internal async Task <IdentityResult> ChangePasswordAsync(int loggedUserId, string oldPassword, string newPassword)
{
bool returnSuccess = false;
try
{
SHA1HashProvider sHA1HashProvider = new SHA1HashProvider();
using (CraveatsDbContext craveatsDbContext = new CraveatsDbContext()) {
User thisUser = craveatsDbContext.User.FirstOrDefault(u => u.Id == loggedUserId);
if (thisUser != null && sHA1HashProvider.CheckHashSHA1(oldPassword, thisUser.Password, 8))
{
thisUser.Password = sHA1HashProvider.SecureSHA1(newPassword);
thisUser.LastUpdated = DateTime.Now;
await craveatsDbContext.SaveChangesAsync();
returnSuccess = true;
}
}
}
catch (Exception e) {
Trace.WriteLine(e);
}
return(returnSuccess ? IdentityResult.Success : IdentityResult.Failed("Change password failed"));
}
public void TextGetHashedText()
{
SHA1HashProvider sHA1HashProvider = new SHA1HashProvider();
//string clrText = "Test123$";
//string hashedText = sHA1HashProvider.SecureSHA1(clrText);
//byte[] baLeft = new byte[4],
// baRight = new byte[4];
//RandomNumberGenerator rngInstance = RandomNumberGenerator.Create();
//rngInstance.GetBytes(baLeft);
//rngInstance.GetBytes(baRight);
//string left = BitConverter.ToString(baLeft).Replace("-",""),
// right = BitConverter.ToString(baRight).Replace("-", ""),
// tempHashText = sHA1HashProvider.HashSHA1(clrText + left + right),
// finalBlock = left+tempHashText+right;
string org = "Test123$",
hashedText = sHA1HashProvider.SecureSHA1(org);
string
rSS = sHA1HashProvider.GetRandomHexString(9);
string
rSE = new string(sHA1HashProvider.GetRandomHexString(9).Reverse().ToArray());// new string(rSS.Reverse().ToArray());
//byte[] baLeft = new byte[4],
// baRight = new byte[4];
//RandomNumberGenerator rngInstance = RandomNumberGenerator.Create();
//rngInstance.GetBytes(baLeft);
//rngInstance.GetBytes(baRight);
//string rSS = System.BitConverter.ToString(baLeft).Replace("-", ""),
// rSE = System.BitConverter.ToString(baRight).Replace("-", "");
string
cTWPATH = sHA1HashProvider.HashSHA1(org + rSS + rSE),
replica = rSS + cTWPATH + rSE
;
Assert.AreSame(hashedText, replica);
}
public ActionResult Register(RegisterViewModel model)
{
SessionManager.RegisterSessionActivity();
// Get all states again
var roles = GetAllRoles();
// Set these states on the model. We need to do this because
// only the selected value from the DropDownList is posted back, not the whole
// list of states.
model.Roles = GenUtil.GetSelectListItems(roles);
// In case everything is fine - i.e. both "Name" and "State" are entered/selected,
// redirect user to the "Done" page, and pass the user object along via Session
if (ModelState.IsValid)
{
SHA1HashProvider sHA1HashProvider = new SHA1HashProvider();
if (!ceUserManager.IsRegistered(model.Email))
{
string sha1HashText = sHA1HashProvider.SecureSHA1(model.Password.Trim());
int? newUserID = ceUserManager.RegisterNew(model.Email, sha1HashText, model.Role);
if (newUserID.HasValue)
{
UserDTO userDTO = new UserDTO()
{
Id = DataSecurityTripleDES.GetEncryptedText(newUserID),
FirstName = model.FirstName,
Surname = model.Surname,
UserStatus = (int?)UserStatusEnum.Active
};
ceUserManager.SaveUserDetail(userDTO);
StringBuilder sbSubject = new StringBuilder("Craveats new registrant notification"),
sbEmailBody = new StringBuilder("<p>A new user with the following detail has been registered in the system. " +
$"<br/><em>FirstName </em>: {model.FirstName}" +
$"<br/><em>Surname </em>: {model.Surname}" +
$"<br/><em>Email </em>: {model.Email}" +
$"<br/><em>Registration Type </em>: {model.Role}" +
"</p><p>Thank you.</p><p>Craveats</p>");
CommunicationServiceProvider.SendOutgoingNotification(
new MailAddress(
model.Email,
string.Format("{0}{1}{2}", model.FirstName, " ", model?.Surname).Trim()),
sbSubject.ToString(),
sbEmailBody.ToString());
User result = ceUserManager.FindByCriteria(email: model.Email, userStatusEnums: new List <int> {
(int)UserStatusEnum.Active, (int)UserStatusEnum.Blocked
});
if (result != null)
{
userDTO = EntityDTOHelper.GetEntityDTO <User, UserDTO>(result);
AuthenticatedUserInfo authenticatedUserInfo = new AuthenticatedUserInfo(userDTO);
Session["loggeduser"] = authenticatedUserInfo;
SessionManager.RegisterSessionActivity(userID: result.Id, loggedInAt: DateTime.Now);
ceUserManager.SignInUser(HttpContext, string.Format("{0}", authenticatedUserInfo.FullName), false);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError(string.Empty, "An error occurred in reading user data. Please review input and re-try.");
}
}
else
{
ModelState.AddModelError(string.Empty, "An error occurred in registering new user. Please review input and re-try.");
}
}
else
{
ModelState.AddModelError(string.Empty, "Email is registered and cannot be used to create another account.");
}
}
// Something is not right - so render the registration page again,
// keeping the data user has entered by supplying the model.
return(View("Register", model));
}