Exemplo n.º 1
0
        public async Task <IActionResult> Register(RegisterViewModel model)
        {
            var salt  = HashingPasswords.GenerateSalt();
            var pw    = HashingPasswords.GenerateHashArgon2(model.Lozinka, salt);
            var uloga = nameof(TipKorisnikaEnum.Korisnik);

            var korisnik = new Models.Korisnik()
            {
                PasswordHash  = pw,
                PasswordSalt  = salt,
                Uloga         = uloga,
                KorisnickoIme = model.KorisnickoIme,
                Ime           = model.Ime,
                Prezime       = model.Prezime,
                Banovan       = false
            };

            _korisnikRepo.Add(korisnik);
            _korisnikRepo.SaveChanges();

            var identity = CreateNewIdentity(model.KorisnickoIme, uloga, korisnik.KorisnikId.ToString());

            var principal = new ClaimsPrincipal(identity);
            await Authentication.Login(HttpContext, principal);

            return(RedirectToAction("Index", "Home"));
        }
Exemplo n.º 2
0
        public async Task <IActionResult> PromijeniLozinku(PromijeniLozinkuViewModel model)
        {
            int.TryParse(User?.FindFirst("Id")?.Value, out int korisnikId);

            var korisnik = _korisnikRepo.Get(korisnikId);

            if (korisnik == null)
            {
                return(NotFound());
            }

            var oldPw = HashingPasswords.GenerateHashArgon2(model.TrenutnaLozinka, korisnik.PasswordSalt);

            if (korisnik.PasswordHash != oldPw)
            {
                ModelState.AddModelError("TrenutnaLozinka", "Lozinka je netačna");
                return(View(model));
            }

            var salt = HashingPasswords.GenerateSalt();
            var pw   = HashingPasswords.GenerateHashArgon2(model.NovaLozinka, salt);

            korisnik.PasswordHash = pw;
            korisnik.PasswordSalt = salt;

            _korisnikRepo.Update(korisnik);
            _korisnikRepo.SaveChanges();

            await Authentication.Logout(HttpContext);

            return(RedirectToAction("Login", "Account"));
        }
Exemplo n.º 3
0
        public async Task <IActionResult> Login(LoginViewModel model)
        {
            var user = _korisnikRepo.GetByUsername(model.KorisnickoIme);

            if (user == null)
            {
                ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
                Response.StatusCode = 400;
                return(View());
            }

            if (user.Banovan)
            {
                ModelState.AddModelError("LoginGreska", "Žao name je, ali vi ste banovani. Ukoliko Vam je nejasno zašto, obratite se administratoru");
                Response.StatusCode = 400;
                return(View());
            }

            var pw = HashingPasswords.GenerateHashArgon2(model.Password, user.PasswordSalt);

            //var pw2 = HashingPasswords.GenerateHashPBKDF2(model.Password, user.PasswordSalt);
            //var pw3 = HashingPasswords.GenerateHashSHA256(model.Password, user.PasswordSalt);
            //var pw4 = HashingPasswords.GenerateHashSHA512(model.Password, user.PasswordSalt);
            //var pw5 = HashingPasswords.GenerateHashSHA1(model.Password, user.PasswordSalt);

            if (user.PasswordHash != pw)
            {
                ModelState.AddModelError("LoginGreska", "Korisničko ime ili lozinka su netačni");
                Response.StatusCode = 400;
                return(View());
            }

            var identity = CreateNewIdentity(user.KorisnickoIme, user.Uloga, user.KorisnikId.ToString());

            var principal = new ClaimsPrincipal(identity);
            await Authentication.Login(HttpContext, principal);

            return(Redirect(model.ReturnUrl ?? "/"));
        }