public async Task <IActionResult> ChangePassword(UserPasswordModel model)
{
var currentUserPassword = await _userService.GetUserPasswordAsync(model.Id);
var userPassword = CommonMappers.Mapper.Map <UserPassword>(model);
if (currentUserPassword == null)
{
var insertedResult = await _userService.InsertUserPasswordAsync(userPassword);
if (insertedResult > 0)
{
SuccessNotification(await _localizationService.GetResourceAsync("UserPassword.Added"));
}
return(RedirectToAction(nameof(Index)));
}
if (currentUserPassword.UserId != model.UserId)
{
return(RedirectToAction(nameof(Index)));
}
var updatedResult = await _userService.UpdateUserPasswordAsync(userPassword);
if (updatedResult > 0)
{
SuccessNotification(await _localizationService.GetResourceAsync("UserPassword.Updated"));
return(RedirectToAction(nameof(Edit), new { id = model.UserId }));
}
return(View(model));
}
public async Task <APIResponseModel> Process(SampleUser userContext, UserUpdatePasswordAction action)
{
UserModel user = userContext.OBO != null ? userContext.OBO : userContext.SiteUser;
if (string.IsNullOrWhiteSpace(action.NewPassword))
{
return(APIResponseModel.Error(ResponseCode.InvalidParameter, "Password"));
}
var passwordStrength = new PasswordStrengthValidator().Test(action.NewPassword);
if (!passwordStrength.Good)
{
return(APIResponseModel.Error(ResponseCode.InvalidParameter, "Password Strength"));
}
if (!(await this.PasswordManager.Verify(action.OldPassword, user.Password.Hash)))
{
return(APIResponseModel.Error(ResponseCode.InvalidCredentials));
}
else
{
var pwd = new UserPasswordModel(await this.PasswordManager.CreatePasswordHash(action.NewPassword));
var rs = await this.DataManager.UpdateEntityProperty(EntityTableType.user, UserEntity.UpdatePasswordBuilder(user.UserId, pwd, PasswordMode.UpdatePassword));
if (rs.Code != ResponseCode.Ok)
{
return(APIResponseModel.Error(rs.Code, rs.Message));
}
}
this.DataManager.WriteEvent("user-password-updated", action); // don't await - fire & forget
return(APIResponseModel.Success());
}
public ActionResult EditPassword(UserPasswordModel form)
{
User editUser = db.Users.Where(i => i.Login == HttpContext.User.Identity.Name).FirstOrDefault();
Debug.WriteLine("UserPanel");
if (editUser != null)
{
string encryptedOldPassword = Cryptographing.Encrypt(form.OldPassword.Trim());
string encryptedNewPassword = Cryptographing.Encrypt(form.NewPassword.Trim());
string encryptedNewPasswordValidation = Cryptographing.Encrypt(form.NewPasswordConfirmation.Trim());
// If written current password is the same as current password AND written current and new passwords are not NULLs
if (encryptedOldPassword.Equals(editUser.EncryptedPassword) && encryptedOldPassword != null && encryptedNewPassword != null)
{
// If new password validates and is different from old one => CHANGE PASSWORD
if (encryptedNewPassword.Equals(encryptedNewPasswordValidation) && !encryptedNewPassword.Equals(encryptedOldPassword))
{
ViewBag.ConfirmChanges = "Potwierdź link w wysłanym mail'u by zastosować zmianę hasła.";
Task.Run(() => EmailManager.SendEmailAsync(EmailManager.EmailType.ChangePassword, editUser.FirstName, editUser.LastName, editUser.Email, encryptedNewPassword));
return(Json("Wysłano email z potwierdzeniem zmiany hasła!"));
}
}
}
return(Json("Something failed"));
}
public async Task <IActionResult> ChangePassword(int id)
{
if (id == 0)
{
return(RedirectToAction(nameof(Index)));
}
var user = await _userService.GetUserByIdAsync(id);
if (user == null)
{
return(RedirectToAction(nameof(Index)));
}
var userPassword = await _userService.GetPasswordByUserIdAsync(user.Id);
var model = new UserPasswordModel
{
UserId = user.Id,
Name = user.Name
};
if (userPassword != null)
{
model.Id = userPassword.Id;
}
return(View(model));
}
public async Task <ActionResult <ApplicationUser> > ChangePassword(UserPasswordModel usermodel)
{
