Esempio n. 1
0
        public void Login()
        {
            string username = Request.Form["username"].ToString();
            string passwd   = Request.Form["password"].ToString();

            using (var db = new Models.SimpleShopDbContext())
            {
                var admin = db.Admins.FirstOrDefault(p => p.Name == username);
                if (admin != null)
                {
                    byte[] passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(passwd + admin.Salt);
                    byte[] hashBytes            = new System.Security.Cryptography.SHA256Managed().ComputeHash(passwordAndSaltBytes);
                    string hashString           = Convert.ToBase64String(hashBytes);

                    if (hashString == admin.Passwd)
                    {
                        // user login successfully
                        Response.Redirect("/AdminManager/Default/Main");
                    }
                    else
                    {
                        throw new ApplicationException("invalid user name and password");
                    }
                }
                else
                {
                    Response.Redirect("/AdminManager/Default/Index");
                }
            }
        }
Esempio n. 2
0
        public void RegisterDeal()
        {
            string username = Request.Form["username"].ToString();
            string passwd   = Request.Form["passwd"].ToString();
            string salt     = Guid.NewGuid().ToString();

            byte[] passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(passwd + salt);
            byte[] hashBytes            = new System.Security.Cryptography.SHA256Managed().ComputeHash(passwordAndSaltBytes);

            string hashString = Convert.ToBase64String(hashBytes);

            using (var db = new Models.SimpleShopDbContext())
            {
                var admin = db.Admins.Add(new Models.Admin {
                    Name = username, Passwd = hashString, CellPhone = "13283888062", Salt = salt
                });
                var rs = db.SaveChanges();
                if (rs > 0)
                {
                    Response.Write(Newtonsoft.Json.JsonConvert.SerializeObject(admin));
                }
            }
        }