public async Task <IActionResult> UpdateSettings(string firstName, string lastName, string email,
int departmentId, string oldPassword, string password, string passwordConfirmed,
bool gdpr, string returnUrl)
{
User u = Queries.GetUserByClaims(_context, User.Claims);
if (password != "" && password != null && Hash.HashPassword(oldPassword, u.Salt) == u.Password && password == passwordConfirmed)
{
u.FirstName = firstName;
u.LastName = lastName;
u.Email = email;
u.DepartmentId = departmentId;
u.Gdpr = gdpr;
Byte[] salt = Hash.GenerateSalt();
var PasswordEncrypted = Hash.HashPassword(password, salt);
u.Salt = Hash.ConvertSaltToString(salt);
u.Password = PasswordEncrypted;
_context.User.Update(u);
await _context.SaveChangesAsync();
TempData["Succes"] = "The settings are succesfully saved.";
return(RedirectToActionPermanent(returnUrl.Split("_")[1], returnUrl.Split("_")[0]));
}
else if (password == "" || password == null)
{
u.FirstName = firstName;
u.LastName = lastName;
u.Email = email;
u.DepartmentId = departmentId;
u.Gdpr = gdpr;
_context.User.Update(u);
await _context.SaveChangesAsync();
TempData["Succes"] = "The settings are succesfully saved.";
return(RedirectToActionPermanent(returnUrl.Split("_")[1], returnUrl.Split("_")[0]));
}
else if (Hash.HashPassword(oldPassword, u.Salt) != u.Password)
{
TempData["PasswordError"] = "Old Password did not match with this account.";
}
else if (password != passwordConfirmed && password != "")
{
TempData["NewPasswordError"] = "New password did not match with its confirmation.";
}
else if (!Hash.PasswordMeetsRequirements(password))
{
TempData["PasswordRequirementsError"] = "Please make sure that the new password meets the requirements.";
}
else
{
TempData["Error"] = "Something went wrong. Please contact an administrator.";
}
return(RedirectToActionPermanent("Settings", "Account"));
}
public async Task <IActionResult> RegisterUser(string firstName, string lastName,
string email, string password, string passwordConfirmed, int departmentId,
bool gdpr, string returnUrl)
{
if (password != passwordConfirmed)
{
TempData["PasswordError"] = "Password's don't match.";
return(View("Register", new RegisterView(_context)));
}
if (!Hash.PasswordMeetsRequirements(password))
{
TempData["PasswordReqError"] = "Make sure that the password meets the requirements.";
return(View("Register", new RegisterView(_context)));
}
var user = Queries.GetUserByEmail(_context, email);
if (user != null)
{
TempData["EmailError"] = "Email is already in use.";
return(View("Register", new RegisterView(_context)));
}
var salt = Hash.GenerateSalt();
var saltString = Hash.ConvertSaltToString(salt);
string passwordEncrypted = Hash.HashPassword(password, salt);
User u = new User(firstName, lastName, false, email, passwordEncrypted, saltString, gdpr, departmentId);
_context.User.Add(u);
await _context.SaveChangesAsync();
return(await Validate(email, password, returnUrl));
}
