public IActionResult Authorization(string login, string password) { var user = from us in db.Users where us.Login == login select new Users { UserId = us.UserId, Login = us.Login, AccessLevelId = us.AccessLevelId, PasswordHash = us.PasswordHash, PasswordSalt = us.PasswordSalt }; foreach (Users item in user) { _checkUser = item; } if (_checkUser == null) { ViewBag.ErrMessage = "Пользователь с таким логином не найден"; return(View()); } //доступ для пользоавтелей закрыт if (_checkUser.AccessLevelId > 3) { ViewBag.ErrMessage = "В доступе отказано"; return(View()); } _password.PasswordHash = _checkUser.PasswordHash; _password.PasswordSalt = _checkUser.PasswordSalt; if (!_password.ComparePassword(password)) { ViewBag.ErrMessage = "Неверный пароль"; return(View()); } UserSession.Instance(_checkUser.UserId); switch (_checkUser.AccessLevelId) { case 1: return(Redirect("~/StudentHomePage/Index")); case 2: return(Redirect("~/StudentHomePage/Index")); case 3: return(Redirect("~/TeacherHomePage/Index")); default: break; } return(View()); }
public bool?TestarSenha(string _senha, string _email) { try { // string senhaCriptografada; string senha = (from user in vetDb.Autenticacao where user.Email == _email select user.Senha).Single(); Password password = new Password(); //senhaCriptografada = password.ComparePassword(_senha); return(password.ComparePassword(senha, _senha)); } catch (ArgumentNullException e) { throw; } catch (InvalidOperationException e) { throw; } }
public ActionResult Authenticate(FormCollection formCollection) { string enteredEmail = formCollection["Email"]; bool passwordMatched; byte[] storedHashBytes; byte[] storedSaltBytes = new byte[16]; var userEmails = from data in db.TblUsers select data.Email; if (enteredEmail == "" || formCollection["Password"] == "") { return(Content("<script language='javascript' type='text/javascript'>alert('Email and Password must not be empty!')</script >")); } foreach (string email in userEmails) { if (email.Equals(enteredEmail)) { var user = from data in db.TblUsers where data.Email.Equals(email) select data; var sysData = from data in db.TblSysCredentials select data; if (!user.FirstOrDefault().ValidateEmail) { Email.Email.BuildEmailTemplate(user.FirstOrDefault().UserId, user.FirstOrDefault().Email, sysData.FirstOrDefault().Email, sysData.FirstOrDefault().Password); return(Content("<script language='javascript' type='text/javascript'>alert('Account is not verified!Please verify your account from your email.')</script >")); } else { var userData = from data in db.TblUsers where data.Email.Equals(email) select data; string enteredPassword = formCollection["password"]; storedHashBytes = Convert.FromBase64String(userData.FirstOrDefault().Hash); storedSaltBytes = Convert.FromBase64String(userData.FirstOrDefault().Salt); passwordMatched = Password.ComparePassword(enteredPassword, storedHashBytes, storedSaltBytes); if (passwordMatched == true) { if (userData.FirstOrDefault().UserType.Equals("Donor")) { Session["UserId"] = userData.FirstOrDefault().UserId; if (Session["UserId"] != null) { return(RedirectToAction("Index", "Response")); } } else { Session["UserId"] = userData.FirstOrDefault().UserId; if (Session["UserId"] != null) { return(RedirectToAction("Index", "Request")); } } } else { return(Content("<script language='javascript' type='text/javascript'>alert('Email or Password does not match!')</script >")); } } } } return(Content("<script language='javascript' type='text/javascript'>alert('You must register first!')</script >")); }
//метод для проверки пароля public bool CheckPassword() { Password ps = new Password(_user.PasswordHash, _user.PasswordSalt); return(ps.ComparePassword(_password)); }