Ejemplo n.º 1
0
        public static bool ChangePassword(User u, string currPassword, string newPassword)
        {
            if( Hash.GetHash( currPassword + u.PasswordSalt, Config.Manager.Framework.Security.Authentication.HashingMethod ?? "sha512", Encoding.UTF8, "hex" ) != u.Password )
                return false;

            u.PasswordSalt = GetRandomSalt();
            u.Password = Hash.GetHash( newPassword + u.PasswordSalt, Config.Manager.Framework.Security.Authentication.HashingMethod ?? "sha512", Encoding.UTF8, "hex" );
            u.Save();

            return true;
        }
Ejemplo n.º 2
0
        public static User CreateUser(string username, string password, string email, out string error)
        {
            error = "";

            var u = new User();
            u.Username = username;
            u.Email = email;
            u.ResetPasswordGuid = Guid.Empty;
            u.LastLogin = DateTime.Now;

            string salt = GetRandomSalt();
            u.PasswordSalt = salt;
            u.Password = Hash.GetHash( password + salt, Config.Manager.Framework.Security.Authentication.HashingMethod ?? "sha512", Encoding.UTF8, "hex" );

            u.Save();

            return u;
        }
Ejemplo n.º 3
0
        public static ReturnObject Profile(HttpContext context, long id, string email, string current_password = null, string new_password = null, string confirm_password = null)
        {
            var item = new Framework.Security.User( id );

            if( id != Framework.Security.Manager.GetUser().ID.Value )
                return new ReturnObject() { Error = true, Message = "Invalid user specified." };

            item.Email = email;
            item.Save();

            if( !string.IsNullOrEmpty( current_password ) || !string.IsNullOrEmpty( new_password ) || !string.IsNullOrEmpty( confirm_password ) )
            {
                if( string.IsNullOrEmpty(current_password) )
                    return new ReturnObject() { Error = true, Message = "You must enter your current password to change your password." };

                if( string.IsNullOrEmpty( new_password ) || string.IsNullOrEmpty( confirm_password ) )
                    return new ReturnObject() { Error = true, Message = "You must enter a new password and confirm it to change your password." };

                if( new_password != confirm_password )
                    return new ReturnObject() { Error = true, Message = "Your new passwords do not match." };

                if( !Framework.Security.Manager.ChangePassword(item,current_password,new_password) )
                    return new ReturnObject() { Error = true, Message = "You did not enter your current password correctly." };
            }

            var ret = new ReturnObject()
            {
                Result = item,
                Growl = new ReturnGrowlObject()
                {
                    Type = "default",
                    Vars = new ReturnGrowlVarsObject()
                    {
                        text = "You have successfully updated your profile.",
                        title = "Profile Saved"
                    }
                }
            };

            return ret;
        }
Ejemplo n.º 4
0
        public override void Run()
        {
            Drug drug = new Drug(DrugId);
            Prescriber prescriber = new Prescriber(PrescriberId);
            User user = new User(prescriber.Profile.UserID);

            StringBuilder message = new StringBuilder();

            message.Append("Your certification for ");
            message.Append(drug.GenericName);
            message.Append(" needs to be renewed.");

            Notification n = Lib.Systems.Notifications.NotificationService.Create(
                "Certification renewal notice",
                message.ToString(),
                true,
                Lib.Systems.Notifications.NotificationService.DataType.Drug,
                DrugId);

            Lib.Systems.Notifications.NotificationService.Send(n, user);
        }
Ejemplo n.º 5
0
        public static ReturnObject Edit( HttpContext context, long provider_id, long facility_id, long profile_id, string first_name, string last_name, string email, string phone, 
            string street_1, string city, string state, string zip, string npi, string state_id, long issuer, long speciality, long prescriber_type, string username, string password, string confirm_password, string street_2 = null, string fax = null)
        {
            UserProfile userProfile;
            PrescriberProfile prescriberProfile;
            Data.Prescriber prescriber;
            Address address;
            Contact contact;

