public void Add(RegisterAccountViewModel viewModel, Role role) { if (Context.Users.Any(usr => usr.Login.ToLower() == viewModel.Login)) { throw new Exception("Istnieje użytkownik o podanym loginie"); } if (Context.Users.Any(user => user.Email == viewModel.Email)) { throw new Exception("Istnieje użytkownik o podanym mailu"); } var salt = _hashHelper.GetSalt(); Add(new User() { Login = viewModel.Login, //string.Format("{0}.{1}", viewModel.FirstName.ToLower(), viewModel.LastName.ToLower()), Password = _hashHelper.Compute(viewModel.Password, salt), Salt = salt, PasswordCreated = DateTime.Now, Created = DateTime.Now, Email = viewModel.Email, FirstName = viewModel.FirstName, LastName = viewModel.LastName, Sex = viewModel.Sex, Role = role }); try { // Context.SaveChanges(); } catch (DbEntityValidationException e) { logger.Error(e, e.Message); } }
public ActionResult Edit(EditUserViewModel viewModel) { try { var user = _unitOfWork.UserRepository.Find(viewModel.Login); if (user.Password != _hashHelper.Compute(viewModel.Password, user.Salt)) { var salt = _hashHelper.GetSalt(); user.Password = _hashHelper.Compute(viewModel.Password, salt); user.PasswordCreated = DateTime.Now; user.Salt = salt; } if (user.Email != viewModel.Email) { user.Email = viewModel.Email; } if (user.FirstName != viewModel.FirstName || user.LastName != viewModel.LastName) { user.FirstName = viewModel.FirstName; user.LastName = viewModel.LastName; } if (user.Role.ID != viewModel.SelectedRole) { user.Role = _unitOfWork.RoleRepository.Find((int)viewModel.SelectedRole); } _unitOfWork.SaveChanges(); } catch (Exception e) { logger.Error(e, e.Message); throw e; } return(RedirectToAction("Index")); }
public ActionResult Login(string login, string password) { using (var dbContext = new AppDbContext()) { var user = _unitOfWork.UserRepository.All().FirstOrDefault(usr => usr.Login == login && !usr.IsFrozen); if (user == null) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(PartialView("~/Views/PartialViews/Error.cshtml", "Niepoprawny login lub hasło, bądź konto jest zamrożone")); } if (!string.Equals(_hashHelper.Compute(password, user.Salt), user.Password)) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(PartialView("~/Views/PartialViews/Error.cshtml", "Niepoprawny login lub hasło, bądź konto jest zamrożone.")); } FormsAuthentication.SetAuthCookie(user.Login, false); SessionHelper.SetLogin(user.Login, user.Role.Name); return(new EmptyResult()); } }