/// <summary> /// Update password of user account /// </summary> /// <param name="currentPassword">current password of user</param> /// <param name="newPassword">new password of user</param> private void UpdateUserAccountPassword(string currentPassword, string newPassword) { //Check if passwords were entered OR if new password and current password are the same. if so, s if ((newPassword.Length > 0 && currentPassword.Length > 0) || (!newPassword.Equals(currentPassword))) { UserAccountEntry userAccount = db.GetUserAccountCredentials(Global.employee.EmailAddress); if (userAccount != null) { //Check if entered current password really is current password. If so, update user account with updated credentials if (PasswordCryptoLogic.VerifyPassword(currentPassword, userAccount.PasswordSalt, userAccount.PasswordHash)) { UserAccountEntry userAccountNew = new UserAccountEntry(Global.employee.EmailAddress, newPassword); userAccountNew.EmployeeId = Global.employee.Id; //Update User Account DB db.UpdateUserAccountPassword(userAccountNew); } else { throw new TrainingPlatformException("Your current password does not match up with the entered current password."); } } else { Debug.WriteLine("No user account was found"); throw new Exception(); } } }
/// <summary> /// Login with email and password /// </summary> /// <param name="emailAddress">Email address</param> /// <param name="password">Password</param> /// <returns>true if login successfull</returns> public bool Login(string emailAddress, string password) { //Get user account UserAccountEntry userCredentials = db.GetUserAccountCredentials(emailAddress); if (userCredentials == null) { return(false); } //verify password if (PasswordCryptoLogic.VerifyPassword(password, userCredentials.PasswordSalt, userCredentials.PasswordHash)) { Employee employee = db.GetEmployeeById(userCredentials.EmployeeId); if (employee == null) { Debug.WriteLine($"ERROR during retrieving employee with id {userCredentials.EmployeeId}"); throw new Exception(); } employee.EmailAddress = emailAddress; userCredentials = null; //Get all trainings Training.Trainings = db.GetTrainings(); //Get all training bookings of current user employee.TrainingBooking = db.GetTrainingBooking(employee.Id); if (employee.Role.Equals(Role.ROLE_ADMIN)) { Employee.Employees = db.GetAllEmployees(); } //assign employee object to global employee Global.employee = employee; return(true); } return(false); }
public UserAccountEntry(string emailAddress, string password) { this.PasswordSalt = PasswordCryptoLogic.GenerateSalt(); this.PasswordHash = PasswordCryptoLogic.ComputeHash(password, this.PasswordSalt); this.EmailAddress = emailAddress; }