public Tuple <Admin, AdminValidation> Login(Admin admin) { AdminValidation validation = new AdminValidation(admin); if (validation.IsValid) { Admin dbAdmin = GetAdmin(admin.Username); if (dbAdmin == null) { validation.DoesNotExistOnServer(nameof(admin.Username)); } else { Hashing pwdHash = new Hashing(admin.Password, dbAdmin.Salt); if (pwdHash.Equals(dbAdmin.PasswordHash)) { return(new Tuple <Admin, AdminValidation>(dbAdmin, validation)); } else { validation.WrongPassword(nameof(admin.Password)); } } } return(new Tuple <Admin, AdminValidation>(null, validation)); }
public ActionResult CreateAdmin(Admin admin) { AuthorizeAndRedirect(Rank.SuperAdmin); AdminValidation valid = _Manager.SignUp(admin); if (valid.IsValid) { ViewData.ModelState.Clear(); return(RedirectToAction("AdminPanel", "Admin")); } ValidationMessages.ConvertCodeToMsg(ModelState, valid.ErrorDict); return(RedirectToAction("CreateAdmin", "Admin", null)); }
public AdminValidation EditAdmin(Admin admin, bool PasswordNotEdited = false) { AdminValidation validation = new AdminValidation(admin, PasswordNotEdited); if (validation.IsValid) { Admin existingAdmin = GetAdmin(admin.Username); if (existingAdmin != null) { _Repo.EditAdmin(Mapper.Map <ADMIN>(admin)); } else { validation.DoesNotExistOnServer(nameof(admin.Username)); } } return(validation); }
public ActionResult EditAdminPost(Admin admin) { if (!(admin.Username == Session["authentication"].ToString())) //Allow the user to change their own password even if not admin or higher { AuthorizeAndRedirect(Rank.Admin); } Admin oldAdmin = _Manager.GetAdmin(admin.Username); if ((Rank)Session["Level"] < Rank.SuperAdmin) //Don't allow changing of admin level or classification access if admin who edited is not superadmin { admin.PermissionLevel = oldAdmin.PermissionLevel; admin.CanEditClassifications = oldAdmin.CanEditClassifications; } if (admin.Password == null) { admin.PasswordHash = oldAdmin.PasswordHash; admin.Salt = oldAdmin.Salt; AdminValidation validation = _Manager.EditAdmin(admin, true); if (validation.IsValid) { ViewData.ModelState.Clear(); return(RedirectToAction("AdminPanel", "Admin", null)); } ValidationMessages.ConvertCodeToMsg(ModelState, validation.ErrorDict); } else { Hashing hashing = new Hashing(admin.Password); admin.PasswordHash = hashing.Hash; admin.Salt = hashing.Salt; AdminValidation validation = _Manager.EditAdmin(admin); if (validation.IsValid) { ViewData.ModelState.Clear(); return(RedirectToAction("AdminPanel", "Admin", null)); } ValidationMessages.ConvertCodeToMsg(ModelState, validation.ErrorDict); } return(RedirectToAction("EditAdmin", new { id = admin.Username })); }
public AdminValidation SignUp(Admin admin) { AdminValidation validation = new AdminValidation(admin); if (validation.IsValid) { Admin existingAdmin = GetAdmin(admin.Username); if (existingAdmin != null) { validation.DoesAlreadyExistOnServer(nameof(admin.Username)); } else { Hashing hash = new Hashing(admin.Password); admin.Password = null; admin.PasswordHash = hash.Hash; admin.Salt = hash.Salt; CreateAdmin(admin); } } return(validation); }
private void loginBtn_Click(object sender, RoutedEventArgs e) { //Get inputted details string username = usernameTxt.Text; string password = UserAccount.stringToHashString(passwordBox.Password); var aV = new AdminValidation(username, password); if (aV.isAccountAdmin) { //Allow admin to pick access levels var ui = UICreatePage.CreateNewSetAccessPage(); CreateNewAccountService.Instance.Window.Content = ui; } else { errorBlock.Text = aV.ErrorMessage; } /* * //Validate if details match existing admin account * using(var dbContext = new InventoryContext()) * { * AdminAccount admin = AdminAccountValidation.ValidateAdminAccount(username, password, dbContext); * * //Validation failed * if( admin == null) * { * errorBlock.Text = "Enter valid admin account details"; * * } * else * { * //Allow admin to pick access levels * var ui = UICreatePage.CreateNewSetAccessPage(); * CreateNewAccountService.Instance.Window.Content = ui; * } * }*/ }