/// <summary>
/// 处理来自客户端的同步调用请求。
/// </summary>
public byte[] HandleQuery(string sourceUserID, int informationType, byte[] info)
{
if (informationType == InformationTypes.GetFriendIDList)
{
List <string> friendIDs = this.globalCache.GetFriends(sourceUserID);
return(CompactPropertySerializer.Default.Serialize <List <string> >(friendIDs));
}
if (informationType == InformationTypes.AddFriend)
{
AddFriendContract contract = CompactPropertySerializer.Default.Deserialize <AddFriendContract>(info, 0);
bool isExist = this.globalCache.IsUserExist(contract.FriendID);
if (!isExist)
{
return(BitConverter.GetBytes((int)AddFriendResult.FriendNotExist));
}
this.globalCache.AddFriend(sourceUserID, contract.FriendID, contract.CatalogName);
//0922
GGUser owner = this.globalCache.GetUser(sourceUserID);
byte[] ownerBuff = CompactPropertySerializer.Default.Serialize <GGUser>(owner);
//通知对方
this.rapidServerEngine.CustomizeController.Send(contract.FriendID, InformationTypes.FriendAddedNotify, ownerBuff, true, ESFramework.ActionTypeOnChannelIsBusy.Continue);
return(BitConverter.GetBytes((int)AddFriendResult.Succeed));
}
if (informationType == InformationTypes.GetAllContacts)
{
List <string> contacts = this.globalCache.GetAllContacts(sourceUserID);
Dictionary <string, GGUser> contactDic = new Dictionary <string, GGUser>();
foreach (string friendID in contacts)
{
if (!contactDic.ContainsKey(friendID))
{
GGUser friend = this.globalCache.GetUser(friendID);
if (friend != null)
{
contactDic.Add(friendID, friend);
}
}
}
return(CompactPropertySerializer.Default.Serialize <List <GGUser> >(new List <GGUser>(contactDic.Values)));
}
if (informationType == InformationTypes.GetSomeUsers)
{
List <string> friendIDs = CompactPropertySerializer.Default.Deserialize <List <string> >(info, 0);
List <GGUser> friends = new List <GGUser>();
foreach (string friendID in friendIDs)
{
GGUser friend = this.globalCache.GetUser(friendID);
if (friend != null)
{
friends.Add(friend);
}
}
return(CompactPropertySerializer.Default.Serialize <List <GGUser> >(friends));
}
if (informationType == InformationTypes.GetContactsRTData)
{
List <string> contacts = this.globalCache.GetAllContacts(sourceUserID);
Dictionary <string, UserRTData> dic = new Dictionary <string, UserRTData>();
foreach (string friendID in contacts)
{
if (!dic.ContainsKey(friendID))
{
GGUser data = this.globalCache.GetUser(friendID);
if (data != null)
{
UserRTData rtData = new UserRTData(data.UserStatus, data.Version);
dic.Add(friendID, rtData);
}
}
}
Dictionary <string, int> groupVerDic = this.globalCache.GetMyGroupVersions(sourceUserID);
ContactsRTDataContract contract = new ContactsRTDataContract(dic, groupVerDic);
return(CompactPropertySerializer.Default.Serialize(contract));
}
if (informationType == InformationTypes.GetUserInfo)
{
string target = System.Text.Encoding.UTF8.GetString(info);
GGUser user = this.globalCache.GetUser(target);
if (user == null)
{
return(null);
}
if (sourceUserID != target) //0922
{
user = user.PartialCopy;
}
return(CompactPropertySerializer.Default.Serialize <GGUser>(user));
}
if (informationType == InformationTypes.GetMyGroups)
{
List <GGGroup> myGroups = this.globalCache.GetMyGroups(sourceUserID);
return(CompactPropertySerializer.Default.Serialize(myGroups));
}
if (informationType == InformationTypes.GetSomeGroups)
{
List <string> groups = ESPlus.Serialization.CompactPropertySerializer.Default.Deserialize <List <string> >(info, 0);
List <GGGroup> myGroups = new List <GGGroup>();
foreach (string groupID in groups)
{
GGGroup group = this.globalCache.GetGroup(groupID);
if (group != null)
{
myGroups.Add(group);
}
}
return(CompactPropertySerializer.Default.Serialize(myGroups));
}
if (informationType == InformationTypes.JoinGroup)
{
string groupID = System.Text.Encoding.UTF8.GetString(info);