ApplicationUser user = await _userManager.FindByIdAsync(usermodel.UserId);
if (user == null)
{
return(NotFound("User not valid"));
}
bool yesFound = await _userManager.CheckPasswordAsync(user, usermodel.OldPassword);
if (!yesFound)
{
return(NotFound("Incorrect old Password"));
}
try
{
var RemoveResult = await _userManager.RemovePasswordAsync(user);
if (RemoveResult.Succeeded)
{
var AddResult = await _userManager.AddPasswordAsync(user, usermodel.ConfirmNewPassword);
if (AddResult.Succeeded)
{
return(Ok("Successfully Change your Password."));
}
}
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
return(BadRequest("Unfortunately your Password Not Change."));
}
public async Task <bool> Delete(string id, UserPasswordModel model, CancellationToken cancellationToken)
{
var user = await Get(id, cancellationToken);
if (user is null)
{
await Task.FromException(new ArgumentException($"Użytkownik nie istnieje. Szczegóły: {id}"));
}
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
await Task.FromException(new ArgumentException($"Podano błędne hasło. Szczegóły: {user.UserName}"));
}
var identityResult = await _userManager.DeleteAsync(user);
if (!identityResult.Succeeded)
{
var errors = identityResult.Errors.Select(o => o.Description);
await Task.FromException(new ArgumentException($"Wystąpił problem podczas usuwania użytkownika " +
$"użytkownika: {user.UserName}. Szczegóły: {string.Join(", ", errors)}"));
}
return(true);
}
public async Task <ActionResult> ManagePassword([Bind(Prefix = "managePasswordModel")] UserPasswordModel model)
{
bool hasPassword = HasPassword();
ViewBag.HasLocalPassword = hasPassword;
//vaidate their passwords match
if (model.NewPassword != model.ConfirmPassword)
{
ModelState.AddModelError("managePasswordModel.ConfirmPassword", "Passwords do not match");
}
if (hasPassword)
{
if (ModelState.IsValid)
{
IdentityResult result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId <int>(), model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId <int>());
await SignInAsync(user, isPersistent : false);
TempData["ChangePasswordSuccess"] = true;
return(RedirectToCurrentUmbracoPage());
}
else
{
AddModelErrors(result, "managePasswordModel");
}
}
}
else
{
// User does not have a password so remove any validation errors caused by a missing OldPassword field
var state = ModelState["managePasswordModel.OldPassword"];
if (state != null)
{
state.Errors.Clear();
}
if (ModelState.IsValid)
{
IdentityResult result = await UserManager.AddPasswordAsync(User.Identity.GetUserId <int>(), model.NewPassword);
if (result.Succeeded)
{
TempData["ChangePasswordSuccess"] = true;
return(RedirectToCurrentUmbracoPage());
}
else
{
AddModelErrors(result, "managePasswordModel");
}
}
}
// If we got this far, something failed, redisplay form
return(CurrentUmbracoPage());
}
public ActionResult ChangePassword(string username)
{
UserPasswordModel model = new UserPasswordModel();
model.Username = username;
return(View(model));
}
public async Task <IActionResult> UpdatePassword(UserPasswordModel passwordModel)
{
if (ModelState.IsValid)
{
User cUser = await _userManager.FindByEmailAsync(passwordModel.Email);
if (cUser == null)
{
ModelState.AddModelError("", "User not exist");
return(View());
}
PasswordVerificationResult verificationResult = _passwordHasher.VerifyHashedPassword(cUser, cUser.PasswordHash, passwordModel.OldPassword);
if (verificationResult == PasswordVerificationResult.Success)
{
cUser.PasswordHash = _passwordHasher.HashPassword(cUser, passwordModel.NewPassword);
IdentityResult passwordUpdateResult = await _userManager.UpdateAsync(cUser);
if (!passwordUpdateResult.Succeeded)
{
ModelState.AddModelError("", "Password update failed");
return(View());
}
}
else
{
ModelState.AddModelError("", "Old password is not valid");
}
}
return(View());
}
public UserPasswordModel CreateUserPasswordEntity(PasswordReset model)
{
