public IActionResult Book(UserFlightEditModel model) { if (ModelState.IsValid) { var flight = context.Flights.FirstOrDefault(f => f.FlightId == model.Id); var userId = int.Parse(User.FindFirstValue(ClaimTypes.NameIdentifier)); var user = context.Users.FirstOrDefault(u => u.UserId == userId); string[] parts = new string[2]; parts = user.PasswordHashCode.Split(" : "); string salt = parts[0]; string password = parts[1]; string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: model.Password, salt: Encoding.BigEndianUnicode.GetBytes(salt), prf: KeyDerivationPrf.HMACSHA1, iterationCount: 10000, numBytesRequested: 256 / 8)); if (password.Equals(hashed)) { if (flight.AvailableTickets > 0) { flight.AvailableTickets--; } else { UserBookViewModel m = new UserBookViewModel() { Flight = flight, TicketsAvailable = false }; return(View(m)); } UserFlight newUserFlight = new UserFlight() { UserId = userId, FlightId = model.Id, User = user, Flight = flight }; context.UserFlights.Add(newUserFlight); context.SaveChanges(); return(RedirectToAction("Flight", "Flights", new { id = model.Id })); } else { UserBookViewModel m = new UserBookViewModel() { Flight = flight, IncorrectPassword = true, }; return(View(m)); } } else { return(RedirectToAction("Index", "Home")); } }
public IActionResult Book(int id) { Flight flight = context.Flights.FirstOrDefault(f => f.FlightId == id); UserBookViewModel model = new UserBookViewModel() { Flight = flight, IncorrectPassword = false }; return(View(model)); }