public async Task <IActionResult> OnGetAsync(int?id)
{
var sessid = Request.Cookies.Where(c => (c.Key == "sessid"));
if (sessid.Count() == 0)
{
return(Redirect("/Login"));
}
var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value));
if (valid_sessions.Count() == 0)
{
return(Redirect("/Login"));
}
_session = valid_sessions.First();
if (_session.Role != UserRole.Admin)
{
return(Redirect("/Login"));
}
if (_session.Expires.CompareTo(DateTime.Now) <= 0)
{
_context.Session.Remove(_session);
await _context.SaveChangesAsync();
_session = null;
return(Redirect("/Login"));
}
return(Page());
}
public async Task OnGetAsync()
{
Session = new List <Session>();
var sessid = Request.Cookies.Where(c => (c.Key == "sessid"));
if (sessid.Count() == 0)
{
Redirect("/Login");
return;
}
var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value));
if (valid_sessions.Count() == 0)
{
Redirect("/Login");
return;
}
_session = valid_sessions.First();
if (_session.Role != UserRole.Admin)
{
Redirect("/Login");
return;
}
if (_session.Expires.CompareTo(DateTime.Now) <= 0)
{
_context.Session.Remove(_session);
await _context.SaveChangesAsync();
_session = null;
Redirect("/Login");
return;
}
Session = await _context.Session.ToListAsync();
}
// To protect from overposting attacks, enable the specific properties you want to bind to.
// For more details, see https://aka.ms/RazorPagesCRUD.
public async Task <IActionResult> OnPostAsync()
{
var sessid = Request.Cookies.Where(c => (c.Key == "sessid"));
if (sessid.Count() == 0)
{
return(Redirect("/Login"));
}
var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value));
if (valid_sessions.Count() == 0)
{
return(Redirect("/Login"));
}
_session = valid_sessions.First();
if (_session.Role != UserRole.Admin)
{
return(Redirect("/Login"));
}
if (_session.Expires.CompareTo(DateTime.Now) <= 0)
{
_context.Session.Remove(_session);
await _context.SaveChangesAsync();
_session = null;
return(Redirect("/Login"));
}
if (!ModelState.IsValid)
{
return(Page());
}
_context.Attach(User).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(User.ID))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToPage("./Index"));
}
public async Task <IActionResult> OnPostAsync(int?id)
{
var sessid = Request.Cookies.Where(c => (c.Key == "sessid"));
if (sessid.Count() == 0)
{
return(Redirect("/Login"));
}
var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value));
if (valid_sessions.Count() == 0)
{
return(Redirect("/Login"));
}
_session = valid_sessions.First();
if (_session.Role != UserRole.Manager)
{
return(Redirect("/Login"));
}
if (_session.Expires.CompareTo(DateTime.Now) <= 0)
{
_context.Session.Remove(_session);
await _context.SaveChangesAsync();
_session = null;
return(Redirect("/Login"));
}
if (id == null)
{
return(NotFound());
}
Assignment = await _context.Task.FindAsync(id);
if (Assignment != null)
{
_context.Task.Remove(Assignment);
await _context.SaveChangesAsync();
}
return(RedirectToPage("./Index"));
}
// To protect from overposting attacks, see https://aka.ms/RazorPagesCRUD
public async Task <IActionResult> OnPostAsync()
{
if (_context.User.Any())
{
var sessid = Request.Cookies.Where(c => (c.Key == "sessid"));
if (sessid.Count() == 0)
{
return(Redirect("/Login"));
}
var valid_sessions = _context.Session.Where(s => (s.ID == sessid.First().Value));
if (valid_sessions.Count() == 0)
{
return(Redirect("/Login"));
}
_session = valid_sessions.First();
if (_session.Role != UserRole.Admin)
{
return(Redirect("/Login"));
}
if (_session.Expires.CompareTo(DateTime.Now) <= 0)
{
_context.Session.Remove(_session);
await _context.SaveChangesAsync();
_session = null;
return(Redirect("/Login"));
}
}
if (!ModelState.IsValid)
{
return(Page());
}
if (_context.User.Count(s => s.Username == Username) > 0)
{
return(Page());
}
if (Password.Replace(" ", "").Length < 12)
{
return(Page());
}
if (Password.Length > 128)
{
return(Page());
}
byte[] salt = new byte[128 / 8];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(salt);
}
string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
password: Password,
salt: salt,
prf: KeyDerivationPrf.HMACSHA512,
iterationCount: 10000,
numBytesRequested: 256 / 8));
if (!_context.User.Any())
{
Role = UserRole.Admin;
}
_context.User.Add(new User {
Username = Username, Password = hashed, Role = Role, Salt = Convert.ToBase64String(salt)
});
await _context.SaveChangesAsync();
return(RedirectToPage("./Users/Index"));
}
