Ejemplo n.º 1
0
        public IActionResult Register([FromBody] RegistrationModel id)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return(BadRequest(ModelState));
                }

                if (!this._IsUsernameAvailable(id.Username))
                {
                    return(BadRequest());
                }

                string        salt = PasswordFactory.GenerateSalt();
                Entities.User item = new Entities.User(id)
                {
                    PasswordHash        = PasswordFactory.Hash(id.Password, salt),
                    PasswordSalt        = salt,
                    UTCRegistrationDate = DateTime.UtcNow,
                    Status = "A"
                };
                this._usersRepository.Add(item, true);

                return(CreatedAtAction("LoginAsync", "Token", new { id = item.ID }, item));
            }
            catch (Exception ex)
            {
                //TODO: SaveException
                return(StatusCode(StatusCodes.Status500InternalServerError));
            }
        }
        /// <summary>
        /// Authenticate the <paramref name="user"/>
        /// </summary>
        /// <param name="user">The user to be authenticated.</param>
        /// <param name="password">The password.</param>
        /// <param name="rememberMe">remember user or not</param>
        public Role Authenticate(User user, string password, bool rememberMe = false)
        {
            WebUser webUser = user as WebUser;

            if (webUser != null)
            {
                PasswordFactory passwordFactory = new PasswordFactory();

                bool result = passwordFactory.CheckPassword(webUser, password);

                if (result)
                {
                    UpdateAuthentication(user, rememberMe);

                    return(user.Role);
                }
            }
            else
            {
                FCUser fcUser = (FCUser)user;
                UpdateAuthentication(user, rememberMe);
                return(fcUser.Role);
            }

            return(null);
        }
Ejemplo n.º 3
0
        private async Task <User> AuthenticateAsync(LoginModel login)
        {
            User user = await this._usersRepository.FindByUsernameAsync(login.Username);

            if (user != null &&
                user.Username == login.Username &&
                PasswordFactory.Hash(login.Password, user.PasswordSalt) == user.PasswordHash)
            {
                return(user);
            }
            else
            {
                return(null);
            }
        }
Ejemplo n.º 4
0
        public async Task <IActionResult> ResetPasswordAsync([FromRoute] Guid id, [FromBody] PasswordResetModel item)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return(BadRequest(ModelState));
                }
                if (item.ID != id)
                {
                    return(BadRequest());
                }

                PasswordReset reset = await this._passwordResetRepository.FindValidAsync(id);

                if (reset != null)
                {
                    User user = await this._usersRepository.FindAsync(reset.UserId);

                    string salt = PasswordFactory.GenerateSalt();
                    user.PasswordSalt = salt;
                    user.PasswordHash = PasswordFactory.Hash(item.Password, salt);

                    await this._usersRepository.UpdateAsync(user, true);

                    reset.Used          = true;
                    reset.UtcExpiration = DateTime.UtcNow;

                    await this._passwordResetRepository.UpdateAsync(reset, true);

                    return(NoContent());
                }
                return(Unauthorized());
            }
            catch (Exception ex)
            {
                //TODO: SaveException
                return(StatusCode(StatusCodes.Status500InternalServerError));
            }
        }
Ejemplo n.º 5
0
        public async Task <IActionResult> UpdateAsync(long id, [FromBody] User item)
        {
            try
            {
                ModelState.Remove("Password");
                ModelState.Remove("PasswordHash");
                ModelState.Remove("PasswordSalt");
                if (!ModelState.IsValid)
                {
                    return(BadRequest(ModelState));
                }

                if (id != item.ID)
                {
                    return(BadRequest());
                }

                if (this.UserExists(id))
                {
                    if (item.Password != null)
                    {
                        item.PasswordSalt = PasswordFactory.GenerateSalt();
                        item.PasswordHash = PasswordFactory.Hash(item.Password, item.PasswordSalt);
                    }

                    await this._usersRepository.UpdateAsync(item, true);
                }
                else
                {
                    return(NotFound());
                }

                return(NoContent());
            }
            catch (Exception ex)
            {
                //TODO: SaveException
                return(StatusCode(StatusCodes.Status500InternalServerError));
            }
        }
Ejemplo n.º 6
0
        public ActionResult Login(string name, string pass, string Submit)
        {
            if (Submit == "LogOut")
            {
                new SessionManager(this).LogOut();
                ViewBag.Status = "Logged out";
                return(View("Index"));
            }
            var user = sql.Users.Where(r => r.Login == name).FirstOrDefault();

            if (user == null)
            {
                ViewBag.Status = "User not found";
                ViewBag.Error  = true;
                return(View("Index"));
            }

            if (!user.HasPermission(Misc.Permission.Login))
            {
                ViewBag.Status = "You don't have the required permissions";
                ViewBag.Error  = true;
            }
            else if (!PasswordFactory.ComparePasswordsPbkdf2(pass, user.Password))
            {
                ViewBag.Status = "Incorrect name or password";
                ViewBag.Error  = true;
            }
            else
            {
                var sessionManager = new SessionManager(this);
                sessionManager.LoggedInUser = user;
                ViewBag.Status = "Logged in as " + user.Name;
            }

            return(View("Index"));
        }
Ejemplo n.º 7
0
        public void TestPasswordFactory()
        {
            string passwordHash = PasswordFactory.GetPasswordHash("options4", "SfvazjIY97UZDui3oTeNM4JkQtH1AphmQ1WxcdOncpc=");

            Assert.AreEqual(passwordHash, "ozv8q0bDO80txn83Cc5t7Un72s4yGPe1");
        }