public async Task <IActionResult> UpdateSettings(string firstName, string lastName, string email, int departmentId, string oldPassword, string password, string passwordConfirmed, bool gdpr, string returnUrl) { User u = Queries.GetUserByClaims(_context, User.Claims); if (password != "" && password != null && Hash.HashPassword(oldPassword, u.Salt) == u.Password && password == passwordConfirmed) { u.FirstName = firstName; u.LastName = lastName; u.Email = email; u.DepartmentId = departmentId; u.Gdpr = gdpr; Byte[] salt = Hash.GenerateSalt(); var PasswordEncrypted = Hash.HashPassword(password, salt); u.Salt = Hash.ConvertSaltToString(salt); u.Password = PasswordEncrypted; _context.User.Update(u); await _context.SaveChangesAsync(); TempData["Succes"] = "The settings are succesfully saved."; return(RedirectToActionPermanent(returnUrl.Split("_")[1], returnUrl.Split("_")[0])); } else if (password == "" || password == null) { u.FirstName = firstName; u.LastName = lastName; u.Email = email; u.DepartmentId = departmentId; u.Gdpr = gdpr; _context.User.Update(u); await _context.SaveChangesAsync(); TempData["Succes"] = "The settings are succesfully saved."; return(RedirectToActionPermanent(returnUrl.Split("_")[1], returnUrl.Split("_")[0])); } else if (Hash.HashPassword(oldPassword, u.Salt) != u.Password) { TempData["PasswordError"] = "Old Password did not match with this account."; } else if (password != passwordConfirmed && password != "") { TempData["NewPasswordError"] = "New password did not match with its confirmation."; } else if (!Hash.PasswordMeetsRequirements(password)) { TempData["PasswordRequirementsError"] = "Please make sure that the new password meets the requirements."; } else { TempData["Error"] = "Something went wrong. Please contact an administrator."; } return(RedirectToActionPermanent("Settings", "Account")); }
public async Task <IActionResult> RegisterUser(string firstName, string lastName, string email, string password, string passwordConfirmed, int departmentId, bool gdpr, string returnUrl) { if (password != passwordConfirmed) { TempData["PasswordError"] = "Password's don't match."; return(View("Register", new RegisterView(_context))); } if (!Hash.PasswordMeetsRequirements(password)) { TempData["PasswordReqError"] = "Make sure that the password meets the requirements."; return(View("Register", new RegisterView(_context))); } var user = Queries.GetUserByEmail(_context, email); if (user != null) { TempData["EmailError"] = "Email is already in use."; return(View("Register", new RegisterView(_context))); } var salt = Hash.GenerateSalt(); var saltString = Hash.ConvertSaltToString(salt); string passwordEncrypted = Hash.HashPassword(password, salt); User u = new User(firstName, lastName, false, email, passwordEncrypted, saltString, gdpr, departmentId); _context.User.Add(u); await _context.SaveChangesAsync(); return(await Validate(email, password, returnUrl)); }