From 2ed3e02630d35ec8484c9a02294643f9bb7ac992 Mon Sep 17 00:00:00 2001 From: Gregory Rudolph Date: Mon, 18 Oct 2021 20:43:38 -0400 Subject: [PATCH] Allow user password changes --- Account.cs | 15 +++++++++++++++ Pages/Account.cshtml | 21 ++++++++++++++++++++- Pages/Account.cshtml.cs | 10 ++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) diff --git a/Account.cs b/Account.cs index 0d2e175..15674d6 100644 --- a/Account.cs +++ b/Account.cs @@ -170,6 +170,21 @@ namespace NightmareCoreWeb2 { return verifier.Compare(this.Verifier); } + public void ChangePassword(string NewPassword) { + MySqlConnection conn = new MySqlConnection(Program.connStr); + conn.Open(); + byte[] salt = new byte[32]; + byte[] verifier = new byte[32]; + (salt, verifier) = Framework.Cryptography.SRP6.MakeRegistrationData(this.Username, NewPassword); + + string sql = "UPDATE auth.account SET salt=@salt, verifier=@verifier where username=@username"; + MySqlCommand cmd = new MySqlCommand(sql, conn); + cmd.Parameters.AddWithValue("username", Username); + cmd.Parameters.AddWithValue("salt", salt); + cmd.Parameters.AddWithValue("verifier", verifier); + cmd.ExecuteNonQuery(); + conn.Close(); + } } diff --git a/Pages/Account.cshtml b/Pages/Account.cshtml index 828c5d4..6a5411a 100644 --- a/Pages/Account.cshtml +++ b/Pages/Account.cshtml @@ -47,8 +47,27 @@

Username: @Model.UserAccount.Username

Email: @Model.UserAccount.Email

Last IP: @Model.UserAccount.LastIP

-

Last Login: @Model.UserAccount.LastLogin.ToLocalTime()

+

Last Login: @Model.UserAccount.LastLogin.ToLocalTime()

+ + + +
+
+
+
Change Password
+
+
+
+
+ + + + +
+ @Html.AntiForgeryToken() + +
diff --git a/Pages/Account.cshtml.cs b/Pages/Account.cshtml.cs index 0de24c5..2152209 100644 --- a/Pages/Account.cshtml.cs +++ b/Pages/Account.cshtml.cs @@ -14,6 +14,8 @@ namespace NightmareCoreWeb2.Pages public string CharacterListType { get; set; } public string AuthToken { get; set; } public string Username { get; set; } + public string NewPassword {get; set;} + public string NewPassword2 {get; set;} public bool IsAuthenticated = false; public Account UserAccount { get; set; } public List OnlineCharacters = new List(); @@ -109,6 +111,14 @@ namespace NightmareCoreWeb2.Pages } } + public void OnPostChangePassword() { + OnGet(); + NewPassword = Request.Form["NewPassword"]; + NewPassword2 = Request.Form["NewPassword2"]; + if (NewPassword.Equals(NewPassword2)) { + this.UserAccount.ChangePassword(NewPassword); + } + } } }