JoinGroupResult res = this.globalCache.JoinGroup(sourceUserID, groupID);
if (res == JoinGroupResult.Succeed)
{
//通知其它组成员
this.rapidServerEngine.ContactsController.Broadcast(groupID, BroadcastTypes.SomeoneJoinGroup, System.Text.Encoding.UTF8.GetBytes(sourceUserID), null, ESFramework.ActionTypeOnChannelIsBusy.Continue);
}
return(BitConverter.GetBytes((int)res));
}
if (informationType == InformationTypes.CreateGroup)
{
CreateGroupContract contract = CompactPropertySerializer.Default.Deserialize <CreateGroupContract>(info, 0);
CreateGroupResult res = this.globalCache.CreateGroup(sourceUserID, contract.ID, contract.Name, contract.Announce);
return(BitConverter.GetBytes((int)res));
}
if (informationType == InformationTypes.GetGroup)
{
string groupID = System.Text.Encoding.UTF8.GetString(info);
GGGroup group = this.globalCache.GetGroup(groupID);
return(CompactPropertySerializer.Default.Serialize(group));
}
if (informationType == InformationTypes.ChangePassword)
{
ChangePasswordContract contract = CompactPropertySerializer.Default.Deserialize <ChangePasswordContract>(info, 0);
ChangePasswordResult res = this.globalCache.ChangePassword(sourceUserID, contract.OldPasswordMD5, contract.NewPasswordMD5);
return(BitConverter.GetBytes((int)res));
}
return(null);
}
private void RaiseChangePassword(long transactionId, Exception error)
{
ChangePasswordResult?.Invoke(transactionId, error);
}
/// <summary>
/// 更改密码
/// </summary>
/// <param name="request">请求模型</param>
/// <returns>结果</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (string.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (string.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
if (request.ValidateRequest)
{
//验证输入的旧密码与保存的旧密码是否匹配
if (!PasswordsMatch(_customerService.GetCurrentPassword(customer.Id), request.OldPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
return(result);
}
}
//检查重复密码
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//获取以前的一些密码
var previousPasswords = _customerService.GetCustomerPasswords(customer.Id, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber);
var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password, request.NewPassword));
if (newPasswordMatchesWithPrevious)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious"));
return(result);
}
}
var customerPassword = new CustomerPassword
{
Customer = customer,
PasswordFormat = request.NewPasswordFormat
};
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
customerPassword.Password = request.NewPassword;
break;
case PasswordFormat.Encrypted:
customerPassword.Password = _encryptionService.EncryptText(request.NewPassword);
break;
case PasswordFormat.Hashed:
{
var saltKey = _encryptionService.CreateSaltKey(5);
customerPassword.PasswordSalt = saltKey;
customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
}
_customerService.InsertCustomerPassword(customerPassword);
_eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword));
return(result);
}
public override ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
string errCode;
ChangePasswordResult result = null;
var results = new ChangePasswordResult();
if (IsValidPassword(request.NewPassword, out errCode))
{
result = base.ChangePassword(request);
}
else
{
switch (errCode.ToUpper())
{
case "ERROR_PASSWORD_NO_LETTER":
case "ERROR_PASSWORD_NO_NUMBER":
case "ERROR_PASSWORD_LENGTH":
results.AddError("Passwords must contain at least 1 letter, 1 number, and be at least 8 characters long.");
break;
default:
break;
}
return(results);
}
try
{
var miscPlugins = _pluginFinder.GetPlugins <MyLoginServicePlugin>(storeId: _storeContext.CurrentStore.Id).ToList();
if (miscPlugins.Count > 0)
{
if (result.Errors.Count < 1)
{
WebClient client = new WebClient();
client.Headers.Add("Content-Type", "application/json");
