Change password page

StudentHouseDashboard/Data/UserRepository.cs

@@ -125,10 +125,10 @@ namespace Data
             using (SqlConnection conn = SqlConnectionHelper.CreateConnection())
             {
                 string sql = "UPDATE Users " +
-                    "SET Name = 'Deleted User @id', Password = '0'" +
+                    "SET Name = 'Deleted User ' + @id, Password = '0'" +
                     "WHERE ID = @id;";
                 SqlCommand cmd = new SqlCommand(sql, conn);
-                cmd.Parameters.AddWithValue("@id", id);
+                cmd.Parameters.AddWithValue("@id", id.ToString());
                 int writer = cmd.ExecuteNonQuery();
 
                 if (writer == 1)

StudentHouseDashboard/WebApp/Pages/ChangePassword.cshtml

@@ -0,0 +1,29 @@
+@page
+@model WebApp.Pages.ChangePasswordModel
+@{
+}
+@if (ViewData["confirm"] != null)
+{
+    <div class="alert alert-primary" role="alert">
+        @ViewData["confirm"]
+    </div>
+}
+
+<form method="post">
+    <div class="mb-3">
+        <label asp-for="Password" class="form-label">Old password: </label>
+        <input asp-for="Password" class="form-control" />
+        <span asp-validation-for="Password" class="form-text" />
+    </div>
+    <div class="mb-3">
+        <label asp-for="NewPassword" class="form-label">New password: </label>
+        <input asp-for="NewPassword" class="form-control" />
+        <span asp-validation-for="NewPassword" class="form-text" />
+    </div>
+    <div class="mb-3">
+        <label asp-for="ConfirmPassword" class="form-label">Confirm password: </label>
+        <input asp-for="ConfirmPassword" class="form-control" />
+        <span asp-validation-for="ConfirmPassword" class="form-text" />
+    </div>
+    <input type="submit" value="Submit" class="btn btn-primary" />
+</form>

StudentHouseDashboard/WebApp/Pages/ChangePassword.cshtml.cs

@@ -0,0 +1,56 @@
+using Logic;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Models;
+using System.ComponentModel.DataAnnotations;
+using System.Security.Claims;
+
+namespace WebApp.Pages
+{
+    [Authorize]
+    public class ChangePasswordModel : PageModel
+    {
+        [BindProperty]
+        [DataType(DataType.Password)]
+        [Required(ErrorMessage = "Current password is required.")]
+        public string Password { get; set; }
+        [BindProperty]
+        [DataType(DataType.Password)]
+        [Required(ErrorMessage = "New password is required.")]
+        public string NewPassword { get; set; }
+        [BindProperty]
+        [DataType(DataType.Password)]
+        [Required(ErrorMessage = "Confirmation Password is required.")]
+        [Compare("NewPassword", ErrorMessage = "Confirmation field not matching. Check your new password for mistakes.")]
+        public string ConfirmPassword { get; set; }
+        public void OnGet()
+        {
+        }
+        public void OnPost()
+        {
+            UserManager userManager = new UserManager();
+            User user = userManager.GetUserById(int.Parse(User.FindFirstValue("id")));
+            if (NewPassword == null)
+            {
+                ViewData["confirm"] = "New password not entered. Password not changed.";
+                return;
+            }
+            if (NewPassword != ConfirmPassword)
+            {
+                ViewData["confirm"] = "Password fields do not match. Password not changed.";
+                return;
+            }
+            if (BCrypt.Net.BCrypt.Verify(Password, user.Password))
+            {
+                NewPassword = BCrypt.Net.BCrypt.HashPassword(NewPassword);
+                userManager.UpdateUser(user.ID, user.Name, NewPassword, user.Role);
+                ViewData["confirm"] = "Password successfully changed.";
+            }
+            else
+            {
+                ViewData["confirm"] = "Current password is not correct. Password not changed.";
+            }
+        }
+    }
+}

StudentHouseDashboard/WebApp/Pages/CreateAnnouncement.cshtml.cs

@@ -1,4 +1,5 @@
 using Logic;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Models;
@@ -6,6 +7,7 @@ using System.Security.Claims;
 
 namespace WebApp.Pages
 {
+    [Authorize]
     public class CreateAnnouncementModel : PageModel
     {
         [BindProperty]

StudentHouseDashboard/WebApp/Pages/DeleteAnnouncement.cshtml.cs

@@ -1,4 +1,5 @@
 using Logic;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Models;
@@ -6,6 +7,7 @@ using System.Security.Claims;
 
 namespace WebApp.Pages
 {
+    [Authorize]
     public class DeleteAnnouncementModel : PageModel
     {
         [BindProperty]

StudentHouseDashboard/WebApp/Pages/EditAnnouncement.cshtml.cs

@@ -1,4 +1,5 @@
 using Logic;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Models;
@@ -6,6 +7,7 @@ using System.Security.Claims;
 
 namespace WebApp.Pages
 {
+    [Authorize]
     public class EditAnnouncementModel : PageModel
     {
         [BindProperty]

StudentHouseDashboard/WebApp/Pages/Shared/_Layout.cshtml

@@ -50,6 +50,9 @@
                                     <a class="nav-link text-dark" asp-area="" asp-page="/Register">Create user</a>
                                 </li>
                             }
+                            <li class="nav-item">
+                                <a class="nav-link text-dark" asp-area="" asp-page="/ChangePassword">Change password</a>
+                            </li>
                             <li class="nav-item">
                                 <a class="nav-link text-dark" asp-area="" asp-page="/Logout">Logout</a>
                             </li>