private static bool ValidatePasswordHashed(UserPartRecord partRecord, string password)
{
var saltBytes = Convert.FromBase64String(partRecord.PasswordSalt);
var passwordBytes = Encoding.Unicode.GetBytes(password);
var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();
byte[] hashBytes;
using (var hashAlgorithm = HashAlgorithm.Create(partRecord.HashAlgorithm)) {
hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
}
return(partRecord.Password == Convert.ToBase64String(hashBytes));
}
private bool ValidatePassword(UserPartRecord partRecord, string password)
{
// Note - the password format stored with the record is used
// otherwise changing the password format on the site would invalidate
// all logins
switch (partRecord.PasswordFormat)
{
case MembershipPasswordFormat.Clear:
return(ValidatePasswordClear(partRecord, password));
case MembershipPasswordFormat.Hashed:
return(ValidatePasswordHashed(partRecord, password));
case MembershipPasswordFormat.Encrypted:
return(ValidatePasswordEncrypted(partRecord, password));
default:
throw new ApplicationException("Unexpected password format value");
}
}
void SetPassword(UserPartRecord partRecord, string password)
{
switch (GetSettings().PasswordFormat)
{
case MembershipPasswordFormat.Clear:
SetPasswordClear(partRecord, password);
break;
case MembershipPasswordFormat.Hashed:
SetPasswordHashed(partRecord, password);
break;
case MembershipPasswordFormat.Encrypted:
SetPasswordEncrypted(partRecord, password);
break;
default:
throw new ApplicationException(T("Unexpected password format value").ToString());
}
}
private static void SetPasswordHashed(UserPartRecord partRecord, string password)
{
var saltBytes = new byte[0x10];
using (var random = new RNGCryptoServiceProvider()) {
random.GetBytes(saltBytes);
}
var passwordBytes = Encoding.Unicode.GetBytes(password);
var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();
byte[] hashBytes;
using (var hashAlgorithm = HashAlgorithm.Create(partRecord.HashAlgorithm)) {
hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
}
partRecord.PasswordFormat = MembershipPasswordFormat.Hashed;
partRecord.Password = Convert.ToBase64String(hashBytes);
partRecord.PasswordSalt = Convert.ToBase64String(saltBytes);
}
/// <summary>
/// Crea nuovo record dati click.
/// </summary>
private void InsertClick(int pageId, ReactionsUserIds reactionsUserIds, int actionType, UserReactionsTypesRecord reactType)
{
UserPartRecord userRec = null;
string guid = null;
UserReactionsClickRecord clickRecord = new UserReactionsClickRecord();
clickRecord.CreatedUtc = _clock.UtcNow;
clickRecord.ContentItemRecordId = pageId;
clickRecord.ActionType = actionType;
clickRecord.UserReactionsTypesRecord = reactType;
if (reactionsUserIds.Id > 0)
{
userRec = _repoUser.Table.Where(w => w.Id.Equals(reactionsUserIds.Id)).FirstOrDefault();
}
else
{
guid = reactionsUserIds.Guid;
}
clickRecord.UserPartRecord = userRec;
clickRecord.UserGuid = guid;
_repoClick.Create(clickRecord);
}
public void PolicyForItemUpdate(PolicyForUserViewModel viewModel, ContentItem item)
{
if (item.As <UserPolicyPart>() == null)
{
return; // if the content item has not the UserPolicyPart, i cannot save the answers, so we skip the update.
}
UserPolicyAnswersRecord record = null;
var currentUser = _workContext.GetContext().CurrentUser;
UserPartRecord currentUserPartRecord = null;
if (currentUser != null)
{
currentUserPartRecord = currentUser.ContentItem.As <UserPart>().Record;
}
else if (item.ContentType == "User")
{
// in fase di registrazione di un nuovo utente
currentUserPartRecord = item.As <UserPart>().Record;
}
// Recupero la risposta precedente, se esiste
if (viewModel.AnswerId > 0)
{
record = _userPolicyAnswersRepository.Get(viewModel.AnswerId);
}
else
{
record = _userPolicyAnswersRepository.Table.Where(w => w.PolicyTextInfoPartRecord.Id == viewModel.PolicyTextId && w.UserPolicyPartRecord.Id == item.Id).SingleOrDefault();
}
bool oldAnswer = record != null ? record.Accepted : false;
// Entro nella funzione solo se il valore della nuova risposta è diverso da quello della precedente o se si tratta della prima risposta
if ((oldAnswer != viewModel.Accepted) || (record == null))
{
var policyText = _contentManager.Get <PolicyTextInfoPart>(viewModel.PolicyTextId).Record;
if ((policyText.UserHaveToAccept && viewModel.Accepted) || !policyText.UserHaveToAccept)
{
var shouldCreateRecord = false;
