public async Task <IActionResult> Register(RegisterViewModel model)
{
var salt = HashingPasswords.GenerateSalt();
var pw = HashingPasswords.GenerateHashArgon2(model.Lozinka, salt);
var uloga = nameof(TipKorisnikaEnum.Korisnik);
var korisnik = new Models.Korisnik()
{
PasswordHash = pw,
PasswordSalt = salt,
Uloga = uloga,
KorisnickoIme = model.KorisnickoIme,
Ime = model.Ime,
Prezime = model.Prezime,
Banovan = false
};
_korisnikRepo.Add(korisnik);
_korisnikRepo.SaveChanges();
var identity = CreateNewIdentity(model.KorisnickoIme, uloga, korisnik.KorisnikId.ToString());
var principal = new ClaimsPrincipal(identity);
await Authentication.Login(HttpContext, principal);
return(RedirectToAction("Index", "Home"));
}
public async Task <IActionResult> PromijeniLozinku(PromijeniLozinkuViewModel model)
{
int.TryParse(User?.FindFirst("Id")?.Value, out int korisnikId);
var korisnik = _korisnikRepo.Get(korisnikId);
if (korisnik == null)
{
return(NotFound());
}
var oldPw = HashingPasswords.GenerateHashArgon2(model.TrenutnaLozinka, korisnik.PasswordSalt);
if (korisnik.PasswordHash != oldPw)
{
ModelState.AddModelError("TrenutnaLozinka", "Lozinka je netačna");
return(View(model));
}
var salt = HashingPasswords.GenerateSalt();
var pw = HashingPasswords.GenerateHashArgon2(model.NovaLozinka, salt);
korisnik.PasswordHash = pw;
korisnik.PasswordSalt = salt;
_korisnikRepo.Update(korisnik);
_korisnikRepo.SaveChanges();
await Authentication.Logout(HttpContext);
return(RedirectToAction("Login", "Account"));
}
public async Task <IActionResult> Login(LoginViewModel model)
{
var user = _korisnikRepo.GetByUsername(model.KorisnickoIme);
if (user == null)
{
ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
Response.StatusCode = 400;
return(View());
}
if (user.Banovan)
{
ModelState.AddModelError("LoginGreska", "Žao name je, ali vi ste banovani. Ukoliko Vam je nejasno zašto, obratite se administratoru");
Response.StatusCode = 400;
return(View());
}
var pw = HashingPasswords.GenerateHashArgon2(model.Password, user.PasswordSalt);
//var pw2 = HashingPasswords.GenerateHashPBKDF2(model.Password, user.PasswordSalt);
//var pw3 = HashingPasswords.GenerateHashSHA256(model.Password, user.PasswordSalt);
//var pw4 = HashingPasswords.GenerateHashSHA512(model.Password, user.PasswordSalt);
//var pw5 = HashingPasswords.GenerateHashSHA1(model.Password, user.PasswordSalt);
if (user.PasswordHash != pw)
{
ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
Response.StatusCode = 400;
return(View());
}
var identity = CreateNewIdentity(user.KorisnickoIme, user.Uloga, user.KorisnikId.ToString());
var principal = new ClaimsPrincipal(identity);
await Authentication.Login(HttpContext, principal);
return(Redirect(model.ReturnUrl ?? "/"));
}