UserPasswordModel ety = new UserPasswordModel()
{
UserId = model.UserId,
Password = model.Password,
};
return(ety);
}
public async Task <IActionResult> SetPassword([FromBody] UserPasswordModel model)
{
var result = await _userService.SetPasswordAsync(model);
if (!string.IsNullOrEmpty(result))
{
return(this.BadRequestResult(result));
}
return(Ok());
}
public async Task <string> SetPasswordAsync(UserPasswordModel model)
{
var user = await _userManager.FindByIdAsync(model.id.ToString());
var result = await _userManager.RemovePasswordAsync(user);
result = await _userManager.AddPasswordAsync(user, model.Password);
return(result.Succeeded ? string.Empty : UserConstants.USER_SUPER_ADMIN_NO_ZERO);
}
public async Task <IActionResult> ChangeUserPassword([FromRoute] int userId, [FromBody] UserPasswordModel model)
{
User user = await cateringDbContext.Users.FirstOrDefaultAsync(x => x.UserId == userId);
string utfPassword = Base64.Base64Decode(model.Password);
user.PasswordHash = Sha256Helper.GetHash(utfPassword);
cateringDbContext.Update(user);
await cateringDbContext.SaveChangesAsync();
return(Ok());
}
//POST : api/ApplicationUser/New-Password
public async Task <object> NewPassword(UserPasswordModel model)
{
var user = await _userManager.FindByNameAsync(model.UserName);
var result = await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
return(Ok(result));
}
else
{
return(BadRequest("Incorrect answer"));
}
}
public static BaseJiraResult SetUserPassword(JiraCredentials credential, string key, string newPassword)
{
if (credential.JiraConnection != JiraConnectionType.JiraServer)
{
throw new BusinessRuleException("SetUserPassword step can be used only for JiraConnectionType.JiraServer connection");
}
UserPasswordModel password = new UserPasswordModel {
Password = newPassword
};
var response = JiraUtility.Put <UserPasswordModel, JiraEmptyResponseModel>($"user/password?key={key}", credential, password, HttpStatusCode.NoContent);
return(new BaseJiraResult {
ErrorMessage = response.ErrorMessage, Status = response.Status, HttpStatus = response.HttpStatus
});
}
public HttpResponseMessage ChangeOwnProfile(UserPasswordModel userPasswordModel)
{
try
{
Confirmation aConfirmation = userRepository.ChangeOwnProfile(userPasswordModel);
var formatter = RequestFormat.JsonFormaterString();
return(Request.CreateResponse(HttpStatusCode.OK, aConfirmation, formatter));
}
catch (Exception ex)
{
var formatter = RequestFormat.JsonFormaterString();
return(Request.CreateResponse(HttpStatusCode.OK, new Confirmation {
output = "error", msg = ex.ToString()
}, formatter));
}
}
public Task ChangePasswordAsync(UserPasswordModel model)
{
var user = _userRepo.Get(x => x.Id == model.UserId).FirstOrDefault();
if (user != null)
{
var systemNow = SystemHelper.SystemTimeNow;
var newPasswordHash = AuthenticationService.HashPassword(model.NewPassword, systemNow);
// user.PasswordHash = newPasswordSalt;
user.PasswordHash = newPasswordHash;
_userRepo.Update(user, x => x.PasswordHash);
UnitOfWork.SaveChanges();
}
return(Task.CompletedTask);
}
public ActionResult Manage(UserPasswordModel model)
{
bool hasLocalAccount = true;
ViewBag.HasLocalPassword = hasLocalAccount;
ViewBag.ReturnUrl = Url.Action("Manage");
if (hasLocalAccount)
{
if (ModelState.IsValid)
{
bool changePasswordSucceeded = false;
try
{
using (var db = new Entities())
{
var user = db.TB_USER.FirstOrDefault(u => u.LOGIN == User.Identity.Name);
if (CheckCredentialsData(user.LOGIN, model.OldPassword))
{
var crypt = new SimpleCrypto.PBKDF2();
var encrypts = crypt.Compute(model.NewPassword);
user.PASSWD = encrypts;
user.PASSWSALT = crypt.Salt;
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
changePasswordSucceeded = true;
}
}
}
catch (Exception)
{
changePasswordSucceeded = false;
}
if (changePasswordSucceeded)
{
return(RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }));
}
else
{
