsOfUser()
{
Teams = new List <Team>(),
User = new User()
};
for (int i = 0; i < userTeams.Count; i++)
{
var item = userTeams.ElementAt(i);
if (i == 0)
{
model.User = item.User;
}
if (item.Team != null)
{
model.Teams.Add(item.Team);
}
}
if (model.User.PasswordHash == HashingPasswords.GenerateHash(password, model.User.PasswordSalt))
{
return(model);
}
return(null);
}
}
public IHttpActionResult Register([FromBody] RegisterUserVM model)
{
using (_userRepo)
{
var salt = HashingPasswords.GenerateSalt();
var pw = HashingPasswords.GenerateHash(model.Password, salt);
_userRepo.Add(new User()
{
UserName = model.UserName,
PasswordHash = pw,
PasswordSalt = salt
});
_userRepo.SaveChanges();
return(Ok("User registered successfully."));
}
}
public async Task <IActionResult> Login(LoginViewModel model)
{
var user = _korisnikRepo.GetByUsername(model.KorisnickoIme);
if (user == null)
{
ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
Response.StatusCode = 400;
return(View());
}
if (user.Banovan)
{
ModelState.AddModelError("LoginGreska", "Žao name je, ali vi ste banovani. Ukoliko Vam je nejasno zašto, obratite se administratoru");
Response.StatusCode = 400;
return(View());
}
var pw = HashingPasswords.GenerateHashArgon2(model.Password, user.PasswordSalt);
//var pw2 = HashingPasswords.GenerateHashPBKDF2(model.Password, user.PasswordSalt);
//var pw3 = HashingPasswords.GenerateHashSHA256(model.Password, user.PasswordSalt);
//var pw4 = HashingPasswords.GenerateHashSHA512(model.Password, user.PasswordSalt);
//var pw5 = HashingPasswords.GenerateHashSHA1(model.Password, user.PasswordSalt);
if (user.PasswordHash != pw)
{
ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
Response.StatusCode = 400;
return(View());
}
var identity = CreateNewIdentity(user.KorisnickoIme, user.Uloga, user.KorisnikId.ToString());
var principal = new ClaimsPrincipal(identity);
await Authentication.Login(HttpContext, principal);
return(Redirect(model.ReturnUrl ?? "/"));
}