public IActionResult Book(UserFlightEditModel model)
{
if (ModelState.IsValid)
{
var flight = context.Flights.FirstOrDefault(f => f.FlightId == model.Id);
var userId = int.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier));
var user = context.Users.FirstOrDefault(u => u.UserId == userId);
string[] parts = new string[2];
parts = user.PasswordHashCode.Split(" : ");
string salt = parts[0];
string password = parts[1];
string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
password: model.Password,
salt: Encoding.BigEndianUnicode.GetBytes(salt),
prf: KeyDerivationPrf.HMACSHA1,
iterationCount: 10000,
numBytesRequested: 256 / 8));
if (password.Equals(hashed))
{
if (flight.AvailableTickets > 0)
{
flight.AvailableTickets--;
}
else
{
UserBookViewModel m = new UserBookViewModel()
{
Flight = flight,
TicketsAvailable = false
};
return(View(m));
}
UserFlight newUserFlight = new UserFlight()
{
UserId = userId,
FlightId = model.Id,
User = user,
Flight = flight
};
context.UserFlights.Add(newUserFlight);
context.SaveChanges();
return(RedirectToAction("Flight", "Flights", new { id = model.Id }));
}
else
{
UserBookViewModel m = new UserBookViewModel()
{
Flight = flight,
IncorrectPassword = true,
};
return(View(m));
}
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
public IActionResult Book(int id)
{
Flight flight = context.Flights.FirstOrDefault(f => f.FlightId == id);
UserBookViewModel model = new UserBookViewModel()
{
Flight = flight,
IncorrectPassword = false
};
return(View(model));
}
