public ActionResult Login(LoginModel info)
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.FindUserByEmail(info.EmailAddress);
if (user == null)
{
info.Message = $"The EmailAddress '{info.EmailAddress}' does not exist in the database";
return(View(info));
}
string actual = user.Password;
//string potential = user.Salt + info.Password;
//bool validateduser = Sybool Valstem.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
bool validateduser = user.Password == info.Password;
if (validateduser)
{
Session["AUTHEmailAddress"] = user.EmailAddress;
Session["AUTHRole"] = user.Role;
return(Redirect(info.ReturnURL));
}
info.Message = "The password was incorrect";
return(View(info));
}
}
catch (Exception ex)
{
return(View("Error", ex));
}
}
public ActionResult Register(RegistrationModel info)
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.FindUserByEMail(info.EMail);
if (user != null)
{
info.Message = $"The EMail Address '{info.EMail}' already exists in the database";
return(View(info));
}
user = new UserBLL();
user.DateOfBirth = info.DateOfBirth;
user.EMail = info.EMail;
user.Salt = System.Web.Helpers.Crypto.
GenerateSalt(MagicConstants.SaltSize);
user.Hash = System.Web.Helpers.Crypto.
HashPassword(info.Password + user.Salt);
user.RoleID = 3;
ctx.CreateUser(user);
Session["AUTHUsername"] = user.EMail;
Session["AUTHRoles"] = user.RoleName;
Session["AUTHTYPE"] = "HASHED";
return(RedirectToAction("Index"));
}
}
public ActionResult Register(RegistrationModel register)
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.UserFindByEMail(register.Email);
if (user != null)
{
register.Message = $"The Email address '{register.Email}' has already been registered.";
return(View(register));
}
user = new UserBLL();
user.UserName = register.UserName;
user.Name = register.Name;
user.Address = register.Address;
user.Email = register.Email;
user.Salt = System.Web.Helpers.Crypto.GenerateSalt(MuhConstants.SaltSize);
user.Hash = System.Web.Helpers.Crypto.HashPassword(register.Password + user.Salt);
user.RoleID = 3;
ctx.UserCreate(user);
Session["AUTHUserName"] = user.Email;
Session["AUTHRoles"] = user.RoleID;
Session["AUTHTYPE"] = "HASHED";
return(RedirectToAction("Index"));
}
}
public ActionResult Roles()
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
List <BusinessLogicLayer.RoleBLL> model = ctx.GetRoles(0, 100);
return(View(model));
}
}
// GET: Roles
public ActionResult Index()
{
List <RoleBLL> items = null;
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
items = ctx.RoleGetAll(0, 100);
}
return(View(items));
}
public ActionResult Edit(int id, BreedBLL edit)
{
try
{ using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
ctx.BreedUpdateJust(id, edit.BreedName);
// TODO: Add update logic here
return(RedirectToAction("Index")); }
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
// GET: Morph
public ActionResult Index()
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
var m = ctx.GetMorphs(0, 100);
return(View(m));
}
}
catch (Exception ex)
{
return(View("Error", ex));
}
}
// GET: Breed/Delete/5
public ActionResult Delete(int id)
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
ctx.BreedFindByID(id);
}
return(View());
}catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Edit(int id, DogBLL edit)
{
try
{
// TODO: Add update logic here
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
ctx.DogUpdateJust(id, edit.Name, edit.IsSmallBreed, edit.IsDogHairless, edit.Medical, edit.AdoptDate, edit.SurrenderDate);
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Delete(int id, UserBLL delete)
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
ctx.UserDelete(id);
// TODO: Add delete logic here
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Edit(int id, UserBLL edit)
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
ctx.UserUpdateJust(id, edit.UserName, edit.Email, edit.Address, edit.Hash, edit.Salt, edit.RoleID);
// TODO: Add update logic here
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
// GET: Breed/Details/5
public ActionResult Details(int id)
{
try
{
