public JsonResult RemoveUser(string username, string userid)
{
using (var db = new BloggingContext())
{
var user = (from u in db.Users
where u.Username.ToLower() == username.ToLower()
select u).First();
// Sanity check to make sure that the inputs haven't been
// fiddled with...
var hashCheck = new Hash(username, user.UserId, user.Email).GetHash();
if (userid != hashCheck)
{
return new JsonResult
{
Data = new
{
success = false,
message = "It looks like the request has been tampered with."
}
};
}
var blogModel = new Blogs.IndexModel();
if (blogModel.BlogExists(user.Username))
{
blogModel.RemoveBlog(db, user.Username);
}
var userRemoved = UserModel.RemoveUser(db, user);
return new JsonResult
{
Data = userRemoved
};
}
}
public static bool SetPassword(string username, string hash, string password)
{
using (var db = new BloggingContext())
{
var user = (from u in db.Users
where u.Username.ToLower() == username.ToLower()
select u).FirstOrDefault();
if (user == null) { return false; }
// Hash the user, user id, and email. Compare against the hash passed in...
var comparehash = new Hash(user.Username, user.UserId, user.Email).GetHash();
if (hash != comparehash) { return false; }
// Ok, so we look good!
user.Password = Helpers.SHA1.Encode(password);
db.SaveChanges();
return true;
}
}
