public ActionResult Login(IndexModel data) { if (!ModelState.IsValid) { return(View()); } OnionWalletEntities entities = new OnionWalletEntities(); OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.Email == data.LoginEmail); if (user != null && user.CheckPassword(data.LoginPassword)) { if (!user.IsEmailConfirmed) { TempData["ErrorMessage"] = "Please confirm email before login."; TempData["LoginEmail"] = data.LoginEmail; return(RedirectToAction("Index")); } if (user.TwoFactorGUID.HasValue) { TwoFactorAuthenticator tfa = new TwoFactorAuthenticator(); if (string.IsNullOrEmpty(data.TwoFactorAuthentication) || !tfa.ValidateTwoFactorPIN(user.TwoFactorGUID.ToString(), data.TwoFactorAuthentication.Replace(" ", ""))) { TempData["ErrorMessage"] = "2FA Code not correct."; TempData["LoginEmail"] = data.LoginEmail; return(RedirectToAction("Index")); } } if (SignIn(user)) { return(Redirect(GetRedirectUrl(data.ReturnUrl))); } } // Authentication failed, shouldn't get here. TempData["ErrorMessage"] = "Invalid email or password"; TempData["LoginEmail"] = data.LoginEmail; return(RedirectToAction("Index")); }
public ActionResult ChangePassword(string currentpassword, string newpassword, string retypedpassword) { if (string.IsNullOrEmpty(currentpassword) || string.IsNullOrEmpty(currentpassword) || string.IsNullOrEmpty(currentpassword)) { TempData["ErrorMessage"] = "All password fields must be filled to change the password."; } else { Guid accountGuid = Guid.Parse(this.CurrentUser.AccountName); OnionWalletEntities entities = new OnionWalletEntities(); OnionUser user = entities.OnionUsers.FirstOrDefault(x => x.GUID == accountGuid); if (user == null) { TempData["ErrorMessage"] = "A general error occured. Please contact support at " + ConfigurationManager.AppSettings["SiteEmail"].ToString() + "."; } else { if (!user.CheckPassword(currentpassword)) { TempData["ErrorMessage"] = "Current password does not match."; } else if (newpassword != retypedpassword) { TempData["ErrorMessage"] = "New passwords are not the same."; } else { user.SetPassword(newpassword); entities.SaveChanges(); TempData["SuccessMessage"] = "Password updated."; } } } return(RedirectToAction("Account", "Home")); }