BreedBLL it = null;
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
it = ctx.BreedFindByID(id);
}
return(View(it));
}catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
// GET: Users
public ActionResult Index()
{
List <UserBLL> items = null;
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
items = ctx.UserGetAll(0, 25);
}
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
}
return(View(items));
}
public ActionResult Create(RoleBLL Roles)
{
try
{
// TODO: Add insert logic here
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
ctx.RoleCreate(Roles.RoleName);
}
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Index"));
}
}
// GET: Gecko
public ActionResult Index()
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
string id = HttpContext.User.Identity.Name;
UserBLL u = ctx.FindUserByEmail(id);
var m = ctx.GetGcekosRelatedToUser(0, 100, u.UserID);
return(View(m));
}
}
catch (Exception ex)
{
return(View("Error", ex));
}
}
public ActionResult Create(BreedBLL breed)
{
try
{
// TODO: Add insert logic here
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
ctx.BreedCreate(breed.BreedName);
}
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
// GET: Breed
public ActionResult Index()
{
try
{
List <BreedBLL> items = null;
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
items = ctx.BreedGetAll(0, 25);
}
return(View(items));
}catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Create(DogBLL dog)
{
try
{
// TODO: Add insert logic here
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
ctx.DogCreate(dog.Name, dog.BreedID, dog.IsSmallBreed, dog.IsDogHairless, dog.Medical, dog.AdoptDate, dog.SurrenderDate);
}
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error", ex));
}
}
// GET: Dogs/Edit/5
public ActionResult Edit(int id)
{
try
{
DogBLL it = null;
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
it = ctx.DogFindByID(id);
}
return(View("Edit"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Create(UserBLL user)
{
try
{
// TODO: Add insert logic here
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
ctx.UserCreate(user.UserName, user.Name, user.Address, user.Email, user.Hash, user.Salt, user.RoleID);
}
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
}
public ActionResult Login(LoginModel info)
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.FindUserByEMail(info.EMail);
if (user == null)
{
info.Message = $"The Username '{info.EMail}' does not exist in the database";
return(View(info));
}
string actual = user.Hash;
//string potential = info.Password + user.Salt ;
//bool validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
string potential = info.Password;
string ValidationType = $"ClearText:({user.UserID})";
bool validateduser = actual == potential;
if (!validateduser)
{
potential = info.Password + user.Salt;
try
{
// this try catches the event where a cleartext user types the
// wrong password. The VerifyHashedPassword will throw exception
// because salt is invalid.
validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
ValidationType = $"HASHED:({user.UserID})";
}
catch (Exception)
{
validateduser = false;
}
}
if (validateduser)
{
Session["AUTHUsername"] = user.EMail;
Session["AUTHRoles"] = user.RoleName;
Session["AUTHTYPE"] = ValidationType;
return(Redirect(info.ReturnURL));
}
info.Message = "The password was incorrect";
return(View(info));
}
}
public ActionResult Create(Models.CreateUser info)
{
try
{
//using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
//{
if (!ModelState.IsValid)
{
return(View(info));
}
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.FindUserByUserName(info.UserName);
//if (user != null)
//{
// info.Message = $"The EMail Address '{info.Email}' already exists in the database";
// return View(info);
//}
user = new UserBLL();
user.FirstName = info.FirstName;
user.LastName = info.LastName;
user.UserName = info.UserName;
user.DateOfBirth = info.DateOfBirth;
user.RoleID = info.RoleID;
user.SALT = System.Web.Helpers.Crypto.
GenerateSalt(Constants.SaltSize);
user.HASH = System.Web.Helpers.Crypto.
