public ActionResult EditCustomer(CustomerViewModel model)
{
var user = repository.Customers.SingleOrDefault(x => x.CustomerID == model.Customer.CustomerID
&& x.rowguid == model.Customer.rowguid);
if (user == null)
{
// TODO
// log(User doesn't exist, Existing user try to get access to other accounts)
FormsAuthentication.SignOut();
return Redirect(Url.Action("List", "Product"));
}
if (!StringUtils.IsValidPassword(model.OldPassword, user.PasswordSalt, user.PasswordHash))
{
ModelState.AddModelError("OldPassword", "Not valid.");
model.Customer.EmailAddress = user.EmailAddress;
model.NewPassword = null;
model.OldPassword = null;
model.RetypeNewPassword = null;
return View(model);
}
model.Customer.EmailAddress = user.EmailAddress;
model.Customer.PasswordHash = user.PasswordHash;
model.Customer.PasswordSalt = user.PasswordSalt;
if (model.NewPassword != null)
{
if (model.NewPassword.Length > 0)
{
var newpass = StringUtils.getSaltHash(model.NewPassword);
model.Customer.PasswordHash = newpass.SingleOrDefault(x => x.Key == "hash").Value;
model.Customer.PasswordSalt = newpass.SingleOrDefault(x => x.Key == "salt").Value;
}
}
ModelState.Remove("Customer.EmailAddress");
ModelState.Remove("Customer.PasswordHash");
ModelState.Remove("Customer.PasswordSalt");
model.Customer.NameStyle = user.NameStyle;
model.Customer.ModifiedDate = user.ModifiedDate;
if (ModelState.IsValid)
{
try
{
repository.Save(model.Customer);
TempData["customer_message"] = "Customer information has been saved";
return RedirectToAction("EditCustomer");
}
catch(Exception ex)
{
TempData["customer_message"] = "Error updating customer information";
}
}
model.NewPassword = null;
model.OldPassword = null;
model.RetypeNewPassword = null;
return View(model);
}
public ViewResult EditCustomer()
{
var user = repository.Customers.FirstOrDefault(x => x.EmailAddress == this.HttpContext.User.Identity.Name);
var result = new CustomerViewModel { Customer = user };
return View(result);
}
