public ActionResult Index(AppLogin login) { if (this.ModelState.IsValid) { DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext); DBEditorRepository editorRepository = new DBEditorRepository(this.DatabaseContext); DBEditor editor = editorRepository.Find(login.Username); if (editor != null && login.Username == editor.Username && PasswordHasher.Hash(login.Password, editor.PasswordSalt) == editor.PasswordHash) { DBLogin dBLogin = new DBLogin() { IDEditor = editor.ID, UserAgent = Request.UserAgent, UserIP = IPObtainer.GetIP(), UTCLogoutTime = DateTime.UtcNow.AddMinutes(10) }; loginRepository.Add(dBLogin, true); this.Session["authorized"] = dBLogin; return(RedirectToAction("Index", "Admin")); } else { return(View()); //neexistuje nebo nesedí přihlašovací údaje } } return(View()); }
public ActionResult Delete(int id) { if (this.Authorizer.IsLogedIn(this.Session, this.Request)) { DBEditorRepository repository = new DBEditorRepository(this.DatabaseContext); if ((this.Session["authorized"] as DBLogin).IDEditor != id) { repository.Remove(repository.Find(id), true); } return(RedirectToAction("Index")); } return(RedirectToAction("Index", "Login")); }
public ActionResult Edit(AppUser user) { if (this.Authorizer.IsLogedIn(this.Session, this.Request) && this.ModelState.IsValid) { DBEditorRepository repository = new DBEditorRepository(this.DatabaseContext); DBEditor editor = repository.Find(user.ID); editor.FirstName = user.FirstName; editor.MiddleName = user.MiddleName; editor.LastName = user.LastName; editor.Username = user.NewUsername; if (editor.PasswordHash != PasswordHasher.Hash(user.NewPassword, editor.PasswordSalt)) { editor.Username = PasswordHasher.Hash(user.NewPassword, editor.PasswordSalt); } repository.Update(editor, true); return(RedirectToAction("Index")); } return(RedirectToAction("Index", "Login")); }