HashPassword(info.Password + user.SALT);
user.Email = info.Email;
ctx.CreateUser(user);
Session["AUTHUserName"] = user.UserName;
Session["AUTHRoles"] = user.RoleName;
Session["AUTHTYPE"] = "HASHED";
}
return(RedirectToAction("Index"));
}
catch (Exception Ex)
{
ViewBag.Exception = Ex;
return(View("Error"));
}
}
public ActionResult Login(LoginModel info)
{
//authentication logic
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.UserFindByEMail(info.Email);
if (user == null)
{
info.message = $"The username '{info.Email}'is not in the database";
return(View(info));
}
string actual = user.Hash;
//string potential = info.Password + user.Salt;
//bool validated user = System.Web.Helpers.Crypto.VerifyHashedPasswords(actual, potential);
string potential = info.Password;
string ValidationType = "$ClearText:({user.UserID})";
bool validateduser = actual == potential;
{
potential = info.Password + user.Salt;
try
{
validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
ValidationType = $"HASHED:({user.UserID})";
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
validateduser = false;
}
}
if (validateduser)
{
Session["AUTHUsername"] = user.Email;
Session["AUTHRoles"] = user.RoleID;
Session["AUTHTYPE"] = ValidationType;
return(Redirect(info.ReturnURL));
}
info.message = "The username or password was incorrect. Please try again.";
return(View(info));
}
}
// GET: Home/Hash
public ActionResult Hash()
{
if (!User.Identity.IsAuthenticated)
{
return(View("NotLoggedIn"));
}
if (User.Identity.AuthenticationType.StartsWith("HASHED"))
{
return(View("AlreadyHashed"));
}
if (User.Identity.AuthenticationType.StartsWith("IMPERSONATED"))
{
return(View("ActionNotAllowed"));
}
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.User_FindByUserName(User.Identity.Name);
if (user == null)
{
Exception Message = new Exception($"The Username '{User.Identity.Name}' does not exist in the database");
ViewBag.Exception = Message;
return(View("Error"));
}
user.PasswordSalt = System.Web.Helpers.Crypto.GenerateSalt(Constants.SaltSize);
user.PasswordHash = System.Web.Helpers.Crypto.HashPassword(user.PasswordHash + user.PasswordSalt);
ctx.User_JustUpdate(user);
string ValidationType = $"HASHED:({user.UserID})";
Session["AUTHUsername"] = user.UserEmail;
Session["AUTHRoles"] = user.RoleName;
Session["AUTHTYPE"] = ValidationType;
return(RedirectToAction("Index", "Home"));
}
}
// GET: Users/Edit/5
public ActionResult Edit(int id)
{
UserBLL user;
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
user = ctx.UserFindByID(id);
if (null == user)
{
return(View("Error"));
}
}
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
return(View("Error"));
}
ViewBag.Roles = GetRoleItems();
return(View(user));
}
public ActionResult Login(Models.LoginModel info)
{
if (!ModelState.IsValid)
{
return(View(info));
}
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
BusinessLogicLayer.UserBLL user = ctx.FindUserByUserName(info.UserName);
if (user == null)
{
info.Message = $"The UserName '{info.UserName}' does not exist in the database";
return(View(info));
}
string actual = user.HASH;
string potential = info.Password;
string ValidationType = $"ClearText:({user.UserID})";
//bool validateduser = potential == actual;
bool validateduser = potential == actual;
if (!validateduser)
{
potential = info.Password + user.SALT;
validateduser = System.Web.Helpers.Crypto.VerifyHashedPassword(actual, potential);
ValidationType = $"HASHED:({user.UserID})";
}
if (validateduser)
{
Session["AUTHUserName"] = user.UserName;
Session["AUTHRoles"] = user.RoleName;
Session["AUTHTYPE"] = ValidationType;
return(Redirect(info.ReturnURL));
}
info.Message = "The UserName or Password was incorrect";
return(View(info));
}
}
public ActionResult Hash()
{
if (!User.Identity.IsAuthenticated)
{
return(View("NotLoggedIn"));
}
if (User.Identity.AuthenticationType.StartsWith("HASHED"))
{
return(View("AlreadyHashed"));
}
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
try
{
BusinessLogicLayer.UserBLL user = ctx.UserFindByEMail(User.Identity.Name);
if (user == null)
{
Exception Message = new Exception($"The UserName '{User.Identity.Name}' doesn't exist in the database.");
ViewBag.Exception = Message;
return(View("Error"));
}
user.Salt = System.Web.Helpers.Crypto.GenerateSalt(MuhConstants.SaltSize);
user.Hash = System.Web.Helpers.Crypto.HashPassword(user.Hash + user.Salt);
ctx.UserUpdateJust(user);
string ValidationType = $"HASHED:({user.UserID})";
Session["AUTHUserName"] = user.Email;
Session["AUTHRoles"] = user.RoleID;
Session["AUTHTYPE"] = ValidationType;
}
catch (Exception ex)
{
Logger.Logger.Log(ex);
}
return(RedirectToAction("Index", "Home"));
}
}
// GET: Gecko/Edit/5
public ActionResult Edit(int id)
{
try
{
using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
{
GeckoBLL g = ctx.FindGeckoByID(id);
{
if (g == null)
{
return(View("ItemNotFound"));
}
else
{
return(View(g));
}
}
}
}
catch (Exception ex)
{
return(View("Error", ex));
}
}
