Пример #1
0
        public ActionResult CheckUserPass(string name, string pass)
        {
            int userID = repo.GetUserID(name);
            string db_saltHashed = repo.GetSaltHashedPassword(userID);
            string db_salt = repo.GetSalt(userID);

            SaltHashPassword shp = new SaltHashPassword();
            string saltHashed = db_salt + shp.GetHashedPassword(pass);

            // check if password is correct
            if (saltHashed != db_saltHashed)
            {
                return new JsonResult() { Data = false };
            }
            return new JsonResult() { Data = true };
        }
Пример #2
0
        public ActionResult Register(UsersViewModel updateModel)
        {
            string user = updateModel.User.Username;
            if (repo.CheckUserExist(user))
            {
                Session["User"] = user;
                return RedirectToAction("Register", "Admin");
            }

            UsersViewModel uvm = new UsersViewModel();
            uvm.User = new User();
            SaltHashPassword shPass = new SaltHashPassword();

            string pwd = updateModel.User.Password;
            uvm.User.Username = updateModel.User.Username;
            uvm.User.FirstName = updateModel.User.FirstName;
            uvm.User.LastName = updateModel.User.LastName;
            uvm.User.SecretQuestion = updateModel.User.SecretQuestion;
            uvm.User.SecretAnswer = updateModel.User.SecretAnswer;
            uvm.User.PasswordSalt = shPass.GetSaltPassword();
            uvm.User.Password = shPass.GetHashedPassword(pwd);
            uvm.User.Created = DateTime.Now;

            if (ModelState.IsValid)
            {
                repo.AddNewUser(uvm.User);
                //repo.Save();
            }

            return View(uvm);
        }
Пример #3
0
        public ActionResult Index(User login)
        {
            string user = login.Username;
            if (repo.CheckUserExist(user))
            {
                int userID = repo.GetUserID(user);
                string db_saltHashed = repo.GetSaltHashedPassword(userID);
                string db_salt = repo.GetSalt(userID);

                SaltHashPassword shp = new SaltHashPassword();
                string password = login.Password;
                string saltHashed = db_salt + shp.GetHashedPassword(password);

                // check if password is correct
                if (saltHashed == db_saltHashed)
                {
                    Session["Username"] = user;
                    Session["UserID"] = userID;
                    return RedirectToAction("Create", "Admin");
                }
                else
                {
                    Session["Message"] = "Password Incorrect!";
                    return RedirectToAction("Index", "Admin");
                }
            }
            Session["Message"] = "Username does not exist!";
            return RedirectToAction("Index", "Admin");
        }