Esempio n. 1
0
        /// <summary>
        /// Creates a new user and saves their username in session.
        /// </summary>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <param name="role"></param>
        /// <returns></returns>
        public void Register(string username, string password, string role)
        {
            HashProvider   hashProvider = new HashProvider();
            HashedPassword passwordHash = hashProvider.HashPassword(password);

            User user = new User
            {
                Username = username,
                Password = passwordHash.Password,
                Salt     = passwordHash.Salt,
                Role     = role
            };

            userDAO.CreateUser(user);
            Session.SetString(SessionKey, user.Username);
        }
Esempio n. 2
0
        /// <summary>
        /// Changes the current user's password.
        /// </summary>
        /// <param name="existingPassword"></param>
        /// <param name="newPassword"></param>
        /// <returns></returns>
        public bool ChangePassword(string existingPassword, string newPassword)
        {
            HashProvider hashProvider = new HashProvider();
            User         user         = GetCurrentUser();

            // Confirm existing password match
            if (user != null && hashProvider.VerifyPasswordMatch(user.Password, existingPassword, user.Salt))
            {
                // Hash new password
                HashedPassword newHash = hashProvider.HashPassword(newPassword);
                user.Password = newHash.Password;
                user.Salt     = newHash.Salt;

                // Save into the db
                userDAO.UpdateUser(user);

                return(true);
            }

            return(false);
        }