ModelState.AddModelError("", "Não foi atribuída uma nova senha porque a senha atual está errada.");
}
}
}
return(View(model));
}
public async Task <JsonResult> RollbackPassword(UserPasswordModel model)
{
ResponseViewModel responseResult = new ResponseViewModel();
try
{
model.NewPassword = _passwordHasher.HashPassword(model.NewPassword);
responseResult = await _aspNetUsersService.RollbackPassword(model);
}
catch (Exception ex)
{
responseResult.IsOk = false;
responseResult.Exception = ex;
responseResult.HttpStatusCode = HttpStatusCode.InternalServerError;
throw ex;
}
return(Json(responseResult, JsonRequestBehavior.DenyGet));
}
public async Task ChangePassword(string id, UserPasswordModel model, CancellationToken cancellationToken)
{
var user = await Get(id, cancellationToken);
if (user is null)
{
await Task.FromException(new ArgumentException($"Użytkownik nie istnieje. Szczegóły: {id}"));
}
var identityResult = await _userManager.ChangePasswordAsync(user, model.Password, model.NewPassword);
if (!identityResult.Succeeded)
{
var errors = identityResult.Errors.Select(o => o.Description);
await Task.FromException(new ArgumentException($"Wystąpił problem podczas zmiany hasła u " +
$"użytkownika: {user.UserName}. Szczegóły: {string.Join(", ", errors)}"));
}
}
public HttpResponseMessage ChangePassword(UserPasswordModel passwordData)
{
var result = from UserCredential in db.UserCredentials
where ((UserCredential.UserId == passwordData.UserId) && (UserCredential.Password == passwordData.OldPassword))
select new { UserCredential.Id, UserCredential.UserName };
if (result.Count() <= 0)
{
return((HttpResponseMessage)Request.CreateResponse(HttpStatusCode.BadRequest, new { data = new { string.Empty }, success = false, error = "Old Password is incorrect" }));
}
else
{
db.UserCredentials.Where(x => x.UserId == passwordData.UserId).ToList().ForEach(x =>
{
x.Password = passwordData.NewPassword;
});
db.SaveChanges();
return((HttpResponseMessage)Request.CreateResponse(HttpStatusCode.OK, new { data = new { passwordData }, success = true, error = string.Empty }));
}
}
public HttpResponseMessage ChangePassword(UserPasswordModel password)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, new HttpError(ModelState.FirstError())));
}
try
{
_userService.ReserUserPassword(_workContext.User.Id, password.NewPassword, false);
}
catch (StaffingPurchaseException ex)
{
return(RecordException(ex, ex.Message, ex.Message, LogLevel.Info));
}
catch (Exception ex)
{
return(RecordException(ex, "Error when changing user password", ExceptionResources.GeneralException));
}
return(Request.CreateResponse());
}
public ActionResult ChangePassword(UserPasswordModel model)
{
if (ModelState.IsValid)
{
try
{
this.UserManagementRepository.SetPassword(model.Username, model.Password);
TempData["Message"] = Resources.UserController.ProfileUpdated;
return(RedirectToAction("Index"));
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
catch
{
ModelState.AddModelError("", "Error updating password");
}
}
return(View("ChangePassword", model));
}
public Confirmation ChangeOwnProfile(UserPasswordModel userPassword)
{
user aUser = _entities.users.FirstOrDefault(u => u.user_id == userPassword.user_id);
if (aUser != null)
{
var passwordValid = PasswordHash.ValidatePassword(userPassword.old_password, aUser.password);
if (passwordValid)
{
aUser.full_name = userPassword.full_name;
if (userPassword.is_password_change)
{
var hashPassword = PasswordHash.HashPassword(userPassword.new_password);
aUser.password = hashPassword;
aUser.is_new_pass = false;
aUser.emp_id = aUser.emp_id;
}
_entities.SaveChanges();
return(new Confirmation {
output = "success", msg = "Profile update successfully"
});
}
else
{
return(new Confirmation {
output = "error", msg = "Now a valid user/password(old)"
});
}
}
else
{
return(new Confirmation {
output = "error", msg = "Now a valid user/password(old)!"
