private void OkCommandExecuted()
{
User.User.PasswordSalt = Guid.NewGuid().ToString("N");
User.User.PasswordHash = _saltedHash.ComputeHash(User.Password + User.User.PasswordSalt);
_adminDataUnit.UsersRepository.Add(User.User);
_adminDataUnit.SaveChanges();
}
public ActionResult ChangePass(ChangePassViewModel model)
{
try
{
if (ModelState.IsValid)
{
// get current user info
var userInfo = db.Users.Where(u => u.UserId == model.UserId).FirstOrDefault();
if (userInfo == null)
{
return(RedirectToAction("Login", "Auth"));
}
// verify old password
var isCorrectOldPass = SaltedHash.Verify(userInfo.Salt, userInfo.Password, model.OldPassword);
if (isCorrectOldPass)
{
// new password must be different to old passowrd
if (String.Compare(userInfo.Password, SaltedHash.ComputeHash(userInfo.Salt, model.NewPassword), false) != 0)
{
// update new user password
SaltedHash sh = new SaltedHash(model.NewPassword);
userInfo.Salt = sh.Salt;
userInfo.Password = sh.Hash;
userInfo.FirstName = model.FirstName;
userInfo.LastName = model.LastName;
userInfo.Email = model.Email;
db.SaveChanges();
// write action log
string actionLogData = "username="******"REMOTE_ADDR"]);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "Mật khẩu mới không được trùng mật khẩu cũ");
}
}
else
{
ModelState.AddModelError("", "Mật khẩu cũ chưa chính xác");
}
}
else
{
ModelState.AddModelError("", "Thông tin đổi mật khẩu không hợp lệ!");
}
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
}
return(View(model));
}
public async Task <User> GetUserAsync(string username, string password)
{
//string newSalt = Guid.NewGuid().ToString("N");
//string newHash = _saltedHash.ComputeHash(password + newSalt);
var candidate = await _objectContext.Users
.Include("UserPermissions")
.Include("UserPermissions.Permission")
.FirstOrDefaultAsync(x => x.UserName == username);
if (candidate == null)
{
return(null);
}
password = password + candidate.PasswordSalt;
string hash = _saltedHash.ComputeHash(password);
return(candidate.PasswordHash.Equals(hash) ? candidate : null);
}
public void EditUserPasswordCommandExecuted()
{
string password = string.Empty;
RaisePropertyChanged("DisableParentWindow");
RadWindow.Prompt(new DialogParameters()
{
Content = "Enter New Password:"******"EnableParentWindow");
if (!string.IsNullOrWhiteSpace(password))
{
SelectedUser.User.PasswordSalt = Guid.NewGuid().ToString("N");
SelectedUser.User.PasswordHash = _saltedHash.ComputeHash(password + SelectedUser.User.PasswordSalt);
}
//_adminDataUnit.SaveChanges();
SaveChangesCommand.RaiseCanExecuteChanged();
}