public async Task <IHttpActionResult> ChangePasswordAsync()
{
string json = await Request.Content.ReadAsStringAsync();
dynamic data = JsonConvert.DeserializeObject <Dictionary <string, string> >(json);
string login = data["login"];
string newPassword = data["newPassword"];
string oldPassword = data["oldPassword"];
User editUser = db.Users.Where(i => i.Login == login).FirstOrDefault();
if (editUser != null)
{
string encryptedOldPassword = Cryptographing.Encrypt(oldPassword.Trim());
string encryptedNewPassword = Cryptographing.Encrypt(newPassword.Trim());
// If written current password is the same as current password AND written current and new passwords are not NULLs
if (encryptedOldPassword.Equals(editUser.EncryptedPassword) && encryptedOldPassword != null && encryptedNewPassword != null)
{
// If new password validates and is different from old one => CHANGE PASSWORD
if (!encryptedNewPassword.Equals(encryptedOldPassword))
{
await Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.ChangePassword, editUser.FirstName, editUser.LastName, editUser.Email, encryptedNewPassword));
return(Ok("Wysłano email z potwierdzeniem zmiany hasła!"));
}
}
}
return(BadRequest("Nie udało się zmienić hasła"));
}
public ActionResult EditPassword(UserPasswordModel form)
{
User editUser = db.Users.Where(i => i.Login == HttpContext.User.Identity.Name).FirstOrDefault();
Debug.WriteLine("UserPanel");
if (editUser != null)
{
string encryptedOldPassword = Cryptographing.Encrypt(form.OldPassword.Trim());
string encryptedNewPassword = Cryptographing.Encrypt(form.NewPassword.Trim());
string encryptedNewPasswordValidation = Cryptographing.Encrypt(form.NewPasswordConfirmation.Trim());
// If written current password is the same as current password AND written current and new passwords are not NULLs
if (encryptedOldPassword.Equals(editUser.EncryptedPassword) && encryptedOldPassword != null && encryptedNewPassword != null)
{
// If new password validates and is different from old one => CHANGE PASSWORD
if (encryptedNewPassword.Equals(encryptedNewPasswordValidation) && !encryptedNewPassword.Equals(encryptedOldPassword))
{
ViewBag.ConfirmChanges = "Potwierdź link w wysłanym mail'u by zastosować zmianę hasła.";
Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.ChangePassword, editUser.FirstName, editUser.LastName, editUser.Email, encryptedNewPassword));
return(Json("Wysłano email z potwierdzeniem zmiany hasła!"));
}
}
}
return(Json("Something failed"));
}
public IHttpActionResult Login(LoginBindingModel model)
{
var login = model.Login;
var password = Cryptographing.Encrypt(model.Password);
var user = db.Users.Where(x => x.Login == login && x.EncryptedPassword == password).SingleOrDefault();
if (user != null)
{
return(Ok(user));
}
return(BadRequest("User not found"));
}
public ActionResult Login(FormCollection collection)
{
if (collection["UserIdenticator"] != null && collection["EncryptedPassword"] != null)
{
var userIdenticator = collection["UserIdenticator"];
var password = Cryptographing.Encrypt(collection["EncryptedPassword"]);
User user = null;
if (userIdenticator != null && userIdenticator.Contains("@"))
{
user = db.Users.Where(x => x.Email == userIdenticator && x.EncryptedPassword == password).FirstOrDefault();
}
else
{
user = db.Users.Where(x => x.Login == userIdenticator && x.EncryptedPassword == password).FirstOrDefault();
}
if (user != null)
{
FormsAuthentication.SetAuthCookie(user.Login, (collection["rememberMeInput"] == "rememberMe"));
if (user.AvatarImage == null)
{
Debug.WriteLine("Brak zdjęcia dodam defaultowe");
AvatarImage avatarImage = new AvatarImage()
{
PathToFile = "../../App_Files/Images/UserAvatars/DefaultAvatar.jpg", User = user
};
user.AvatarImage = avatarImage;
db.SaveChanges();
}
ViewBag.UserAvatarURL = user.AvatarImage.PathToFile;
return(RedirectToAction("Index", "Home"));
}
ViewBag.ErrorMessage = "Nieprawidłowe dane logowania";
}
else
{
ViewBag.SomethingWentWrong = "Coś poszło nie tak.";
}
return(View());
}
public ActionResult PasswordReset(FormCollection collection)
{
if (Session["ResetPasswordEmail"] != null && !User.Identity.IsAuthenticated)
{
string email = Session["ResetPasswordEmail"].ToString();
if (collection["codeInput"] != null && collection["EncryptedPassword"] != null && collection["passwordRegisterInput2"] != null)
{
try
{
string Code = collection["codeInput"];
string NewPassword = collection["EncryptedPassword"];
