public IActionResult RegisterEmployee(EmployeeCreateModel employee)
{
if (ModelState.IsValid)
{
string salt = PasswordHashingLogic.GenerateSalt();
string PasswordHash = PasswordHashingLogic.GeneratePasswordHash(employee.Password, salt);
string uniqueFileName = null;
if (employee.ProfilePicture != null)
{
string uploadsFolder = Path.Combine(_hostingEnvironment.WebRootPath, "img", "ProfilePictures");
uniqueFileName = Guid.NewGuid().ToString() + "_" + employee.ProfilePicture.FileName;
string filePath = Path.Combine(uploadsFolder, uniqueFileName);
employee.ProfilePicture.CopyTo(new FileStream(filePath, FileMode.Create));
}
EmployeeProcessor.CreateEmployee(
employee.Firstname,
employee.Prefix,
employee.Lastname,
employee.City,
employee.Postalcode,
employee.Address,
uniqueFileName,
employee.Email,
employee.Phone,
salt,
PasswordHash,
employee.Profession,
employee.Role.ToString()
);
return(RedirectToAction("ViewEmployees", "Employee"));
}
return(View());
}
public IActionResult LoginEmployee(LoginEmployeeModel login)
{
if (ModelState.IsValid)
{
EmployeeDataModel employeeData = EmployeeProcessor.GetUserByEmail(login.Email);
if (employeeData != null)
{
if (PasswordHashingLogic.ValidateUser(login.Password, employeeData.Salt, employeeData.PasswordHash))
{
var employeeClaims = new List <Claim>()
{
new Claim(ClaimTypes.Email, employeeData.Email),
new Claim(ClaimTypes.Role, employeeData.Role)
};
var employeeIdentity = new ClaimsIdentity(employeeClaims, "Employee Identity");
var employeePrincipal = new ClaimsPrincipal(new[] { employeeIdentity });
HttpContext.SignInAsync(employeePrincipal);
return(RedirectToAction("Dashboard", "Home"));
}
}
else
{
ModelState.AddModelError("incorrectLogin", "The provided email and password do not match.");
}
}
return(View());
}
public static void UpdateEmployee(string city, string postalcode, string address, string email, string phone, string profession, string password, int user_Id)
{
var passwordHash = GetUserById(user_Id).PasswordHash;
if (password != null)
{
var salt = GetUserById(user_Id).Salt;
passwordHash = PasswordHashingLogic.GeneratePasswordHash(password, salt);
}
EmployeeDataModel data = new EmployeeDataModel
{
Address = address,
City = city,
Email = email,
PasswordHash = passwordHash,
PostalCode = postalcode,
Phone = phone,
Profession = profession,
};
string sql = $"Update employee set city = '{city}', postalCode = '{postalcode}', address = '{address}', email = '{email}', phone = '{phone}', profession = '{profession}', passwordHash = '{passwordHash}' WHERE id = '{user_Id}';";
SQLDataAccess.SaveData(sql, data);
}
