public async Task <IActionResult> OnGetAsync(int?id) { var sessid = Request.Cookies.Where(c => (c.Key == "sessid")); if (sessid.Count() == 0) { return(Redirect("/Login")); } var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value)); if (valid_sessions.Count() == 0) { return(Redirect("/Login")); } _session = valid_sessions.First(); if (_session.Role != UserRole.Admin) { return(Redirect("/Login")); } if (_session.Expires.CompareTo(DateTime.Now) <= 0) { _context.Session.Remove(_session); await _context.SaveChangesAsync(); _session = null; return(Redirect("/Login")); } return(Page()); }
public async Task OnGetAsync() { Session = new List <Session>(); var sessid = Request.Cookies.Where(c => (c.Key == "sessid")); if (sessid.Count() == 0) { Redirect("/Login"); return; } var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value)); if (valid_sessions.Count() == 0) { Redirect("/Login"); return; } _session = valid_sessions.First(); if (_session.Role != UserRole.Admin) { Redirect("/Login"); return; } if (_session.Expires.CompareTo(DateTime.Now) <= 0) { _context.Session.Remove(_session); await _context.SaveChangesAsync(); _session = null; Redirect("/Login"); return; } Session = await _context.Session.ToListAsync(); }
// To protect from overposting attacks, enable the specific properties you want to bind to. // For more details, see https://aka.ms/RazorPagesCRUD. public async Task <IActionResult> OnPostAsync() { var sessid = Request.Cookies.Where(c => (c.Key == "sessid")); if (sessid.Count() == 0) { return(Redirect("/Login")); } var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value)); if (valid_sessions.Count() == 0) { return(Redirect("/Login")); } _session = valid_sessions.First(); if (_session.Role != UserRole.Admin) { return(Redirect("/Login")); } if (_session.Expires.CompareTo(DateTime.Now) <= 0) { _context.Session.Remove(_session); await _context.SaveChangesAsync(); _session = null; return(Redirect("/Login")); } if (!ModelState.IsValid) { return(Page()); } _context.Attach(User).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!UserExists(User.ID)) { return(NotFound()); } else { throw; } } return(RedirectToPage("./Index")); }
public async Task <IActionResult> OnPostAsync(int?id) { var sessid = Request.Cookies.Where(c => (c.Key == "sessid")); if (sessid.Count() == 0) { return(Redirect("/Login")); } var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value)); if (valid_sessions.Count() == 0) { return(Redirect("/Login")); } _session = valid_sessions.First(); if (_session.Role != UserRole.Manager) { return(Redirect("/Login")); } if (_session.Expires.CompareTo(DateTime.Now) <= 0) { _context.Session.Remove(_session); await _context.SaveChangesAsync(); _session = null; return(Redirect("/Login")); } if (id == null) { return(NotFound()); } Assignment = await _context.Task.FindAsync(id); if (Assignment != null) { _context.Task.Remove(Assignment); await _context.SaveChangesAsync(); } return(RedirectToPage("./Index")); }
// To protect from overposting attacks, see https://aka.ms/RazorPagesCRUD public async Task <IActionResult> OnPostAsync() { if (_context.User.Any()) { var sessid = Request.Cookies.Where(c => (c.Key == "sessid")); if (sessid.Count() == 0) { return(Redirect("/Login")); } var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value)); if (valid_sessions.Count() == 0) { return(Redirect("/Login")); } _session = valid_sessions.First(); if (_session.Role != UserRole.Admin) { return(Redirect("/Login")); } if (_session.Expires.CompareTo(DateTime.Now) <= 0) { _context.Session.Remove(_session); await _context.SaveChangesAsync(); _session = null; return(Redirect("/Login")); } } if (!ModelState.IsValid) { return(Page()); } if (_context.User.Count(s => s.Username == Username) > 0) { return(Page()); } if (Password.Replace(" ", "").Length < 12) { return(Page()); } if (Password.Length > 128) { return(Page()); } byte[] salt = new byte[128 / 8]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: Password, salt: salt, prf: KeyDerivationPrf.HMACSHA512, iterationCount: 10000, numBytesRequested: 256 / 8)); if (!_context.User.Any()) { Role = UserRole.Admin; } _context.User.Add(new User { Username = Username, Password = hashed, Role = Role, Salt = Convert.ToBase64String(salt) }); await _context.SaveChangesAsync(); return(RedirectToPage("./Users/Index")); }