client.Credentials = new NetworkCredential(_gbsLoginSettings.GBSCustomerWebServiceUserName, _gbsLoginSettings.GBSCustomerWebServicePassword);
UserModel model = new UserModel();
model.currentEmailAddress = request.Email;
model.emailAddress = request.Email;
model.currentPassword = request.OldPassword;
model.password = request.NewPassword;
model.updateEmail = false;
model.updatePassword = true;
string loginJSON = JsonConvert.SerializeObject(model, Formatting.Indented);
string responseString = client.UploadString(_gbsLoginSettings.GBSUpdateCustomerWebService, loginJSON);
if (responseString.ToUpper() != "SUCCESS")
{
_logger.Error("ChangePassword() Override", new Exception(responseString), null);
}
switch (responseString.ToUpper())
{
case "ERROR_PASSWORD_NO_LETTER":
case "ERROR_PASSWORD_NO_NUMBER":
case "ERROR_PASSWORD_LENGTH":
result.AddError("Passwords must contain at least 1 letter, 1 number, and be at least 8 characters long.");
break;
default:
break;
}
return(result);
}
}
}
catch (Exception ex)
{
_logger.Error("ChangePassword() Override", ex, null);
}
return(result);
}
/// <summary>
/// Changes the password
/// </summary>
private async void Save()
{
SetWarning(false, string.Empty);
SetInputState();
if (!this.CheckInputParameters() || !this.CheckNewPassword())
{
return;
}
this.IsBusy = true;
this.ControlState = false;
this.SaveButtonState = false;
ChangePasswordResult result = ChangePasswordResult.Unknown;
var changePassword = new ChangePasswordRequestListenerAsync();
var mfaStatus = await AccountService.CheckMultiFactorAuthStatusAsync();
if (mfaStatus == MultiFactorAuthStatus.Enabled)
{
this.OnHideDialog();
await DialogService.ShowAsyncMultiFactorAuthCodeInputDialogAsync(async (string code) =>
{
result = await changePassword.ExecuteAsync(() =>
{
SdkService.MegaSdk.multiFactorAuthChangePasswordWithoutOld(
this.NewPassword, code, changePassword);
});
if (result == ChangePasswordResult.MultiFactorAuthInvalidCode)
{
DialogService.SetMultiFactorAuthCodeInputDialogWarningMessage();
return(false);
}
return(true);
});
this.OnShowDialog();
}
else
{
result = await changePassword.ExecuteAsync(() =>
SdkService.MegaSdk.changePasswordWithoutOld(this.NewPassword, changePassword));
}
this.IsBusy = false;
this.ControlState = true;
this.SaveButtonState = true;
if (result != ChangePasswordResult.Success)
{
SetWarning(true, ResourceService.AppMessages.GetString("AM_PasswordChangeFailed"));
return;
}
OnHideDialog();
await DialogService.ShowAlertAsync(
ResourceService.AppMessages.GetString("AM_PasswordChanged_Title"),
ResourceService.AppMessages.GetString("AM_PasswordChanged"));
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual async Task <ChangePasswordResult> ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_translationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_translationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = await _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_translationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
if (request.ValidateRequest)
{
string oldPwd = "";
switch (customer.PasswordFormatId)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword, customer.PasswordSalt);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
if (oldPwd != customer.Password)
{
result.AddError(_translationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
return(result);
}
}
//check for duplicates
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//get some of previous passwords
var previousPasswords = await _customerHistoryPasswordService.GetPasswords(customer.Id, passwordsToReturn : _customerSettings.UnduplicatedPasswordsNumber);
var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordMatch(password, request));
if (newPasswordMatchesWithPrevious)
