Esempio n. 1
0
        //public ActionResult Register()
        //{
        //    return View();
        //}

        //[HttpPost]
        //public ActionResult Register(Models.RegistrationModel info)
        //{
        //    if (!ModelState.IsValid)
        //    {
        //        return View(info);
        //    }
        //    using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
        //    {
        //        BusinessLogicLayer.UserBLL user = ctx.FindUserByUserName(info.UserName);
        //        //if (user != null)
        //        //{
        //        //    info.Message = $"The EMail Address '{info.Email}' already exists in the database";
        //        //    return View(info);
        //        //}
        //        user = new UserBLL();
        //        user.FirstName = info.FirstName;
        //        user.LastName = info.LastName;
        //        user.UserName = info.UserName;
        //        user.DateOfBirth = info.DateOfBirth;
        //        user.SALT = System.Web.Helpers.Crypto.
        //            GenerateSalt(Constants.SaltSize);
        //        user.HASH = System.Web.Helpers.Crypto.
        //            HashPassword(info.Password + user.SALT);
        //        user.Email = info.Email;
        //        user.RoleID = 3;
        //        ctx.CreateUser(user);
        //        Session["AUTHUserName"] = user.UserName;
        //        Session["AUTHRoles"] = user.RoleName;
        //        Session["AUTHTYPE"] = "HASHED";
        //        return RedirectToAction("Index");
        //    }
        //}

        public ActionResult Hash()
        {
            if (!User.Identity.IsAuthenticated)
            {
                return(View("NotLoggedIn"));
            }
            if (User.Identity.AuthenticationType.StartsWith("HASHED"))
            {
                return(View("AlreadyHashed"));
            }
            if (User.Identity.AuthenticationType.StartsWith("IMPERSONATED"))
            {
                return(View("ActionNotAllowed"));
            }
            using (BusinessLogicLayer.ContextBLL ctx = new BusinessLogicLayer.ContextBLL())
            {
                BusinessLogicLayer.UserBLL user = ctx.FindUserByUserName(User.Identity.Name);
                if (user == null)
                {
                    Exception Message = new Exception($"The UserName '{User.Identity.Name}' does not exist in the database");
                    ViewBag.Exception = Message;
                    return(View("Error"));
                }
                user.SALT = System.Web.Helpers.Crypto.GenerateSalt(Constants.SaltSize);
                user.HASH = System.Web.Helpers.Crypto.HashPassword(user.HASH + user.SALT);
                ctx.UpdateUser(user);

                string ValidationType = $"HASHED:({user.UserID})";

                Session["AUTHUserName"] = user.UserName;
                Session["AUTHRoles"]    = user.RoleName;
                Session["AUTHTYPE"]     = ValidationType;

                return(RedirectToAction("Index", "Home"));
            }
        }