/// <summary>Asynchronously authenticates the request.</summary> /// <returns>The task that completes the authentication.</returns> /// <param name="context">The authentication context.</param> /// <param name="cancellationToken">The cancellation token.</param> public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException(nameof(context)); } HttpRequestMessage request = context.Request; if (request == null) { throw new InvalidOperationException("Request must not be null"); } if (context.ActionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Count > 0) { return; } if (context.Request.Headers.Authorization == null) { Unauthorized(context); return; } try { var authHeader = request.Headers.Authorization.Parameter; var accessToken = JsonConvert.DeserializeObject <AccessToken>(AccessTokenGenerator.DecryptToken(authHeader)); string cacheToken = RedisHelper.StringGet($"{SystemPlatform.FiiiCoinWork}:Investor:{accessToken.Username}"); if (authHeader == cacheToken) { var bc = new InvestorAccountComponent(); InvestorAccount account = bc.GetByUsername(accessToken.Username); if (account.Status == AccountStatus.Locked) { AccountLocked(context); return; } string lan = context.Request.Headers.AcceptLanguage.FirstOrDefault()?.Value ?? "en"; RedisHelper.StringSet($"{SystemPlatform.FiiiCoinWork}:Language:{account.Username}", lan); SetSecurityPrincipal(ref context, account); } else { Unauthorized(context); } } catch (Exception) { Unauthorized(context); } }
public AccountInfoDTO GetUserInfo(InvestorAccount investor) { return(new AccountInfoDTO { Username = investor.Username, InvestorName = investor.InvestorName, Cellphone = GetMaskedCellphone("", investor.Cellphone), IsResetPassword = investor.IsUpdatePassword, IsResetPIN = investor.IsUpdatePin }); }
public void ModifyPIN(InvestorAccount investor, string oldPIN, string newPIN) { string plainNewPIN = AES128.Decrypt(newPIN, AES128.DefaultKey); if (PasswordHasher.VerifyHashedPassword(investor.PIN, plainNewPIN)) { throw new CommonException(ReasonCode.PIN_MUST_BE_DIFFERENT, R.新旧Pin码不能一致); } VerifyPIN(investor, oldPIN); new InvestorAccountDAC().UpdatePIN(investor.Id, PasswordHasher.HashPassword(plainNewPIN)); new InvestorAccountDAC().UpdatePINStatus(investor.Id, 1); }
private SignonDTO IssueAccessToken(InvestorAccount user) { var accessToken = AccessTokenGenerator.IssueToken(user.Username); var keyLoginToken = $"{SystemPlatform.FiiiCoinWork}:Investor:{user.Username}"; RedisHelper.StringSet(keyLoginToken, accessToken, TimeSpan.FromSeconds(AccessTokenGenerator.EXPIRY_TIME)); return(new SignonDTO { AccessToken = accessToken }); }
public void ModifyPassword(InvestorAccount investor, string oldPassword, string newPassword) { string plainNewPassword = AES128.Decrypt(newPassword, AES128.DefaultKey); string plainOldPassword = AES128.Decrypt(oldPassword, AES128.DefaultKey); if (!PasswordHasher.VerifyHashedPassword(investor.Password, plainOldPassword)) { throw new CommonException(ReasonCode.WRONG_OLD_PASSWORD_ENTERRED, R.原密码不正确); } if (PasswordHasher.VerifyHashedPassword(investor.Password, plainNewPassword)) { throw new CommonException(ReasonCode.WRONG_OLD_PASSWORD_ENTERRED, R.新旧密码不能一致); } new InvestorAccountDAC().UpdatePassword(investor.Id, PasswordHasher.HashPassword(plainNewPassword)); new InvestorAccountDAC().UpdatePasswordStatus(investor.Id, 1); }
public SignonDTO Login(string username, string password) { InvestorAccount user = CheckUser(username, password); return(IssueAccessToken(user)); }
