public async Task <IHttpActionResult> ChangePasswordAsync() { string json = await Request.Content.ReadAsStringAsync(); dynamic data = JsonConvert.DeserializeObject <Dictionary <string, string> >(json); string login = data["login"]; string newPassword = data["newPassword"]; string oldPassword = data["oldPassword"]; User editUser = db.Users.Where(i => i.Login == login).FirstOrDefault(); if (editUser != null) { string encryptedOldPassword = Cryptographing.Encrypt(oldPassword.Trim()); string encryptedNewPassword = Cryptographing.Encrypt(newPassword.Trim()); // If written current password is the same as current password AND written current and new passwords are not NULLs if (encryptedOldPassword.Equals(editUser.EncryptedPassword) && encryptedOldPassword != null && encryptedNewPassword != null) { // If new password validates and is different from old one => CHANGE PASSWORD if (!encryptedNewPassword.Equals(encryptedOldPassword)) { await Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.ChangePassword, editUser.FirstName, editUser.LastName, editUser.Email, encryptedNewPassword)); return(Ok("Wysłano email z potwierdzeniem zmiany hasła!")); } } } return(BadRequest("Nie udało się zmienić hasła")); }
public ActionResult EditPassword(UserPasswordModel form) { User editUser = db.Users.Where(i => i.Login == HttpContext.User.Identity.Name).FirstOrDefault(); Debug.WriteLine("UserPanel"); if (editUser != null) { string encryptedOldPassword = Cryptographing.Encrypt(form.OldPassword.Trim()); string encryptedNewPassword = Cryptographing.Encrypt(form.NewPassword.Trim()); string encryptedNewPasswordValidation = Cryptographing.Encrypt(form.NewPasswordConfirmation.Trim()); // If written current password is the same as current password AND written current and new passwords are not NULLs if (encryptedOldPassword.Equals(editUser.EncryptedPassword) && encryptedOldPassword != null && encryptedNewPassword != null) { // If new password validates and is different from old one => CHANGE PASSWORD if (encryptedNewPassword.Equals(encryptedNewPasswordValidation) && !encryptedNewPassword.Equals(encryptedOldPassword)) { ViewBag.ConfirmChanges = "Potwierdź link w wysłanym mail'u by zastosować zmianę hasła."; Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.ChangePassword, editUser.FirstName, editUser.LastName, editUser.Email, encryptedNewPassword)); return(Json("Wysłano email z potwierdzeniem zmiany hasła!")); } } } return(Json("Something failed")); }
public IHttpActionResult Login(LoginBindingModel model) { var login = model.Login; var password = Cryptographing.Encrypt(model.Password); var user = db.Users.Where(x => x.Login == login && x.EncryptedPassword == password).SingleOrDefault(); if (user != null) { return(Ok(user)); } return(BadRequest("User not found")); }
public ActionResult Login(FormCollection collection) { if (collection["UserIdenticator"] != null && collection["EncryptedPassword"] != null) { var userIdenticator = collection["UserIdenticator"]; var password = Cryptographing.Encrypt(collection["EncryptedPassword"]); User user = null; if (userIdenticator != null && userIdenticator.Contains("@")) { user = db.Users.Where(x => x.Email == userIdenticator && x.EncryptedPassword == password).FirstOrDefault(); } else { user = db.Users.Where(x => x.Login == userIdenticator && x.EncryptedPassword == password).FirstOrDefault(); } if (user != null) { FormsAuthentication.SetAuthCookie(user.Login, (collection["rememberMeInput"] == "rememberMe")); if (user.AvatarImage == null) { Debug.WriteLine("Brak zdjęcia dodam defaultowe"); AvatarImage avatarImage = new AvatarImage() { PathToFile = "../../App_Files/Images/UserAvatars/DefaultAvatar.jpg", User = user }; user.AvatarImage = avatarImage; db.SaveChanges(); } ViewBag.UserAvatarURL = user.AvatarImage.PathToFile; return(RedirectToAction("Index", "Home")); } ViewBag.ErrorMessage = "Nieprawidłowe dane logowania"; } else { ViewBag.SomethingWentWrong = "Coś poszło nie tak."; } return(View()); }
