public static GeneratedPassword GeneratePassword(string passwordString = null)
{
var password = !string.IsNullOrEmpty(passwordString) ? passwordString : RandomPasswordGenerator.Generate(8);
var hash = new Hasher {SaltSize = 10 };
return new GeneratedPassword
{
Password = new Password(hash.Encrypt(password).ToByteArray()),
OriginalPassword = password
};
}
public ActionResult Login(LoginModel loginModel)
{
var user = UnitOfWork.DocumentSession.Query<User>()
.SingleOrDefault(u => u.Username == loginModel.Login);
if (user == null)
throw new HttpResponseException(new HttpResponseMessage { ReasonPhrase = "Your user name was not recognized!", StatusCode = HttpStatusCode.Unauthorized });
var hash = new Hasher() { SaltSize = 10 };
if (!hash.CompareStringToHash(loginModel.Password, user.Password.Value.ToPlainString()))
throw new HttpResponseException(new HttpResponseMessage { ReasonPhrase = "You were not authenticated!", StatusCode = HttpStatusCode.Unauthorized });
HttpContext.Response.Cookies.Set(new HttpCookie("username", user.Username) { Expires = DateTime.Now.AddDays(1) });
HttpContext.Session[Globals.CurrentUser] = new CurrentUser(user)
{
IsAuthenticated = true,
Photo = user.PhotoAttachment
};
return new JsonNetResult();
}