public ActionResult Index(AppLogin login)
{
if (this.ModelState.IsValid)
{
DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext);
DBEditorRepository editorRepository = new DBEditorRepository(this.DatabaseContext);
DBEditor editor = editorRepository.Find(login.Username);
if (editor != null && login.Username == editor.Username && PasswordHasher.Hash(login.Password, editor.PasswordSalt) == editor.PasswordHash)
{
DBLogin dBLogin = new DBLogin()
{
IDEditor = editor.ID, UserAgent = Request.UserAgent, UserIP = IPObtainer.GetIP(), UTCLogoutTime = DateTime.UtcNow.AddMinutes(10)
};
loginRepository.Add(dBLogin, true);
this.Session["authorized"] = dBLogin;
return(RedirectToAction("Index", "Admin"));
}
else
{
return(View()); //neexistuje nebo nesedí přihlašovací údaje
}
}
return(View());
}
public ActionResult Details(int id)
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request))
{
this.Authorizer.ReauthorizeLogin(this.Session);
DBEditor editor = new DBEditorRepository(this.DatabaseContext).Find(id);
this.ViewBag.Header = $"User { editor.ToString() }";
return(View(editor));
}
return(RedirectToAction("Index", "Login"));
}
public ActionResult Delete(int id)
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request))
{
DBEditorRepository repository = new DBEditorRepository(this.DatabaseContext);
if ((this.Session["authorized"] as DBLogin).IDEditor != id)
{
repository.Remove(repository.Find(id), true);
}
return(RedirectToAction("Index"));
}
return(RedirectToAction("Index", "Login"));
}
public ActionResult Edit(int id)
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request))
{
this.Authorizer.ReauthorizeLogin(this.Session);
DBEditor editor = new DBEditorRepository(this.DatabaseContext).Find(id);
AppUser appUser = new AppUser()
{
ID = editor.ID, FirstName = editor.FirstName, MiddleName = editor.MiddleName, LastName = editor.LastName, NewUsername = editor.Username, NewPassword = "******"
};
this.ViewBag.Header = $"Edit user { editor.ToString() }";
return(View(appUser));
}
return(RedirectToAction("Index", "Login"));
}
public ActionResult Create()
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request))
{
this.Authorizer.ReauthorizeLogin(this.Session);
this.ViewBag.Header = "Create blog article";
DBEditor editor = new DBEditorRepository(this.DatabaseContext).Find((this.Session["authorized"] as DBLogin).IDEditor);
this.ViewBag.Editor = editor;
return(View(new DBBlogArticle()
{
IDEditor = editor.ID
}));
}
return(RedirectToAction("Index", "Login"));
}
public ActionResult Edit(AppUser user)
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request) && this.ModelState.IsValid)
{
DBEditorRepository repository = new DBEditorRepository(this.DatabaseContext);
DBEditor editor = repository.Find(user.ID);
editor.FirstName = user.FirstName;
editor.MiddleName = user.MiddleName;
editor.LastName = user.LastName;
editor.Username = user.NewUsername;
if (editor.PasswordHash != PasswordHasher.Hash(user.NewPassword, editor.PasswordSalt))
{
editor.Username = PasswordHasher.Hash(user.NewPassword, editor.PasswordSalt);
}
repository.Update(editor, true);
return(RedirectToAction("Index"));
}
return(RedirectToAction("Index", "Login"));
}
