trading
/
PTMagic
mirror of https://github.com/PTMagicians/PTMagic.git
2
0
Fork 0
Code Issues Releases Wiki Activity

make password change secure

This commit is contained in:
JackTerok 2021-02-19 22:14:01 +01:00
parent 91e8fecb28
commit b9082c7889
2 changed files with 40 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Monitor/Pages/SetupPassword.cshtml
View File

@ -14,9 +14,18 @@
<h3 class="text-center"> <strong class="text-custom">PT Magic</strong> </h3> <h3 class="text-center"> <strong class="text-custom">PT Magic</strong> </h3>
<p class="text-center">Setup your password.</p> <p class="text-center">Setup your password.</p>
</div> </div>
<div class="p-20"> <div class="p-20">
<form class="form-horizontal m-t-20" method="post"> <form class="form-horizontal m-t-20" method="post">
@if (System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
{
<div class="form-group">
<div class="col-12">
<input name="OldPassword" class="form-control" type="password" required="" placeholder="Old Password">
</div>
</div>
}
<div class="form-group"> <div class="form-group">
<div class="col-12"> <div class="col-12">
<input name="Password" class="form-control" type="password" required="" placeholder="Password"> <input name="Password" class="form-control" type="password" required="" placeholder="Password">
@ -29,14 +38,6 @@
</div> </div>
</div> </div>
@if (!Model.ValidationMessage.Equals("")) {
<div class="form-group">
<div class="text-danger m-l-10">
@Model.ValidationMessage
</div>
</div>
}
<div class="form-group text-center m-t-40"> <div class="form-group text-center m-t-40">
<div class="col-12"> <div class="col-12">
<button class="btn btn-ptmagic btn-block text-uppercase waves-effect waves-light" type="submit"> <button class="btn btn-ptmagic btn-block text-uppercase waves-effect waves-light" type="submit">
@ -44,9 +45,7 @@
</button> </button>
</div> </div>
</div> </div>
</form> </form>
</div> </div>
</div> </div>

31
Monitor/Pages/SetupPassword.cshtml.cs
View File

@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Http;
using System.Threading.Tasks; using System.Threading.Tasks;
using Newtonsoft.Json; using Newtonsoft.Json;
using Core.Main; using Core.Main;
using Core.Helper;
namespace Monitor.Pages namespace Monitor.Pages
{ {
@ -16,21 +17,39 @@ namespace Monitor.Pages
base.PreInit(); base.PreInit();
} }
public void OnPost(string password, string passwordConfirm) public void OnPost(string OldPassword, string Password, string PasswordConfirm)
{
if (!password.Equals(passwordConfirm))
{ {
base.PreInit(); base.PreInit();
string encryptedOldPassword = null;
if (OldPassword != null)
{
encryptedOldPassword = EncryptionHelper.Encrypt(OldPassword);
if (!Password.Equals(PasswordConfirm) || !encryptedOldPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword) && System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
{
Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword"); Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
} }
else if (ModelState.IsValid) else if (ModelState.IsValid)
{ {
base.PreInit(); PTMagicConfiguration.WriteSecureSettings(Password);
PTMagicConfiguration.WriteSecureSettings(password);
Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login"); Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
} }
} }
else
{
if (!Password.Equals(PasswordConfirm) && !System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
{
Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
}
else if (ModelState.IsValid)
{
PTMagicConfiguration.WriteSecureSettings(Password);
Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
}
}
}
} }
} }