public ActionResult ChangePassword(ChangePassword changePassword) { if (!String.Equals(changePassword.NewPW, changePassword.ConfirmNewPW)) { ModelState.AddModelError("", "Password and confirm password does not match"); return View(changePassword); } string origPW = Convert.ToBase64String( new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash( Encoding.ASCII.GetBytes(changePassword.PW))); var user = db.Users.Where(e => e.Id == changePassword.Id && e.UserName == HttpContext.User.Identity.Name && e.PW == origPW).FirstOrDefault(); if (user != null) { user.PW = Convert.ToBase64String( new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash( Encoding.ASCII.GetBytes(changePassword.NewPW))); db.Entry(user).State = EntityState.Modified; db.SaveChanges(); } else { ModelState.AddModelError("", "The password provided is incorrect."); return View(changePassword); } return RedirectToAction("Index", "Home"); }
public ActionResult ChangePassword() { string userName = HttpContext.User.Identity.Name; var user = db.Users.Where(e => e.UserName == userName).FirstOrDefault(); if (user != null) { var changePassword = new ChangePassword() { Id = user.Id }; return View(changePassword); } return RedirectToAction("LogOn"); }