rudi/NightmareCoreWeb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow user password changes

Browse Source
This commit is contained in:
Gregory Rudolph
2021-10-18 20:43:38 -04:00
parent 58baf8f1f7
commit 2ed3e02630
3 changed files with 45 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Account.cs
View File

@ -170,6 +170,21 @@ namespace NightmareCoreWeb2
{ {
return verifier.Compare(this.Verifier); return verifier.Compare(this.Verifier);
} }
public void ChangePassword(string NewPassword) {
MySqlConnection conn = new MySqlConnection(Program.connStr);
conn.Open();
byte[] salt = new byte[32];
byte[] verifier = new byte[32];
(salt, verifier) = Framework.Cryptography.SRP6.MakeRegistrationData(this.Username, NewPassword);
string sql = "UPDATE auth.account SET salt=@salt, verifier=@verifier where username=@username";
MySqlCommand cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("username", Username);
cmd.Parameters.AddWithValue("salt", salt);
cmd.Parameters.AddWithValue("verifier", verifier);
cmd.ExecuteNonQuery();
conn.Close();
}
} }

21
Pages/Account.cshtml
View File

@ -47,8 +47,27 @@
<p class="card-text">Username: @Model.UserAccount.Username</p> <p class="card-text">Username: @Model.UserAccount.Username</p>
<p class="card-text">Email: @Model.UserAccount.Email</p> <p class="card-text">Email: @Model.UserAccount.Email</p>
<p class="card-text">Last IP: @Model.UserAccount.LastIP</p> <p class="card-text">Last IP: @Model.UserAccount.LastIP</p>
<p class="card-text">Last Login: @Model.UserAccount.LastLogin.ToLocalTime()</p> <p class="card-text">Last Login: @Model.UserAccount.LastLogin.ToLocalTime()</p>
</div>
</div>
</div>
<div class="col-md-5">
<div class="card">
<div class="card-header">
<h6>Change Password</h6>
</div>
<div class="card-body">
<form action="?handler=ChangePassword" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="NewPassword">New Password: </label>
<input asp-for="NewPassword" type="password" name="NewPassword" id="NewPassword">
<label for="NewPassword2">New Password Again: </label>
<input asp-for="NewPassword2" type="password" name="NewPassword2" id="NewPassword2">
</div>
@Html.AntiForgeryToken()
<input class="button" type="submit" value="Change Password" name="changepassword">
</form>
</div> </div>
</div> </div>
</div> </div>

10
Pages/Account.cshtml.cs
View File

@ -14,6 +14,8 @@ namespace NightmareCoreWeb2.Pages
public string CharacterListType { get; set; } public string CharacterListType { get; set; }
public string AuthToken { get; set; } public string AuthToken { get; set; }
public string Username { get; set; } public string Username { get; set; }
public string NewPassword {get; set;}
public string NewPassword2 {get; set;}
public bool IsAuthenticated = false; public bool IsAuthenticated = false;
public Account UserAccount { get; set; } public Account UserAccount { get; set; }
public List<Character> OnlineCharacters = new List<Character>(); public List<Character> OnlineCharacters = new List<Character>();
@ -109,6 +111,14 @@ namespace NightmareCoreWeb2.Pages
} }
} }
public void OnPostChangePassword() {
OnGet();
NewPassword = Request.Form["NewPassword"];
NewPassword2 = Request.Form["NewPassword2"];
if (NewPassword.Equals(NewPassword2)) {
this.UserAccount.ChangePassword(NewPassword);
}
}
} }
} }