public ActionResult ChangePassword(ChangePassword changePassword)
{
if (!String.Equals(changePassword.NewPW, changePassword.ConfirmNewPW))
{
ModelState.AddModelError("", "Password and confirm password does not match");
return View(changePassword);
}
string origPW = Convert.ToBase64String(
new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(
Encoding.ASCII.GetBytes(changePassword.PW)));
var user = db.Users.Where(e => e.Id == changePassword.Id &&
e.UserName == HttpContext.User.Identity.Name &&
e.PW == origPW).FirstOrDefault();
if (user != null)
{
user.PW = Convert.ToBase64String(
new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(
Encoding.ASCII.GetBytes(changePassword.NewPW)));
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
}
else
{
ModelState.AddModelError("", "The password provided is incorrect.");
return View(changePassword);
}
return RedirectToAction("Index", "Home");
}
public ActionResult ChangePassword()
{
string userName = HttpContext.User.Identity.Name;
var user = db.Users.Where(e => e.UserName == userName).FirstOrDefault();
if (user != null)
{
var changePassword = new ChangePassword()
{
Id = user.Id
};
return View(changePassword);
}
return RedirectToAction("LogOn");
}