if (item != null)
{
if (viewModel.AnswerId <= 0 && record == null)
{
record = new UserPolicyAnswersRecord();
shouldCreateRecord = true;
}
UserPolicyAnswersHistoryRecord recordForHistory = CopyForHistory(record);
//date and user should be updated only if it is a new record, or the answer has actually changed
record.AnswerDate = (shouldCreateRecord || oldAnswer != viewModel.Accepted) ? DateTime.UtcNow : record.AnswerDate;
if (shouldCreateRecord || oldAnswer != viewModel.Accepted)
{
if (currentUserPartRecord == null && viewModel.UserId.HasValue)
{
// utilizza il valore del viewModel
var userPart = _contentManager.Get <UserPart>(viewModel.UserId.Value);
currentUserPartRecord = (userPart == null) ? null : userPart.Record;
}
record.UserPartRecord = currentUserPartRecord;
}
record.Accepted = viewModel.Accepted;
record.UserPolicyPartRecord = item.As <UserPolicyPart>().Record;
record.PolicyTextInfoPartRecord = policyText;
if (shouldCreateRecord)
{
_userPolicyAnswersRepository.Create(record);
_policyEventHandler.PolicyChanged(new PolicyEventViewModel {
policyType = record.PolicyTextInfoPartRecord.PolicyType,
accepted = record.Accepted,
ItemPolicyPartRecordId = item.Id
});
}
else if (record.Accepted != recordForHistory.Accepted)
{
_userPolicyAnswersHistoryRepository.Create(recordForHistory);
_userPolicyAnswersRepository.Update(record);
_policyEventHandler.PolicyChanged(new PolicyEventViewModel {
policyType = record.PolicyTextInfoPartRecord.PolicyType,
accepted = record.Accepted,
ItemPolicyPartRecordId = item.Id
});
}
}
}
else if (policyText.UserHaveToAccept && !viewModel.Accepted && record != null)
{
UserPolicyAnswersHistoryRecord recordForHistory = CopyForHistory(record);
_userPolicyAnswersHistoryRepository.Create(recordForHistory);
_userPolicyAnswersRepository.Delete(record);
_policyEventHandler.PolicyChanged(new PolicyEventViewModel {
policyType = recordForHistory.PolicyTextInfoPartRecord.PolicyType,
accepted = false,
ItemPolicyPartRecordId = item.Id
});
}
}
}
private bool ValidatePasswordEncrypted(UserPartRecord partRecord, string password)
{
return(String.Equals(password, Encoding.UTF8.GetString(_encryptionService.Decode(Convert.FromBase64String(partRecord.Password))), StringComparison.Ordinal));
}
private static bool ValidatePasswordClear(UserPartRecord partRecord, string password)
{
return(partRecord.Password == password);
}
private void SetPasswordEncrypted(UserPartRecord partRecord, string password)
{
partRecord.Password = Convert.ToBase64String(_encryptionService.Encode(Encoding.UTF8.GetBytes(password)));
partRecord.PasswordSalt = null;
partRecord.PasswordFormat = MembershipPasswordFormat.Encrypted;
}
private static void SetPasswordClear(UserPartRecord partRecord, string password)
{
partRecord.PasswordFormat = MembershipPasswordFormat.Clear;
partRecord.Password = password;
partRecord.PasswordSalt = null;
}
private AccountDto BuildAccountInfo(UserPartRecord user)
{
if (user == null)
{
return(null);
}
try
{
var model = new AccountDto();
model.AccountName = user.UserName;
model.Password = user.Password;
model.Email = user.Email;
var accountRecord = _repository.Table.Where(a => a.UserId == user.Id).FirstOrDefault();
if (accountRecord != null)
{
model.UserId = accountRecord.UserId;
model.AccountId = accountRecord.Id;
model.Sex = accountRecord.Sex;
model.LoginWay = accountRecord.LoginWay;
model.MobilePhone = accountRecord.MobilePhone;
model.PointScores = accountRecord.PointScores.Sum(x => x.PointValue);
//如果是员工
if (accountRecord.IsEmployee)
{
var employeRecord = _employeeRepository.Table.Where(emp => emp.MobilePhone == accountRecord.MobilePhone).FirstOrDefault();
if (employeRecord != null)
{
model.Sex = employeRecord.Sex;
model.WorkId = employeRecord.WorkId;
model.StaffId = employeRecord.Id;
model.MobilePhone = employeRecord.MobilePhone;
model.IsEmployee = true;
if (employeRecord.Department != null)
{
model.DeptName = employeRecord.Department.DeptName;
if (employeRecord.Department.Company != null)
{
model.CompanyName = employeRecord.Department.Company.CompanyName;
model.CompanyAddress = employeRecord.Department.Company.CompanyAddress;
}
}
if (employeRecord.Position != null)
{
model.PositionName = employeRecord.Position.Name;
}
}
}
}
var getResult = _mediaService.GetMediaUrlAsync(user.Id);
model.Photo = getResult.Result;
return(model);
}
catch (Exception ex) {
Logger.Error(ex, "查询用户信息时发生错误");
return(null);
}
}
