Ejemplo n.º 1
0
        private void OnBeginRequest(object sender, EventArgs args)
        {
            HttpContext context = HttpContext.Current;
            string      query   = context.Request.RawUrl;

            const string QParamName = "QPARAM";

            if (context.Request.Url.OriginalString.Contains(".aspx") && query.Contains("?") && context.Request.Cookies.AllKeys.Contains(".ASPXAUTH"))
            {
                var param = query.Split(new char[] { '?' }, 2);
                if (param.Length == 2)
                {
                    if (query.Contains(QParamName))
                    {
                        var encrypted = context.Request.QueryString[QParamName];
                        context.RewritePath(param[0], string.Empty, SecurityModelCrypto.Decrypt(encrypted));
                    }
                    else if (0 == string.Compare(context.Request.HttpMethod, "GET", true))
                    {
                        string newUrl = string.Format("{0}?{1}={2}", param[0], QParamName, SecurityModelCrypto.Encrypt(param[1]));
                        context.Response.Redirect(newUrl);
                    }
                }
            }
        }
Ejemplo n.º 2
0
 public virtual void CreateUser(tbs_User user)
 {
     using (SecurityEntities sc = new SecurityEntities())
         using (TransactionScope ts = new TransactionScope())
         {
             var      mapper  = ServiceContainer.GetService <IMapper>();
             tbs_User newUser = mapper.Map <tbs_User>(user);
             newUser.Password = SecurityModelCrypto.HashEncrypt(user.Password);
             sc.tbs_User.Add(newUser);
             sc.SaveChanges();
             ts.Complete();
         }
 }
Ejemplo n.º 3
0
        public virtual void UpdateUser(tbs_User user)
        {
            using (SecurityEntities sc = new SecurityEntities())
                using (TransactionScope ts = new TransactionScope())
                {
                    var mapper = ServiceContainer.GetService <IMapper>();

                    var      passList = sc.tbs_User.Where(u => u.UserCode == user.UserCode).Select(u => u.Password).ToList();
                    string   pass     = passList.Count > 0 ? passList[0] : string.Empty;
                    tbs_User edited   = mapper.Map <tbs_User>(user);
                    if (false == edited.Password.Equals(pass) || string.IsNullOrEmpty(pass))
                    {
                        edited.Password = SecurityModelCrypto.HashEncrypt(edited.Password);
                    }

                    sc.tbs_User.Attach(edited);
                    sc.Entry(edited).State = System.Data.Entity.EntityState.Modified;
                    sc.SaveChanges();
                    ts.Complete();
                }
        }
Ejemplo n.º 4
0
        public virtual bool ChangePassword(string userCode, string oldPassword, string newPassword)
        {
            using (SecurityEntities db = new SecurityEntities())
            {
                string encryptedOld = SecurityModelCrypto.HashEncrypt(oldPassword);
                var    users        = db.tbs_User
                                      .Where(a => (a.UserCode == userCode) &&
                                             a.Password == encryptedOld)
                                      .ToList();
                if (users.Count != 1)
                {
                    return(false);
                }

                string encryptedNew = SecurityModelCrypto.HashEncrypt(newPassword);
                users[0].Password        = encryptedNew;
                db.Entry(users[0]).State = System.Data.Entity.EntityState.Modified;
                db.SaveChanges();

                return(true);
            }
        }
Ejemplo n.º 5
0
        public virtual bool Authenticate(string loginName, string password)
        {
            string encrypted = SecurityModelCrypto.HashEncrypt(password);

            return(Repository.TryAuthenticate(loginName, encrypted));
        }