            Framework.Security.User user;

            if (profile_id > 0)
            {
                prescriberProfile = new PrescriberProfile(profile_id);
                prescriber = prescriberProfile.Prescriber;
                userProfile = prescriber.Profile;
                user = userProfile.User;
                address = userProfile.PrimaryAddress;
                contact = userProfile.PrimaryContact;
            }
            else
            {
                userProfile = new UserProfile();
                userProfile.Created = DateTime.Now;
                prescriberProfile = new PrescriberProfile();
                prescriber = new Data.Prescriber();
                contact = new Contact();
                user = new Framework.Security.User();
                address = new Address();
            }

            if (!user.ID.HasValue && string.IsNullOrEmpty(password))
            {
                return new ReturnObject()
                {
                    Error = true,
                    StatusCode = 200,
                    Message = "If you are creating a new prescriber, you must enter a password."
                };
            }

            if (!string.IsNullOrEmpty(password) )
            {
                if (password != confirm_password)
                {
                    return new ReturnObject()
                    {
                        Error = true,
                        StatusCode = 200,
                        Message = "The passwords you entered do no match."
                    };
                }
                else
                {
                    user.PasswordSalt = Framework.Security.Manager.GetRandomSalt();
                    user.Password = Framework.Security.Hash.GetSHA512(password + user.PasswordSalt);
                }
            }

            user.Username = username;
            user.Email = email;
            user.Save();

            IList<Framework.Security.Group> userGroups = user.GetGroups();

            if(!userGroups.Any(x => x.ID == 2))
                user.AddGroup(new Framework.Security.Group(2));

            if(!userGroups.Any(x => x.ID == 3))
                user.AddGroup(new Framework.Security.Group(3));

            contact.Email = email;
            contact.Phone = phone;
            contact.FirstName = first_name;
            contact.LastName = last_name;
            contact.Save();

            address.Street1 = street_1;
            address.Street2 = street_2;
            address.City = city;
            address.State = state;
            address.Zip = zip;
            address.Country = "United States";
            address.Save();

            userProfile.UserID = user.ID.Value;
            userProfile.UserTypeID = 0;
            userProfile.PrimaryAddressID = address.ID.Value;
            userProfile.PrimaryContactID = contact.ID.Value;
            userProfile.Save();

            prescriber.ProfileID = userProfile.ID.Value;
            prescriber.SpecialityID = speciality;
            prescriber.NpiId = npi;
            prescriber.StateId = state_id;
            prescriber.StateIdIssuer = issuer;
            prescriber.Save();

            prescriberProfile.PrescriberID = prescriber.ID;
            prescriberProfile.ProviderID = provider_id;
            prescriberProfile.AddressID = address.ID.Value;
            prescriberProfile.ContactID = contact.ID.Value;
            prescriberProfile.PrescriberTypeID = prescriber_type;
            prescriberProfile.PrimaryFacilityID = facility_id;
            prescriberProfile.Expires = DateTime.Now.AddYears(1);
            prescriberProfile.OrganizationId = provider_id;
            prescriberProfile.Save();

            return new ReturnObject()
            {
                Result = prescriber,
                Growl = new ReturnGrowlObject()
                {
                    Type = "default",
                    Vars = new ReturnGrowlVarsObject()
                    {
                        text = "You have successfully saved this Prescriber.",
                        title = "Prescriber Saved"
                    }
                }
            };
        }
Ejemplo n.º 6
0
        public static bool ResetPassword(ref User u)
        {
            if (u == null || u.ID == null)
                return false;

            u.ResetPasswordGuid = Guid.NewGuid();
            u.Save();

            return true;
        }
Ejemplo n.º 7
0
        public static bool Login(string username, string password)
        {
            var db = Data.Database.Get( Config.Manager.Framework.Security.Authentication.Connection );
            string sql = "SELECT * " +
                        "FROM " + db.Delim( Config.Manager.Framework.Security.Authentication.User.Table, Data.DelimType.Table ) + " " +
                        "WHERE " + db.Delim( "Username", Data.DelimType.Column ) + " = @un OR " + db.Delim( "Email", Data.DelimType.Column ) + " = @e";

            var parameters = new List<Data.Parameter>();
            parameters.Add(new Data.Parameter("un", username));
            parameters.Add(new Data.Parameter("e", username));

            var rows = db.ExecuteQuery( sql, parameters.ToArray() );
            if( rows != null && rows.Count == 1 )
            {
                var row = rows[0];
                string salt = (string)row["PasswordSalt"];
                if( ((string)row["Password"]) == Hash.GetHash( password + salt, Config.Manager.Framework.Security.Authentication.HashingMethod ?? "sha512", Encoding.UTF8, "hex" ) )
                {
                    var user = new User( row );
                    user.LastLogin = DateTime.Now;
                    user.Save();
                    // Set to Session

                    HttpContext.Current.Session["User"] = user;

                    return true;
                }
            }

            return false;
        }
Ejemplo n.º 8
0
        public static bool Login(User u)
        {
            if (u == null || !u.ID.HasValue)
                return false;

            HttpContext.Current.Session["User"] = u;

            return true;
        }