{
result.AddError(_translationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious"));
return(result);
}
}
switch (request.PasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.PasswordSalt = CommonHelper.GenerateRandomDigitCode(24);
customer.Password = _encryptionService.EncryptText(request.NewPassword, customer.PasswordSalt);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
customer.PasswordChangeDateUtc = DateTime.UtcNow;
customer.PasswordFormatId = request.PasswordFormat;
await _customerService.UpdateCustomer(customer);
//insert password history
await _customerHistoryPasswordService.InsertCustomerPassword(customer);
//create new login token
await _userFieldService.SaveField(customer, SystemCustomerFieldNames.PasswordToken, Guid.NewGuid().ToString());
return(result);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (string.IsNullOrWhiteSpace(request.Email))
{
result.AddError("Email地址不能为空");
return(result);
}
if (string.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError("密码不能为空");
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError("此Email地址未在系统中注册,无法查询关联客户");
return(result);
}
if (request.ValidateRequest)
{
//request isn't valid
if (!PasswordsMatch(_customerService.GetCurrentPassword(customer.Id), request.OldPassword))
{
result.AddError("旧密码不正确");
return(result);
}
}
//check for duplicates
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//get some of previous passwords
var previousPasswords = _customerService.GetCustomerPasswords(customer.Id, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber);
var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password, request.NewPassword));
if (newPasswordMatchesWithPrevious)
{
result.AddError("此密码已经使用过了,不能再次使用");
return(result);
}
}
//at this point request is valid
var customerPassword = new CustomerPassword
{
Customer = customer,
PasswordFormat = request.NewPasswordFormat,
CreatedOnUtc = DateTime.UtcNow
};
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
customerPassword.Password = request.NewPassword;
break;
case PasswordFormat.Encrypted:
customerPassword.Password = _encryptionService.EncryptText(request.NewPassword);
break;
case PasswordFormat.Hashed:
{
var saltKey = _encryptionService.CreateSaltKey(SALT_KEY_SIZE);
customerPassword.PasswordSalt = saltKey;
customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
}
_customerService.InsertCustomerPassword(customerPassword);
//publish event
_eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword));
return(result);
}
public ChangePasswordResultTests()
{
_changePasswordResult = new ChangePasswordResult();
}
public IActionResult Post([FromForm] string currentPassword, [FromForm] string newPassword, [FromForm] string cookieFailKey = null)
{
this.Response.Headers.Add("Cache-Control", "no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
var keyInfo = new CookieFailKeyInfo(cookieFailKey);
string step1Url = "";
string step2Url = "";
var step1InterestsValues = new List <KeyValuePair <string, string> >();
var step2InterestsValues = new List <KeyValuePair <string, string> >();
ChangePasswordResult info = new ChangePasswordResult();
var isSecurePassword = false;
var newPasswordStatus = LoginHelper.IsPasswordOk(newPassword);
if (!newPasswordStatus)
{
info.IsWeakPassword = !newPasswordStatus;
info.Warning = 1;
return(Json(info));
}
isSecurePassword = newPasswordStatus;
var navigationInfo = NavigationHelper.GetNavigation(HttpContext, keyInfo);
string key = "";
if (keyInfo.IsVaild)
{
key = keyInfo.Key;
var tmpUrl = keyInfo.AvailableAssignmentsUrl;
}
else
{
byte[] cookieData;
if (HttpContext.Session.TryGetValue("Session-Cookie", out cookieData))
{
key = System.Text.Encoding.UTF8.GetString(cookieData);
}
else
{
info.Warning = 3;
return(Json(info));
}
}