public string VerifyPIN(InvestorAccount investor, string encryptPin) { new SecurityComponent().InvestorVerifyPin(investor, encryptPin); return(new SecurityVerification(SystemPlatform.FiiiCoinWork).GenegeToken(SecurityMethod.Pin)); }
public TransferResult Transfer(InvestorAccount account, int countryId, string cellphone, decimal amount, string pinToken) { new SecurityVerification(SystemPlatform.FiiiCoinWork).VerifyToken(pinToken, SecurityMethod.Pin); CountryDAC countryDac = new CountryDAC(); UserAccountDAC userAccountDac = new UserAccountDAC(); Country country = countryDac.GetById(countryId); if (country == null) { throw new CommonException(ReasonCode.GENERAL_ERROR, R.AccountNotExist); } UserAccount userAccount = userAccountDac.GetByCountryIdAndCellphone(countryId, cellphone); if (userAccount == null) { throw new CommonException(ReasonCode.GENERAL_ERROR, R.AccountNotExist); } InvestorAccountDAC accountDac = new InvestorAccountDAC(); if (account.Balance < amount) { throw new CommonException(ReasonCode.GENERAL_ERROR, R.余额不足); } UserWalletDAC userWalletDac = new UserWalletDAC(); UserWallet userWallet = userWalletDac.GetByAccountId(userAccount.Id, FiiiCoinUtility.Cryptocurrency.Id); InvestorOrder investorOrder; UserDeposit userDeposit; using (var scope = new TransactionScope()) { if (userWallet == null) { userWallet = new UserWalletComponent().GenerateWallet(userAccount.Id, FiiiCoinUtility.Cryptocurrency.Id); } accountDac.Decrease(account.Id, amount); investorOrder = new InvestorOrderDAC().Insert(new InvestorOrder { Id = Guid.NewGuid(), OrderNo = CreateOrderNo(), TransactionType = InvestorTransactionType.Transfer, Status = 1, InverstorAccountId = account.Id, UserAccountId = userAccount.Id, CryptoId = FiiiCoinUtility.Cryptocurrency.Id, CryptoAmount = amount, Timestamp = DateTime.UtcNow }); new InvestorWalletStatementDAC().Insert(new InvestorWalletStatement { Id = Guid.NewGuid(), InvestorId = account.Id, TagAccountId = userAccount.Id, Action = InvestorTransactionType.Transfer, Amount = -amount, Balance = account.Balance - amount, Timestamp = DateTime.UtcNow }); // 2018-06-26: new rules IncreaseFrozen -> Increase userWalletDac.Increase(userWallet.Id, amount); userDeposit = new UserDepositDAC().Insert(new UserDeposit { UserAccountId = userAccount.Id, UserWalletId = userWallet.Id, FromAddress = null, FromTag = null, ToAddress = null, ToTag = null, Amount = amount, Status = TransactionStatus.Confirmed, Timestamp = DateTime.UtcNow, OrderNo = CreateOrderNo(), TransactionId = account.Id.ToString(), SelfPlatform = true, RequestId = null }); scope.Complete(); } InvestorMSMQ.PubUserDeposit(userDeposit.Id, 0); return(new TransferResult { OrderId = investorOrder.Id, OrderNo = investorOrder.OrderNo, TargetAccount = GetMaskedCellphone(country.PhoneCode, userAccount.Cellphone), Timestamp = DateTime.UtcNow.ToUnixTime() }); }
public string GetBanlance(InvestorAccount account) { return((account?.Balance ?? 0).ToString(FiiiCoinUtility.Cryptocurrency.DecimalPlace)); }
public string GetTotalAssets(InvestorAccount account) { return((account?.Balance ?? 0).ToString(2)); }
private void SetSecurityPrincipal(ref HttpAuthenticationContext context, InvestorAccount account) { UserIdentity identity = new UserIdentity(account); context.Principal = new UserPrincipal(identity); }
public UserIdentity(InvestorAccount user) { User = user; }