public virtual ActionResult EditUser(int id)
{
var dto = _userService.Get(id);
if (!User.IsAdministrator())
{
throw new ApplicationException(AppConstants.ERR_ACCESS_DENIED);
}
var viewModel = _mapper.Map <UserDto, UserVM>(dto);
populateUserVMLists(viewModel);
ViewData.Model = viewModel;
return(PartialView("_EditUser"));
}
public IActionResult Register(RegisterVM viewModel)
{
try
{
if (ModelState.IsValid)
{
var dto = _mapper.Map <RegisterVM, UserDto>(viewModel);
dto = _userService.Add(dto, viewModel.Password);
TempData.Put("LoginVM", new LoginVM()
{
Message = "You've successfully registered, please log in"
});
return(RedirectToAction(nameof(HomeController.Login), "Home"));
}
else
{
throw new ApplicationException("Registration could not be completed due to invalid data.");
}
}
catch (ApplicationException aex)
{
viewModel.Message = aex.Message;
TempData.Put("RegisterVM", viewModel);
return(RedirectToAction(nameof(HomeController.Register), "Home"));
}
catch (Exception ex)
{
TempData["Message"] = ex.Message;
return(RedirectToAction(nameof(HomeController.Error), "Home"));
}
}
public AuthenticationResultDto AttemptAuthentication(string Username, string Password, System.Net.IPAddress clientIP)
{
AuthenticationResultDto result = new AuthenticationResultDto();
bool success = false;
var user = _userRepository.GetQuery().Where(x => x.Username == Username).FirstOrDefault();
if (user == null)
{
result.ErrorMessage = "Invalid username";
}
else
{
if (user.DeactivatedAt == null)
{
success = _cipherService.SHA256HashMatches(Password, user.Salt, user.PasswordHash);
if (!success)
{
result.ErrorMessage = "Invalid password";
}
}
else
{
result.ErrorMessage = "This user account is inactive. Contact an administrator.";
}
}
_nhSession.Save(new AuthenticationAttempt()
{
OccurredAt = DateTime.UtcNow,
Username = Username,
WasSuccessful = success,
ClientIP = clientIP.ToString()
});
result.User = _mapper.Map <User, UserDto>(user);
return(result);
}