public void OnPost()
{
if (!UsersDAO.CheckLogin(Login) || !UsersDAO.CheckPassword(Password))
{
ViewData["error"] = "Неверно заполненное поле или несколько полей.";
return;
}
var connection = Connection.Open();
if (Password.Equals(ConfirmPassword))
{
var a = new Tuple <string, string>(null, null);
var(item1, item2) = UsersDAO.FirstHashing(Password);
Password = item1 + item2;
var loginParam = new NpgsqlParameter("@login", Login)
{
Direction = ParameterDirection.Input,
};
var passwordParam = new NpgsqlParameter("@Password", Password)
{
Direction = ParameterDirection.Input,
};
var commandString = (@"INSERT INTO USERS VALUES (@login, @password, null)");
connection.SendCommandWithoutAnswer(commandString, new List <NpgsqlParameter>()
{
loginParam, passwordParam
});
login.IsSession = true;
login.LoginSession = Login;
login.Staticlogin = Login;
Response.Redirect("/account");
}
else
{
ViewData["error"] = "Пароли не совпадают";
}
connection.Close();
}
public IActionResult OnPost()
{
if (!login.IsSession || !login.LoginEqualsLoginSession())
{
Response.Redirect("/login");
login.Staticlogin = null;
login.IsSession = false;
return(Page());
}
if (NewLogin == login.Staticlogin && login.IsSession && login.LoginEqualsLoginSession())
{
Message = "WARNING: Нельзя поменять логин на такой же";
return(Page());
}
switch (Action)
{
case "exit":
Response.Redirect("/login");
login.IsSession = false;
login.LoginSession = null;
break;
case "changeLogin" when !CheckLoginAndPassword():
Message = "WARNING: Логин не должен содержать цифр и иметь длину от 3 до 20 символов.";
return(Page());
case "changeLogin":
{
var connection = Connection.Open();
var reader = Connection.GetDataFromDb(connection,
$@"SELECT users.password FROM USERS WHERE '{login.Staticlogin}' = users.login");
if (reader.Read())
{
var hashPasswordFromDb = reader.GetValue(0).ToString();
reader.Close();
var passwordAndSalt = new Tuple <string, string>(
hashPasswordFromDb.Substring(0, hashPasswordFromDb.Length - 6),
hashPasswordFromDb.Substring(hashPasswordFromDb.Length - 6, 6));
if (passwordAndSalt.Item1 == UsersDAO.Hashing(Password, passwordAndSalt.Item2))
{
ViewData["error"] = UsersDAO.ChangeLogin(connection, NewLogin);
Response.Redirect("/login");
login.IsSession = false;
login.Staticlogin = null;
}
else
{
Message = "WARNING: Неверный пароль";
}
}
connection.Close();
break;
}
case "changeParol":
{
if (Password == null || NewPassword == null || ConfirmPassword == null)
{
Message = "WARNING: Поля или одно из полей пустые";
return(Page());
}
var connection = Connection.Open();
var reader = Connection.GetDataFromDb(connection,
$@"SELECT users.password FROM USERS WHERE '{login.Staticlogin}' = users.login");
if (reader.Read())
{
var hashPasswordFromDb = reader.GetValue(0).ToString();
reader.Close();
var passwordAndSalt = new Tuple <string, string>(
hashPasswordFromDb.Substring(0, hashPasswordFromDb.Length - 6),
hashPasswordFromDb.Substring(hashPasswordFromDb.Length - 6, 6));
if (passwordAndSalt.Item1 == UsersDAO.Hashing(Password, passwordAndSalt.Item2))
{
if (NewPassword == ConfirmPassword)
{
var(hashPassword, salt) = UsersDAO.FirstHashing(NewPassword);
UsersDAO.ChangePassword(connection, hashPassword + salt);
Response.Redirect("/login");
login.IsSession = false;
login.Staticlogin = null;
}
else
{
Message = "WARNING: Пароли не совпадают";
return(Page());
}
}
else
{
Message = "WARNING: Неверный пароль";
}
}
connection.Close();
break;
}
}
return(Page());
}