});
}
}
public PasswordGenerator(UserPasswordModel passwordOptions)
{
this._passwordOptions = passwordOptions;
Password = Generate();
}
private string Generate()
{
if (_passwordOptions.IsRandomPassword)
{
if (_passwordOptions == null)
{
_passwordOptions = new UserPasswordModel
{
RequiredLength = 8,
RequiredUniqueChars = 4,
RequireDigit = true,
RequireLowercase = true,
RequireNonAlphanumeric = true,
RequireUppercase = true
}
}
;
string[] randomChars = new[] {
"ABCDEFGHJKLMNOPQRSTUVWXYZ", // uppercase
"abcdefghijkmnopqrstuvwxyz", // lowercase
"0123456789", // digits
"!@$?_-" // non-alphanumeric
};
Random rand = new Random(Environment.TickCount);
List <char> chars = new List <char>();
if (_passwordOptions.RequireUppercase)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[0][rand.Next(0, randomChars[0].Length)]);
}
if (_passwordOptions.RequireLowercase)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[1][rand.Next(0, randomChars[1].Length)]);
}
if (_passwordOptions.RequireDigit)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[2][rand.Next(0, randomChars[2].Length)]);
}
if (_passwordOptions.RequireNonAlphanumeric)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[3][rand.Next(0, randomChars[3].Length)]);
}
for (int i = chars.Count; i < _passwordOptions.RequiredLength ||
chars.Distinct().Count() < _passwordOptions.RequiredUniqueChars; i++)
{
string rcs = randomChars[rand.Next(0, randomChars.Length)];
chars.Insert(rand.Next(0, chars.Count),
rcs[rand.Next(0, rcs.Length)]);
}
return(new string(chars.ToArray()));
}
else
{
return(_passwordOptions.Password);
}
}
}
public HttpResponseMessage UserLogin(UserPasswordModel userPasswordModel)
{
var securityUrl = ConfigurationManager.AppSettings["AuthServer"];
var clientID = ConfigurationManager.AppSettings["ClientID"];
HttpWebRequest httpWReq =
(HttpWebRequest)WebRequest.Create(securityUrl + @"/oauth2/token");
ASCIIEncoding encoding = new ASCIIEncoding();
string postData = "Username="******"&Password="******"&grant_type=password";
postData += "&client_id=" + clientID;
try
{
byte[] data = encoding.GetBytes(postData);
httpWReq.Method = "POST";
httpWReq.ContentType = "application/x-www-form-urlencoded";
httpWReq.ContentLength = data.Length;
using (Stream stream = httpWReq.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
HttpWebResponse response = (HttpWebResponse)httpWReq.GetResponse();
string responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
AuthTokenDTO authToken = JsonConvert.DeserializeObject <AuthTokenDTO>(responseString);
var user = _IUserService.GetUserByUserName(userPasswordModel.UserName);
var userLookedUp = user;
var portUser = _IPortalUserService.QueryData().Where(p => p.User.Id == user.Id).ToList();
var userPort = portUser[0].Port;
//var portalDefinition = _IPortalService.GetPortalDefinition(userPort.Id);
var portalUser = PlatformMappingHelper.Map <User, PortalUserDTO>(user);
//AutherizationResponseDTO autherizationResponse = new AutherizationResponseDTO
//{ AuthToken = authToken, PortalId = userPort.Id, PortalUser = portalUser };
var autherizationResponse = new
{ data = authToken, error = "" };
var userOrg = user.Orgs.FirstOrDefault();
portalUser.Org = PlatformMappingHelper.Map <Org, OrgDTO>(userOrg);