public ActionResult PasswordReset(FormCollection collection) { if (Session["ResetPasswordEmail"] != null && !User.Identity.IsAuthenticated) { string email = Session["ResetPasswordEmail"].ToString(); if (collection["codeInput"] != null && collection["EncryptedPassword"] != null && collection["passwordRegisterInput2"] != null) { try { string Code = collection["codeInput"]; string NewPassword = collection["EncryptedPassword"]; string NewPasswordRepeated = collection["passwordRegisterInput2"]; var PasswordCode = db.PasswordResetCodes.Where(i => i.EmailAddress == email && i.CodeExpirationTime > DateTime.UtcNow && !i.Used).OrderByDescending(i => i.CodeCreationTime).FirstOrDefault(); var user = db.Users.Where(i => i.Email == email).FirstOrDefault(); if (PasswordCode != null && user != null) { if (Code.Equals(PasswordCode.PasswordResetCode) && NewPassword.Equals(NewPasswordRepeated) && PasswordCode.TriesCount < 3) { user.EncryptedPassword = Cryptographing.Encrypt(NewPassword); PasswordCode.Used = true; ConcurencyHandling.SaveChangesWithConcurencyHandling(db); Session.Clear(); return(RedirectToAction("Login", "User")); } else { PasswordCode.TriesCount++; ViewBag.ErrorMessage = "Niepoprawny kod"; ConcurencyHandling.SaveChangesWithConcurencyHandling(db); return(View()); } } } catch (Exception ex) { Debug.WriteLine(ex.StackTrace); return(new HttpStatusCodeResult(500)); } } } return(new HttpStatusCodeResult(404)); }
public IHttpActionResult Register(RegisterBindingModel model) { DateTime birthdate = DateTime.Parse(model.BirthDate); User user = new User() { FirstName = model.FirstName, LastName = model.LastName, Login = model.Login, EncryptedPassword = Cryptographing.Encrypt(model.Password), Email = model.Email, BirthDate = birthdate, CreationDate = DateTime.Now, IsActivated = false }; db.Users.Add(user); db.SaveChanges(); var bucket = new Bucket { User = db.Users.Where(i => i.Login == user.Login).First() }; db.Buckets.Add(bucket); db.SaveChanges(); Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.Registration, user.FirstName, user.LastName, user.Email)); if (user != null) { return(Ok()); } else { return(BadRequest("Cannot register user")); } }
public async Task <ActionResult> Register(FormCollection collection) { if (collection != null) { if (collection["Email"] != null && collection["Login"] != null && collection["BirthDate"] != null && collection["Password"] != null) { string email = collection["Email"].Trim(); string login = collection["Login"].Trim(); User tmpEmailUser = db.Users.Where(u => u.Email == email).FirstOrDefault(); User tmpLoginUser = db.Users.Where(u => u.Login == login).FirstOrDefault(); bool properDate = DateTime.TryParse(collection["BirthDate"], out DateTime dataUrodzenia); bool properAge = Utilities.CheckRegistrationAge(dataUrodzenia); bool uniqueEmail = tmpEmailUser is null; // If user with given EMAIL doesn't exist returns true that allows to register, works like "tmpEmailUser is null ? true : null" bool uniqueLogin = tmpLoginUser is null; // If user with given LOGIN doesn't exist returns true that allows to register, works like "tmpLoginUser is null ? true : null" bool minimalPswLength = collection["Password"].Length >= 8; if (!properDate) { ViewBag.DateMessage = "Nieprawidłowa data."; } if (!properAge) { ViewBag.AgeMessage = "Musisz mieć ukończone przynajmniej 13 lat."; } if (!uniqueEmail) { ViewBag.EmailMessage = "Konto z podanym emailem już istnieje!"; } if (!uniqueLogin) { ViewBag.LoginMessage = "Konto z podanym loginem już istnieje!"; } if (!minimalPswLength) { ViewBag.minimalPswLength = "Hasło musi być dłuższe niż 8 znaków!"; } if (ModelState.IsValid && properDate && properAge && uniqueEmail && uniqueLogin && minimalPswLength) { try { User user = new User() { FirstName = collection["FirstName"].Trim(), LastName = collection["LastName"].Trim(), Login = login, EncryptedPassword = Cryptographing.Encrypt(collection["Password"]), Email = email, BirthDate = dataUrodzenia, CreationDate = DateTime.Now, IsActivated = false }; AvatarImage avatarImage = new AvatarImage() { PathToFile = "../../App_Files/Images/UserAvatars/DefaultAvatar.jpg", User = user }; db.Users.Add(user); db.SaveChanges(); user.AvatarImage = avatarImage; db.SaveChanges(); var bucket = new Bucket { User = db.Users.Where(i => i.Login == user.Login).First() }; db.Buckets.Add(bucket); db.SaveChanges(); Order UniqueOrderForThatUser = new Order { User = db.Users.Where(i => i.Login == user.Login).First() }; db.Orders.Add(UniqueOrderForThatUser); db.SaveChanges(); Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.Registration, user.FirstName, user.LastName, user.Email)); return(RedirectToAction("Login")); } catch (Exception ex) { Debug.WriteLine(ex.StackTrace); ViewBag.SomethingWentWrong = "Coś poszło nie tak"; } } } } return(View()); }