public ActionResult Login(LoginViewModel model) { if (ModelState.IsValid) { var user = usersDAL.GetUser(model.Username); if (user == null) { ModelState.AddModelError("Username", "The username or password is invalid."); return(View("Login", model)); } var hashProvider = new HashProvider(); if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt)) { ModelState.AddModelError("Username", "The username or password is invalid."); return(View("Login", model)); } LogUserIn(user.Username); return(RedirectToAction("Index", "Home")); } return(View("Login", model)); }
public ActionResult Login(LoginViewModel model) { if (!ModelState.IsValid) { return(View("Login", model)); } User user = userDal.GetUser(model.EmailAddress); if (user != null) { HashProvider hashProvider = new HashProvider(); bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt); //user.Salt) if (!doesPasswordMatch) { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } } else { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } FormsAuthentication.SetAuthCookie(user.Email, true); Session[SessionKeys.Username] = user.Username; Session[SessionKeys.EmailAddress] = user.Email; Session[SessionKeys.UserId] = user.User_Id; return(RedirectToAction("Index", "Home")); }
public ActionResult LoginPost(User model) { if (!ModelState.IsValid) { return(View("Index", model)); } if (model.EmailAddress != null && model.EmailAddress != "") { HashProvider hashProvider = new HashProvider(); User u = new User() { EmailAddress = model.EmailAddress }; User validatedUser = userDAL.GetUser(u); if (validatedUser != null && validatedUser.Password != null && validatedUser.Salt != null) { bool passwordMatches = hashProvider.VerifyPasswordMatch(validatedUser.Password, model.Password, validatedUser.Salt); if (validatedUser.EmailAddress != null && passwordMatches) { Session["Login"] = validatedUser; return(RedirectToAction("Index", "Home")); } else { return(RedirectToAction("Index")); } } } return(RedirectToAction("Index")); }
public User GetUser(LoginViewModel loginInfo) { User output = null; string userName = loginInfo.Email; HashProvider hashProvider = new HashProvider(); string SQL_LoginString = @"Select TOP 1 * from users WHERE username = @username AND isActive = 'true'"; Dictionary <string, object> dynamicParameterArgs = new Dictionary <string, object>(); dynamicParameterArgs.Add("@username", userName); //dynamicParameterArgs.Add("@password", hashedPassword.Password); using (SqlConnection myConnection = new SqlConnection(connectionString)) { myConnection.Open(); output = myConnection.Query <User>(SQL_LoginString, new DynamicParameters(dynamicParameterArgs)).ToList().FirstOrDefault(); //SqlCommand myCommand = new SqlCommand(SQL_LoginString, myConnection); } if (output != null && hashProvider.VerifyPasswordMatch(output.Password, loginInfo.Password, output.Salt)) { return(output); } else { return(null); } }
public ActionResult Login(UserModel user) { UserSqlDal dal = new UserSqlDal(); UserModel existingUser = dal.Login(user.Username); if (existingUser == null) { user.LoginFail = true; return(View("Login", user)); } HashProvider provider = new HashProvider(); if (user.LoginPassword != null && provider.VerifyPasswordMatch(existingUser.Password, user.LoginPassword, existingUser.Salt)) { user.LoginFail = false; user.IsOnline = true; Session["user"] = user; Session["username"] = user.Username; return(RedirectToAction("LoggedInLanding", "Home")); } user.LoginFail = true; return(View("Login", user)); }
/// <summary> /// Signs the user in and saves their username in session. /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <returns></returns> public bool SignIn(string emailaddress, string password) { var user = userDAL.GetUser(emailaddress); var hashProvider = new HashProvider(); if (user != null && hashProvider.VerifyPasswordMatch(user.Password, password, user.Salt)) { HttpContext.Session.SetString(SessionKey, user.EmailAddress); return(true); } return(false); }
public ActionResult Login(LoginViewModel model) { if (ModelState.IsValid) { var user = userDal.GetUser(model.Username); if (user != null) { HashProvider hashProvider = new HashProvider(); bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, ""); //user.Salt) if (!doesPasswordMatch) { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } } else { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } // Happy Path base.LogUserIn(user.Username); //If they are supposed to be redirected then redirect them else send them to the dashboard var queryString = this.Request.UrlReferrer.Query; var urlParams = HttpUtility.ParseQueryString(queryString); if (urlParams["landingPage"] != null && Url.IsLocalUrl(urlParams["landingPage"])) { // then redirect them return(new RedirectResult(urlParams["landingPage"])); } else if (urlParams["landingPage"] != null && !Url.IsLocalUrl(urlParams["landingPage"])) { return(RedirectToAction("LeavingSite", "Users", new { destinationUrl = urlParams["landingPage"] })); } else { return(RedirectToAction("Dashboard", "Messages", new { username = user.Username })); } } else { return(View("Login", model)); } }
