public ActionResult CreateAccount(CreateAccountViewModel viewModel) { LocalAuthenticationController.RequireLocalAuthMode(); if (!ModelState.IsValid) { return(ViewCreateAccount(viewModel)); } var theSelectedOrganization = HttpRequestStorage.DatabaseEntities.Organizations.GetOrganization(viewModel.OrganizationID); Check.EnsureNotNull(theSelectedOrganization); var existingUser = HttpRequestStorage.DatabaseEntities.People.GetPersonByEmail(viewModel.Email, false); if (existingUser != null) { SetMessageForDisplay($"{existingUser.GetFullNameFirstLastAndOrgAsUrl(CurrentFirmaSession)} already has an account."); return(RedirectToAction(new SitkaRoute <UserController>(x => x.Detail(existingUser)))); } var newUser = CreateNewFirmaPersonWithoutKeystone(theSelectedOrganization, viewModel); HttpRequestStorage.DatabaseEntities.SaveChanges(); var saltAndHash = PBKDF2PasswordHash.CreateHash(viewModel.Password); var personLoginAccount = new PersonLoginAccount(newUser, newUser.Email, DateTime.Now, saltAndHash.PasswordHashed, saltAndHash.PasswordSalt, true, 0, 0); HttpRequestStorage.DatabaseEntities.AllPersonLoginAccounts.Add(personLoginAccount); HttpRequestStorage.DatabaseEntities.SaveChanges(); SetMessageForDisplay($"{newUser.GetFullNameFirstLastAndOrgAsUrl(CurrentFirmaSession)} successfully added. You may want to assign them a role."); return(RedirectToAction(new SitkaRoute <UserController>(x => x.Detail(newUser)))); }
public IEnumerable <ValidationResult> Validate(ValidationContext validationContext) { var errors = new List <ValidationResult>(); var personLoginAccount = HttpRequestStorage.DatabaseEntities.Person.PersonLoginAccount; var isSelfEdit = personLoginAccount.PersonID == PersonID; if (isSelfEdit && !PBKDF2PasswordHash.ValidatePassword(personLoginAccount.PasswordSalt, OldPassword, personLoginAccount.PasswordHash)) { errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Bad password", z => z.OldPassword)); } if (string.IsNullOrEmpty(NewPassword)) { errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Please specify a new password", z => z.NewPassword)); } if (string.IsNullOrEmpty(ConfirmNewPassword)) { errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Please confirm the new password", z => z.ConfirmNewPassword)); } if (NewPassword != ConfirmNewPassword) { errors.Add(new SitkaValidationResult <ChangePasswordViewModel, string>("Passwords must match.", z => z.NewPassword)); } if (!PasswordHelper.VerifyPasswordComplexity(NewPassword)) { errors.Add(new ValidationResult(PasswordHelper.GetPasswordComplexityErrorMessage(NewPassword))); } return(errors); }
private static bool DoPasswordsMatch(PersonLoginAccount personLoginAccount, string passwordPlainText) { string passwordStoredHash = personLoginAccount.PasswordHash; string passwordStoredSalt = personLoginAccount.PasswordSalt; bool matchesPassword = PBKDF2PasswordHash.ValidatePassword(passwordStoredSalt, passwordPlainText, passwordStoredHash); return(matchesPassword); }
public ActionResult ChangePassword(PersonPrimaryKey personPrimaryKey, ChangePasswordViewModel viewModel) { LocalAuthenticationController.RequireLocalAuthMode(); var personBeingEdited = personPrimaryKey.EntityObject; if (!ModelState.IsValid) { return(ViewChangePassword(viewModel, CurrentFirmaSession)); } var personAccount = personBeingEdited.PersonLoginAccount; var saltAndHash = PBKDF2PasswordHash.CreateHash(viewModel.NewPassword); personAccount.PasswordSalt = saltAndHash.PasswordSalt; personAccount.PasswordHash = saltAndHash.PasswordHashed; HttpRequestStorage.DatabaseEntities.SaveChanges(); SetMessageForDisplay($"{personBeingEdited.GetFullNameFirstLast()}'s password had been updated."); return(new ModalDialogFormJsonResult()); }