public async Task <IActionResult> Login(LoginViewModel viewModel) { User user = await _context.User.FirstOrDefaultAsync(x => x.UserID == viewModel.UserID); if (user == null) { ViewData["User"] = false; ViewBag.NewPass = false; return(View()); } if (!PasswordEncryption.VerifyPasswordHash(viewModel.Password, user.PasswordHash, user.PasswordSalt)) { ViewData["User"] = false; ViewBag.NewPass = false; return(View()); } string fullName = user.FirstName + " " + user.LastName; //HttpContext.Session.SetString("UserName",fullName); HttpContext.Session.SetString("Email", user.UserID); // this is to load all the brands in selectlist //IQueryable<string> brands = from m in _context.Brands select m.BrandName; return(RedirectToAction("Profile", "Admin")); }
public ActionResult ChangePassword(ProfileViewModel pvm) { string mail = HttpContext.Session.GetString("Email"); User user = _context.User.FirstOrDefault(x => x.UserID == mail); if (user == null) { // ViewBag.Verified = false; return(RedirectToAction("Login", "Users")); } // verifying old password that was inserted by user bool verified = PasswordEncryption.VerifyPasswordHash(pvm.OldPassword, user.PasswordHash, user.PasswordSalt); if (!verified) { //This viewbag is checked in the view to display Wrong password error // ViewBag.Verified = false; return(View(pvm)); } PasswordEncryption.CreatePasswordHash(pvm.ConfirmPassword, out byte[] hash, out byte[] salt); user.PasswordHash = hash; user.PasswordSalt = salt; try { _context.User.Update(user); _context.SaveChanges(); } catch (Exception ex) { throw new Exception(); } // this view is declared to show login again with new pass in Login Page return(RedirectToAction("Login", "Users")); }