public IActionResult RegisterEmployee(EmployeeCreateModel employee) { if (ModelState.IsValid) { string salt = PasswordHashingLogic.GenerateSalt(); string PasswordHash = PasswordHashingLogic.GeneratePasswordHash(employee.Password, salt); string uniqueFileName = null; if (employee.ProfilePicture != null) { string uploadsFolder = Path.Combine(_hostingEnvironment.WebRootPath, "img", "ProfilePictures"); uniqueFileName = Guid.NewGuid().ToString() + "_" + employee.ProfilePicture.FileName; string filePath = Path.Combine(uploadsFolder, uniqueFileName); employee.ProfilePicture.CopyTo(new FileStream(filePath, FileMode.Create)); } EmployeeProcessor.CreateEmployee( employee.Firstname, employee.Prefix, employee.Lastname, employee.City, employee.Postalcode, employee.Address, uniqueFileName, employee.Email, employee.Phone, salt, PasswordHash, employee.Profession, employee.Role.ToString() ); return(RedirectToAction("ViewEmployees", "Employee")); } return(View()); }
public IActionResult LoginEmployee(LoginEmployeeModel login) { if (ModelState.IsValid) { EmployeeDataModel employeeData = EmployeeProcessor.GetUserByEmail(login.Email); if (employeeData != null) { if (PasswordHashingLogic.ValidateUser(login.Password, employeeData.Salt, employeeData.PasswordHash)) { var employeeClaims = new List <Claim>() { new Claim(ClaimTypes.Email, employeeData.Email), new Claim(ClaimTypes.Role, employeeData.Role) }; var employeeIdentity = new ClaimsIdentity(employeeClaims, "Employee Identity"); var employeePrincipal = new ClaimsPrincipal(new[] { employeeIdentity }); HttpContext.SignInAsync(employeePrincipal); return(RedirectToAction("Dashboard", "Home")); } } else { ModelState.AddModelError("incorrectLogin", "The provided email and password do not match."); } } return(View()); }
public static void UpdateEmployee(string city, string postalcode, string address, string email, string phone, string profession, string password, int user_Id) { var passwordHash = GetUserById(user_Id).PasswordHash; if (password != null) { var salt = GetUserById(user_Id).Salt; passwordHash = PasswordHashingLogic.GeneratePasswordHash(password, salt); } EmployeeDataModel data = new EmployeeDataModel { Address = address, City = city, Email = email, PasswordHash = passwordHash, PostalCode = postalcode, Phone = phone, Profession = profession, }; string sql = $"Update employee set city = '{city}', postalCode = '{postalcode}', address = '{address}', email = '{email}', phone = '{phone}', profession = '{profession}', passwordHash = '{passwordHash}' WHERE id = '{user_Id}';"; SQLDataAccess.SaveData(sql, data); }