public ActionResult Register(Users user)
{
if (ModelState.IsValid)
{
HashingPasswordService hashingPasswordService = new HashingPasswordService();
string salt = "sheldonthemightylittlegeniusman";
string hashedPassword = hashingPasswordService.GenerateSHA256Hash(user.Password, salt);
user.Password = hashedPassword;
user.IsAdmin = false;
return(base.Create(user));
}
return(View(user));
}
public ActionResult Login(Users user)
{
HashingPasswordService hashingPasswordService = new HashingPasswordService();
string salt = "sheldonthemightylittlegeniusman";
string hashedPassword = hashingPasswordService.GenerateSHA256Hash(user.Password, salt);
List <Users> allUsers = UnitOfWork.UOW.UserRepository.GetAll();
if (allUsers.Exists(x => x.Username == user.Username && x.Password == hashedPassword))
{
LoginService loginService = new LoginService();
loginService.Login(user);
return(RedirectToAction(nameof(Read)));
}
else
{
ModelState.AddModelError("", "Wrong username or password!");
}
return(View(user));
}
public ActionResult ChangePassword(ChangeUserPasswordViewModel changeUserPasswordViewModel)
{
if (changeUserPasswordViewModel.ID != SessionDTO.ID && SessionDTO.IsAdmin == false)
{
return(new ViewResult {
ViewName = "InsufficientPermission"
});
}
if (ModelState.IsValid)
{
HashingPasswordService hashingPasswordService = new HashingPasswordService();
string salt = "sheldonthemightylittlegeniusman";
string hashedPassword = hashingPasswordService.GenerateSHA256Hash(changeUserPasswordViewModel.Password, salt);
changeUserPasswordViewModel.Password = hashedPassword;
List <Users> allUsers = UnitOfWork.UOW.UserRepository.GetAll();
Users user = allUsers.Where(x => x.ID == changeUserPasswordViewModel.ID).FirstOrDefault();
user.Password = changeUserPasswordViewModel.Password;
return(base.Update(user));
}
return(View(changeUserPasswordViewModel));
}