string NewPasswordRepeated = collection["passwordRegisterInput2"];
var PasswordCode = db.PasswordResetCodes.Where(i => i.EmailAddress == email && i.CodeExpirationTime > DateTime.UtcNow && !i.Used).OrderByDescending(i => i.CodeCreationTime).FirstOrDefault();
var user = db.Users.Where(i => i.Email == email).FirstOrDefault();
if (PasswordCode != null && user != null)
{
if (Code.Equals(PasswordCode.PasswordResetCode) && NewPassword.Equals(NewPasswordRepeated) && PasswordCode.TriesCount < 3)
{
user.EncryptedPassword = Cryptographing.Encrypt(NewPassword);
PasswordCode.Used = true;
ConcurencyHandling.SaveChangesWithConcurencyHandling(db);
Session.Clear();
return(RedirectToAction("Login", "User"));
}
else
{
PasswordCode.TriesCount++;
ViewBag.ErrorMessage = "Niepoprawny kod";
ConcurencyHandling.SaveChangesWithConcurencyHandling(db);
return(View());
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.StackTrace);
return(new HttpStatusCodeResult(500));
}
}
}
return(new HttpStatusCodeResult(404));
}
public IHttpActionResult Register(RegisterBindingModel model)
{
DateTime birthdate = DateTime.Parse(model.BirthDate);
User user = new User()
{
FirstName = model.FirstName,
LastName = model.LastName,
Login = model.Login,
EncryptedPassword = Cryptographing.Encrypt(model.Password),
Email = model.Email,
BirthDate = birthdate,
CreationDate = DateTime.Now,
IsActivated = false
};
db.Users.Add(user);
db.SaveChanges();
var bucket = new Bucket
{
User = db.Users.Where(i => i.Login == user.Login).First()
};
db.Buckets.Add(bucket);
db.SaveChanges();
Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.Registration, user.FirstName, user.LastName, user.Email));
if (user != null)
{
return(Ok());
}
else
{
return(BadRequest("Cannot register user"));
}
}
public async Task <ActionResult> Register(FormCollection collection)
{
if (collection != null)
{
if (collection["Email"] != null && collection["Login"] != null && collection["BirthDate"] != null && collection["Password"] != null)
{
string email = collection["Email"].Trim();
string login = collection["Login"].Trim();
User tmpEmailUser = db.Users.Where(u => u.Email == email).FirstOrDefault();
User tmpLoginUser = db.Users.Where(u => u.Login == login).FirstOrDefault();
bool properDate = DateTime.TryParse(collection["BirthDate"], out DateTime dataUrodzenia);
bool properAge = Utilities.CheckRegistrationAge(dataUrodzenia);
bool uniqueEmail = tmpEmailUser is null; // If user with given EMAIL doesn't exist returns true that allows to register, works like "tmpEmailUser is null ? true : null"
bool uniqueLogin = tmpLoginUser is null; // If user with given LOGIN doesn't exist returns true that allows to register, works like "tmpLoginUser is null ? true : null"
bool minimalPswLength = collection["Password"].Length >= 8;
if (!properDate)
{
ViewBag.DateMessage = "Nieprawidłowa data.";
}
if (!properAge)
{
ViewBag.AgeMessage = "Musisz mieć ukończone przynajmniej 13 lat.";
}
if (!uniqueEmail)
{
ViewBag.EmailMessage = "Konto z podanym emailem już istnieje!";
}
if (!uniqueLogin)
{
ViewBag.LoginMessage = "Konto z podanym loginem już istnieje!";
}
if (!minimalPswLength)
{
ViewBag.minimalPswLength = "Hasło musi być dłuższe niż 8 znaków!";
}
if (ModelState.IsValid && properDate && properAge && uniqueEmail && uniqueLogin && minimalPswLength)
{
try
{
User user = new User()
{
FirstName = collection["FirstName"].Trim(),
LastName = collection["LastName"].Trim(),
Login = login,
EncryptedPassword = Cryptographing.Encrypt(collection["Password"]),
Email = email,
BirthDate = dataUrodzenia,
CreationDate = DateTime.Now,
IsActivated = false
};
AvatarImage avatarImage = new AvatarImage()
{
PathToFile = "../../App_Files/Images/UserAvatars/DefaultAvatar.jpg", User = user
};
db.Users.Add(user);
db.SaveChanges();
user.AvatarImage = avatarImage;
db.SaveChanges();
var bucket = new Bucket
{
User = db.Users.Where(i => i.Login == user.Login).First()
};
db.Buckets.Add(bucket);
db.SaveChanges();
Order UniqueOrderForThatUser = new Order
{
User = db.Users.Where(i => i.Login == user.Login).First()
};
db.Orders.Add(UniqueOrderForThatUser);
db.SaveChanges();
Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.Registration, user.FirstName, user.LastName, user.Email));
return(RedirectToAction("Login"));
}
catch (Exception ex)
{
Debug.WriteLine(ex.StackTrace);
ViewBag.SomethingWentWrong = "Coś poszło nie tak";
}
}
}
}
return(View());
}