try
{
if (user != null)
{
user.UserLoginHists.Add(new UserLoginHist {
LoginDate = DateTime.UtcNow
});
_UnitOfWork.Commit();
}
}
catch (Exception daExp)
{
var x = daExp;
}
return(Request.CreateResponse <dynamic>(HttpStatusCode.OK, autherizationResponse));
}
catch (Exception exp)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
}
public async Task <APIResponseModel> Process(UserSignupAction action)
{
// just be safe
action.Email = action.Email.ToLower();
if (string.IsNullOrWhiteSpace(action.Email))
{
return(APIResponseModel.Error(ResponseCode.InvalidParameter, "Email"));
}
if (string.IsNullOrWhiteSpace(action.Password))
{
return(APIResponseModel.Error(ResponseCode.InvalidParameter, "Password"));
}
if (action.Language == LanguageId.None)
{
action.Language = LanguageId.en;
}
var passwordStrength = new PasswordStrengthValidator().Test(action.Password);
if (!passwordStrength.Good)
{
return(APIResponseModel.Error(ResponseCode.InvalidParameter, "Password Strength"));
}
// prepare the user
UserPasswordModel password = new UserPasswordModel(await this.PasswordManager.CreatePasswordHash(action.Password));
UserModel user = UserModel.Create(UserType.Standard, UserStatusId.Registered, action.Language, action.Email, password, action.DisplayName);
var rs = await this.DataManager.CreateUserAsync(user);
// failed - get out
if (rs.Code != ResponseCode.Ok)
{
//await this.DataManager.LogEventAsync( LogEventModel.Failure( action.Action, user.ToJson(), user.UserId ) );
return(APIResponseModel.Result(rs));
}
try
{
var j = new Newtonsoft.Json.Linq.JObject(
new Newtonsoft.Json.Linq.JProperty("userId", user.UserId.Encode()),
new Newtonsoft.Json.Linq.JProperty("email", user.Email ?? "{null}"),
new Newtonsoft.Json.Linq.JProperty("name", user.Name ?? "{null}")
).ToString(Newtonsoft.Json.Formatting.Indented);
this.DataManager.WriteEvent("user-created", j); // don't await - fire & forget
}
catch { }
// move everything from the email address to the user
try
{
rs = await this.DataManager.ConvertEmailToUserId(user);
if (rs.Code != ResponseCode.Ok)
{
await this.DataManager.LogErrorAsync("Process(UserSignupAction)", rs.ToJson());
}
}
catch (Exception ex)
{
this.DataManager.LogExceptionAsync("Process(UserSignupAction)", ex);
}
// pipeline the email verification request
try
{
APIResponseModel rs1 = await this.Process(new InternalSendEmailVerificationAction()
{
UserId = user.UserId
});
}
catch (Exception ex)
{
this.DataManager.LogErrorAsync("InternalSendEmailVerificationAction", ex.Message + Environment.NewLine + (ex.StackTrace ?? string.Empty));
}
this.SlackProvider.Send($"New user! {action.Email}"); //fire and forget
ResponseData response = new ResponseData();
response.Add(ResponseType.User, new UserViewModel(user));
return(APIResponseModel.ResultWithData(response));
}
public async Task ChangePassword([FromBody] UserPasswordModel body)
{
await _alfrescoHttpClient.UpdatePerson(AlfrescoNames.Aliases.Me, new PersonBodyUpdate { OldPassword = body.OldPassword, Password = body.NewPassword });
}
public async Task <IActionResult> Delete([FromRoute] string id, [FromBody] UserPasswordModel model, CancellationToken cancellationToken) => await Delete(_userService.Delete(id, model, cancellationToken));