public ActionResult Login(LoginViewModel model) { if (!ModelState.IsValid) { return(View("Login", model)); } var user = userDAL.GetUser(model.Username); // Verify username if (user == null) { ModelState.AddModelError("invalid-login", "The username & password combination is invalid."); return(View("Login", model)); } // Verify hashed password HashProvider hashProvider = new HashProvider(); if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt)) { ModelState.AddModelError("invalid-login", "The username & password combination is invalid."); return(View("Login", model)); } // If username and password combination found in database, log user in base.LogUserIn(user.Username); //If they are supposed to be redirected then redirect them; otherwise, send them to the home page var queryString = this.Request.UrlReferrer.Query; var urlParams = HttpUtility.ParseQueryString(queryString); if (urlParams["landingPage"] != null) { //If it is one of CityTours' web pages if (Url.IsLocalUrl(urlParams["landingPage"])) { return(new RedirectResult(urlParams["landingPage"])); } else { return(RedirectToAction("Index", "Home", new { destination = urlParams["landingPage"] })); } } else { return(RedirectToAction("Index", "Home")); } }
public ActionResult Login(LoginModel model) { if (!ModelState.IsValid) { return(View()); } //HashProvider hash = new HashProvider(); //string password = hash.HashPassword(model.Password); //model.Password = model.Password; UserModel m = userDal.GetUser(model.UserName); if (ModelState.IsValid && m.Salt != null) { UserModel userLogin = userDal.GetUser(model.UserName); if (userLogin != null) { HashProvider hashProvider = new HashProvider(); bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(userLogin.Password, model.Password, userLogin.Salt); if (!doesPasswordMatch) { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } else { FormsAuthentication.SetAuthCookie(userLogin.UserName, true); Session["authorizationlevel"] = userLogin.AuthorizationLevel; Session["username"] = userLogin.UserName; Session["user"] = userLogin; return(RedirectToAction("Index", "Home")); } } else { ModelState.AddModelError("invalid-login", "The username or password combination is not valid"); return(View("Login", model)); } //return View("Login", model); } UserModel user = userDal.GetUser(model.UserName); return(View("Login")); }
public ActionResult ChangePassword(ChangePasswordModel model) { if (!ModelState.IsValid) { return(View()); } UserModel user = Session["user"] as UserModel; HashProvider hash = new HashProvider(); string s = model.TempPassword; s = hash.HashPassword(s); //if (!ModelState.IsValid) //{ // return View("ChangePassword"); //} if (hash.VerifyPasswordMatch(user.Password, model.TempPassword, user.Salt) == false) { return(View("ChangePassword")); } else { string password = hash.HashPassword(model.Password); user.Salt = hash.SaltValue; model.Password = password; user.AuthorizationLevel = 2; userDal.ChangePassword(model.Password, user.Salt, user.UserName); //FormsAuthentication.SetAuthCookie(user.Email, true); // Session[SessionKeys.Username] = model.EmailAddress; //Session[SessionKeys.UserId] = user.Id; ??? whats session keys } return(RedirectToAction("ChangeSuccess")); }
public ActionResult Login(ParentLoginModel model) { // validation redirect if (!ModelState.IsValid) { return(View("Login", model)); } ParentModel parent = parentDAL.GetParent(model.Email); HashProvider hash = new HashProvider(); // check if parent exists and passwords match if (parent == null || !hash.VerifyPasswordMatch(parent.Password, model.Password, parent.Salt)) { ModelState.AddModelError("invalid-credentials", "Invalid email password combination"); return(View("Login", model)); } Session["parent"] = parent; return(RedirectToAction("Dashboard")); }
public ActionResult Login(ChildLoginModel model) { // validation redirect if (!ModelState.IsValid) { return(View("Login", model)); } ChildModel child = childDAL.GetChild(model.UserName); HashProvider hash = new HashProvider(); // check if child exists and passwords match if (child == null || !hash.VerifyPasswordMatch(child.Password, model.Password, child.Salt)) { ModelState.AddModelError("invalid-credentials", "Invalid email password combination"); return(View("Login", model)); } // check if child has time remaining if (child.Seconds <= 0) { ModelState.AddModelError("no-time-remaining", "You do not have any time remaining. You need more steps to earn more time."); return(View("Login", model)); } child.Mascot = mascotDAL.GetMascot(child); Session["child"] = child; // check if child needs to create mascot if (child.Mascot == null) { return(RedirectToAction("ChooseMascot")); } return(RedirectToAction("Dashboard")); }
public ActionResult Login(UserLogin userLogin, int selectedButton) { try { UserProfile userProfile = userSqlDAL.GetUser(userLogin.UserEmail); bool passwordMatches = hashProvider.VerifyPasswordMatch(userProfile.UserPassword, userLogin.UserPassword, userProfile.Salt); // // // TODO : Add a variable to the parameters to represent whether the user // // is logging in from the TakeSurvey page or from the general login in button. // // RedirectToAction will change depending on the starting point. // Jarrod: Right now I've set it so that once you've loggin in the program checksto see if you have a survey result in th DB // If you do, the you are taken to your custom franchise list // If you haven't take a survey yet, you are taken to the survey page if (passwordMatches) { SaveUserSession(userLogin.UserEmail); SurveyAnswers existingSurvey = surveyAnswerDAL.GetSurveyResult(userProfile.UserEmail); if (existingSurvey.business != null) { return(RedirectToAction("ViewProfile")); } else { return(RedirectToAction("Survey", "Home")); } } } catch { return(RedirectToAction("IncorrectLogin")); } return(RedirectToAction("IncorrectLogin")); }
public void HashProvider_ReturnsPasswordMatch(string password, string salt, string hashedPassword) { HashProvider hashProvider = new HashProvider(); Assert.IsTrue(hashProvider.VerifyPasswordMatch(hashedPassword, password, salt)); }