public ActionResult UpdatePassword(StudentUpdatePassword student)
{
if (student.Password == null)
{
return(View(student));
}
//Get password details for currently logged in Student
StudentUpdatePassword currentStudent = studentContext.GetPassword(Convert.ToInt32(HttpContext.Session.GetInt32("StudentID")));
var sha1 = new SHA1CryptoServiceProvider();
var hash = sha1.ComputeHash(Encoding.UTF8.GetBytes(student.Password));
string hashedPassword = BitConverter.ToString(hash).Replace("-", string.Empty).ToLower();
//if password DOES NOT match the database password...
if (hashedPassword != currentStudent.Password)
{
ViewData["Message"] = "Current Password Is Incorrect!";
return(View(student));
}
//else continue what is needed to be done
if (ModelState.IsValid)
{
//checks whether the password is the same
if (student.NewPassword == student.ConfirmPassword)
{
//Checks the password whether it contains a digit, hashes the password using SHA-1 and updates the password into the database
if (studentContext.ChangePassword(student))
{
ViewData["Message"] = "Password Changed Successfully!";
return(View(student));
}
}
//if password does not match
else
{
ViewData["Message"] = "Password Does Not Match!";
return(View(student));
}
}
//if password field is empty OR does not match the required model from Lecturer.cs, return to view with error message
ViewData["Message"] = "Password Field Did Not Meet Requirements!";
return(View(student));
}