var cookieContainer = new CookieContainer();
cookieContainer.Add(new Uri("http://volontar.polisen.se/"), new Cookie("PHPSESSID", key));
using (var handler = new HttpClientHandler()
{
CookieContainer = cookieContainer
})
{
if (navigationInfo != null)
{
// TODO: 3. If no valid login, return false
// TODO: 4a. Add session info
// TODO: 4b. return true;
HttpClient client = new HttpClient(handler);
using (var response = client.GetAsync("http://volontar.polisen.se/" + navigationInfo.ChangePasswordUrl).Result)
{
using (var responseContent = response.Content)
{
var step01Content = responseContent.ReadAsStringAsync().Result;
// action="([^"]+)"
var urlMatch = Regex.Match(step01Content, "action=\"(?<url>[^\"]+)\"");
if (urlMatch.Success)
{
var urlGroup = urlMatch.Groups["url"];
if (urlGroup.Success)
{
step1Url = "http://volontar.polisen.se/" + urlGroup.Value.Replace("../", "");
}
}
// name="([^"]+)" value="([^"]+)"
var nameAndValuePairsMatch = Regex.Matches(step01Content, "name=\"(?<name>[^\"]+)\" value=\"(?<value>[^\"]+)\"");
foreach (Match nameAndValuePairMatch in nameAndValuePairsMatch)
{
if (nameAndValuePairMatch.Success)
{
var nameGroup = nameAndValuePairMatch.Groups["name"];
var valueGroup = nameAndValuePairMatch.Groups["value"];
if (nameGroup.Success && valueGroup.Success)
{
step1InterestsValues.Add(new KeyValuePair <string, string>(nameGroup.Value, valueGroup.Value));
}
}
}
if (step1InterestsValues.Count > 0)
{
step1InterestsValues.Add(new KeyValuePair <string, string>("password", currentPassword));
step1InterestsValues.Add(new KeyValuePair <string, string>("submit_19_12", "Gå+vidare"));
}
}
}
if (string.IsNullOrEmpty(step1Url) || step1InterestsValues.Count < 3)
{
info.Warning = 4;
return(Json(info));
}
// Verify current password AND get values for step 2
var step1Content = new FormUrlEncodedContent(step1InterestsValues);
using (var response = client.PostAsync(step1Url, step1Content).Result)
{
using (var responseContent = response.Content)
{
var step02Content = responseContent.ReadAsStringAsync().Result;
// action="([^"]+)"
var urlMatch = Regex.Match(step02Content, "action=\"(?<url>[^\"]+)\"");
if (urlMatch.Success)
{
var urlGroup = urlMatch.Groups["url"];
if (urlGroup.Success)
{
step2Url = "http://volontar.polisen.se/" + urlGroup.Value.Replace("../", "");
}
}
// name="([^"]+)" value="([^"]+)"
var nameAndValuePairsMatch = Regex.Matches(step02Content, "name=\"(?<name>[^\"]+)\" value=\"(?<value>[^\"]+)\"");
foreach (Match nameAndValuePairMatch in nameAndValuePairsMatch)
{
if (nameAndValuePairMatch.Success)
{
var nameGroup = nameAndValuePairMatch.Groups["name"];
var valueGroup = nameAndValuePairMatch.Groups["value"];
if (nameGroup.Success && valueGroup.Success)
{
step2InterestsValues.Add(new KeyValuePair <string, string>(nameGroup.Value, valueGroup.Value));
}
}
}
if (step2InterestsValues.Count > 0)
{
step2InterestsValues.Add(new KeyValuePair <string, string>("cont_cont/password", newPassword));
step2InterestsValues.Add(new KeyValuePair <string, string>("submit_28_2", "Byt+lösenord"));
}
}
}
if (string.IsNullOrEmpty(step2Url) || step2InterestsValues.Count < 3)
{
info.Warning = 4;
return(Json(info));
}
if (step1Url == step2Url)
{
// Invalid current password
info.Warning = 6;
return(Json(info));
}
// Change password
var step2Content = new FormUrlEncodedContent(step2InterestsValues);
using (var response = client.PostAsync(step2Url, step2Content).Result)
{
using (var responseContent = response.Content)
{
var step03Content = responseContent.ReadAsStringAsync().Result;
// action="([^"]+)"
var urlMatch = Regex.Match(step03Content, "Ditt lösenord är nu uppdaterat");
if (urlMatch.Success)
{
info.IsSuccess = true;
return(Json(info));
}
else
{
info.Warning = 4;
return(Json(info));
}
}
}
}
else
{
info.Warning = 3;
return(Json(info));
}
}
}
