public EmailUser AddUser(EmailUser user) { if (!IsValidUserName(user.Name)) { throw new InvalidOperationException(String.Format("{0} is not a valid user name.", user.Name)); } if (String.IsNullOrEmpty(user.Password)) { ThrowPasswordIsRequired(); } EnsureUserNameIsAvailable(user.Name); user.Status = 1; user.Salt = _crypto.CreateSalt(); user.LastActivity = DateTime.UtcNow; ValidatePassword(user.Password); user.Password = user.Password.ToSha256(user.Salt); _session.Store(user); _session.SaveChanges(); return user; }
public void ChangeUserName(EmailUser user, string newUserName) { if (!IsValidUserName(newUserName)) { throw new InvalidOperationException(String.Format("{0} is not a valid user name.", newUserName)); } if (user.Name.Equals(newUserName, StringComparison.OrdinalIgnoreCase)) { throw new InvalidOperationException("That's already your username..."); } EnsureUserNameIsAvailable(newUserName); // Update the user name user.Name = newUserName; }
public UserModule(ICryptoService crypto) : base("user") { //Get a list of all the users in the same organization as you. Get["/"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Unauthorized; } var user = DocumentSession.Load<EmailUser>(Principal.GetUserId()); var users = DocumentSession.Query<EmailUser>() .Where(u => u.Organization.Id == user.Organization.Id) .Select(c => new UserViewModel {Name = c.Name, Organization = c.Organization.Name}).ToList(); return Response.AsJson(users); }; Post["/"] = _ => { //If User is authenticated and is the org admin. if (IsAuthenticated && Principal.HasClaim(EmailRClaimTypes.Admin)) { return HttpStatusCode.Unauthorized; } var user = DocumentSession.Load<EmailUser>(Principal.GetUserId()); var createUser = this.Bind<CreateUserViewModel>(); var salt = crypto.CreateSalt(); var newUser = new EmailUser { Email = createUser.Email, FriendlyName = createUser.FriendlyName, //Id = Guid.NewGuid(), Password = createUser.Password.ToSha256(salt), Salt = salt, LoginType = "Default", Organization = user.Organization, Name = createUser.UserName, IsAdmin = false }; DocumentSession.Store(newUser); return HttpStatusCode.OK; }; }
public void ChangeUserPassword(EmailUser user, string oldPassword, string newPassword) { if (user.Password != oldPassword.ToSha256(user.Salt)) { throw new InvalidOperationException("Passwords don't match."); } ValidatePassword(newPassword); EnsureSaltedPassword(user, newPassword); }
private void EnsureSaltedPassword(EmailUser user, string password) { if (String.IsNullOrEmpty(user.Salt)) { user.Salt = _crypto.CreateSalt(); } user.Password = password.ToSha256(user.Salt); }
private EmailUser AddUser(string userName, string providerName, string identity, string email) { if (!IsValidUserName(userName)) { throw new InvalidOperationException(String.Format("{0} is not a valid user name.", userName)); } EnsureProviderAndIdentityAvailable(providerName, identity); // This method is used in the auth workflow. If the username is taken it will add a number // to the user name. if (UserExists(userName)) { throw new InvalidOperationException(String.Format("{0} is already in use.", userName)); } var user = new EmailUser { Name = userName, Status = 1, LastActivity = DateTime.UtcNow }; var emailUserIdentity = new EmailUserIdentity { Key = Guid.NewGuid(), User = user, Email = email, Identity = identity, ProviderName = providerName }; _session.Store(user); _session.Store(emailUserIdentity); _session.SaveChanges(); return user; }
public bool TryAuthenticateUser(string userName, string password, out EmailUser user) { user = _session.Query<EmailUser>().FirstOrDefault(x => x.Name == userName); if (user != null && user.Password == password.ToSha256(user.Salt)) return true; return false; }
public void SetUserPassword(EmailUser user, string password) { ValidatePassword(password); user.Password = password.ToSha256(user.Salt); }
public void ResetUserPassword(EmailUser user, string newPassword) { user.RequestPasswordResetId = null; user.RequestPasswordResetValidThrough = null; ValidatePassword(newPassword); EnsureSaltedPassword(user, newPassword); }
public void RequestResetPassword(EmailUser user, int requestValidThroughInHours) { user.RequestPasswordResetId = HttpServerUtility.UrlTokenEncode(_crypto.CreateToken(user.Name)); user.RequestPasswordResetValidThrough = DateTimeOffset.UtcNow.AddHours(requestValidThroughInHours); }
public void LinkIdentity(EmailUser user, ClaimsPrincipal claimsPrincipal) { var identity = claimsPrincipal.GetClaimValue(ClaimTypes.NameIdentifier); var email = claimsPrincipal.GetClaimValue(ClaimTypes.Email); var providerName = claimsPrincipal.GetIdentityProvider(); // Link this new identity user.Identities.Add(new EmailUserIdentity { Email = email, Identity = identity, ProviderName = providerName }); }
public LoginModule(IMembershipService membershipService, IUserAuthenticator authenticator) { //Get the login page. Get["/login"] = _ => { string returnUrl = Request.Query.returnUrl; if (IsAuthenticated) { return Response.AsRedirect(returnUrl); } var model = new LoginViewModel { ReturnUrl = returnUrl }; Model.LoginModel = model; return View["login", Model]; }; Get["/logout"] = parameters => { return View["login"]; }; //Login. Post["/login"] = parameters => { var model = this.Bind<LoginViewModel>(); //If user is already authenticated redirect them to the returnUrl. if (IsAuthenticated) return Response.AsRedirect(model.ReturnUrl); var result = this.Validate(model); if (!result.IsValid) { SaveErrors(result.Errors); Model.LoginModel = model; return View["login", Model]; } IList<Claim> claims; if (authenticator.TryAuthenticateUser(model.Username, model.Password, out claims)) { return this.SignIn(claims, model.ReturnUrl); } Page.ValidationSummary = "Your username or password was incorrect"; Model.LoginModel = model; return View["login", Model]; }; Get["/register"] = parameters => { var registerModel = new RegisterViewModel(); var returnUrl = Request.Query.returnUrl; registerModel.ReturnUrl = returnUrl; Model.RegisterModel = registerModel; return View["register", Model]; }; //Register a new user. Post["/register"] = _ => { var registerModel = this.Bind<RegisterViewModel>(); Model.RegisterModel = registerModel; var result = this.Validate(registerModel); if (!result.IsValid) { SaveErrors(result.Errors); return View["register", Model]; } var user = new EmailUser { Email = registerModel.Email, FriendlyName = registerModel.Name, Id = registerModel.UserName, IsAdmin = false, LoginType = "Default", Name = registerModel.UserName, Password = registerModel.Password }; user = membershipService.AddUser(user); return this.SignIn(user, registerModel.ReturnUrl); }; }
private static void AddClaim(CookieResponseSignInContext context, EmailUser user) { // Add the jabbr id claim context.Identity.AddClaim(new Claim(EmailRClaimTypes.Identifier, user.Id.ToString())); // Add the admin claim if the user is an Administrator if (user.IsAdmin) { context.Identity.AddClaim(new Claim(EmailRClaimTypes.Admin, "true")); } EnsurePersistentCookie(context); }