private void btnUpdatePass_Click(object sender, EventArgs e)
{
bool result = false;
HashPass hash = new HashPass(pwdOldPass.Text);
//verify current pass
if (employee.getPwd().Equals(hash.getHash()))
{
//verify pass and confirm
if (pwdPass.Text.Equals(pwdConfirm.Text))
{
result = employee.changePass(pwdPass.Text);
}
}
employee.setEmail(txtEmail.Text);
employee.changeEmail();
employee.setDept(txtDept.Text);
employee.changeDept();
if (result)
{
MessageBox.Show("Thành công! Đóng chương trình và đăng nhập lại để thay đổi có hiệu lực");
}
else
{
MessageBox.Show("Sai mật khẩu hoặc xác nhận mật khẩu không khớp");
}
this.Close();
}
public ActionResult Login(Accounts users)
{
try
{
users.password = HashPass.SHA512(users.password);
var user = db.Accounts.Where(u => u.username == users.username && u.password == users.password).FirstOrDefault();
if (user != null)
{
FormsAuthentication.SetAuthCookie(users.username, false);
Session["id"] = user.id;
string url = Request.QueryString["ReturnUrl"];
if (url != null && Url.IsLocalUrl(url))
{
return(Redirect(url));
}
else
{
return(RedirectToAction("Index"));
}
}
else
{
ModelState.AddModelError("", "Authentication failed. Please try again!");
}
return(View());
}
catch (Exception e)
{
ViewBag.ExceptionMessage = e.Message;
}
return(View("~/Views/Errors/Details.cshtml"));
}
protected void ButtonLogIn_Click(object sender, EventArgs e)
{
HashPass HashPass = new HashPass();
TextBoxPassword.Text = HashPass.HashPassword(TextBoxPassword.Text);
SqlDataSource1.DataBind();
DataView dview = (DataView)SqlDataSource1.Select(DataSourceSelectArguments.Empty);
if (dview.Count == 0)
{
errorLabel.Text = "Неправилни потребителско име или парола!";
errorLabel.Visible = true;
}
else if (dview.Count == 1)
{
int ID = (int)dview.Table.Rows[0]["ID"];
int type = (int)dview.Table.Rows[0]["Type"];
var Firstname = (string)dview.Table.Rows[0]["FirstName"];
var Lastname = (string)dview.Table.Rows[0]["LastName"];
if (int.Parse(type.ToString()) == 2)
{
int CompanyID = (int)dview.Table.Rows[0]["Companies_ID"];
Session["CompanyID"] = CompanyID.ToString();
}
Session["ID"] = ID.ToString();
Session["Type"] = type.ToString();
Session["FirstName"] = Firstname.ToString();
Session["LastName"] = Lastname.ToString();
Response.Redirect("~/Admin/");
}
}
public IActionResult AuthLogin(LoginDto body)
{
var User = _BaseService.GetListWriteBy <Users>(x => x.UserName == body.UserName);
if (User.Count <= 0)
{
return(Ok(new ApiNResponse(code: CodeAndMessage.用户名不存在, message: "The user name does not exist")));
}
if (User.Where(x => x.UserName == body.UserName && x.PassWord == HashPass.HashString(body.PassWord, "MD5")).Count() <= 0)
{
return(Ok(new ApiNResponse(code: CodeAndMessage.密码错误, message: "Password error")));
}
if (User.Where(x => x.UserName == body.UserName && x.PassWord == HashPass.HashString(body.PassWord, "MD5") && x.CreateTime.AddHours(2) < DateTime.Now && x.LoginType == LoginType.LimitWeb).Count() > 0)
{
return(Ok(new ApiNResponse(code: CodeAndMessage.注册时间已经超过2小时, message: "The registration time has exceeded 2 hours. Please re-register")));
}
UserInfo userInfo = new UserInfo();
foreach (var item in User)
{
userInfo = new UserInfo()
{
id = item.Id,
AuthRole = new List <AuthRole>()
{
item.AuthRole
},
Email = item.Email,
LoginType = new List <LoginType>()
{
item.LoginType
},
CreateTime = item.CreateTime
};
}
string token = Guid.NewGuid().ToString();
AuthRole AuthRoles = userInfo.AuthRole.First();
switch (AuthRoles)
{
case Models.AuthRole.Admin:
AuthRedis.GetUserById(userInfo.id, LoginType.FreeWeb);
AuthRedis.SetToken(userInfo, token, LoginType.FreeWeb);
break;
case Models.AuthRole.User:
AuthRedis.GetUserById(userInfo.id, LoginType.LimitWeb);
AuthRedis.SetToken(userInfo, token, LoginType.LimitWeb);
break;
default:
break;
}
return(Ok(new ApiResponse(new { token, AuthRoles })));
}
public int ChangePassword(String opCode, String pass)
{
HashPass h = new HashPass(pass);
String pwd = h.getHash();
SqlCommand cmd;
cmd = cnn.CreateCommand();
cmd.CommandText = "UPDATE [PTR].[dbo].[ADC_Opcode] SET [Password] = @pwd WHERE [OpCode] = @opCode";
cmd.Parameters.AddWithValue("@pwd", pwd);
cmd.Parameters.AddWithValue("@opCode", opCode);
return(cmd.ExecuteNonQuery());
}
public int AddUser(String opcode, String OpName, String pwd, String email, String dept)
{
HashPass h = new HashPass(pwd);
SqlCommand cmd;
cmd = cnn.CreateCommand();
cmd.CommandText = "INSERT INTO [PTR].[dbo].[ADC_Opcode](OpCode, Password, Email, OpName, Dept) VALUES(@op,@p,@m,@n,@d)";
cmd.Parameters.AddWithValue("@op", opcode);
cmd.Parameters.AddWithValue("@p", h.getHash());
cmd.Parameters.AddWithValue("@m", email);
cmd.Parameters.AddWithValue("@n", OpName);
cmd.Parameters.AddWithValue("@d", dept);
return(cmd.ExecuteNonQuery());
}
public void AddUserTestNoConection()
{
Pacman_Sevices.Services services = new Services();
Pacman_Sevices.IRegisterService.Jugador jugador = new IRegisterService.Jugador();
System.Random generator = new System.Random();
HashPass hashPass = new HashPass();
jugador.Correo = "*****@*****.**";
jugador.Nombre = "Arturo";
jugador.Username = "******";
jugador.Password = hashPass.HashPassword("ElreyOtak02");
jugador.Código = generator.Next(0, 999999).ToString("D6");
Assert.AreEqual(DBOperationResult.AddResult.SQLError, services.AddUser(jugador));
}
public void SerarchInvalidUserTest()
{
Pacman_Sevices.Services services = new Services();
Pacman_Sevices.IRegisterService.Jugador jugador = new IRegisterService.Jugador();
System.Random generator = new System.Random();
HashPass hashPass = new HashPass();
jugador.Correo = "*****@*****.**";
jugador.Nombre = "Arturo";
jugador.Username = "";
jugador.Password = hashPass.HashPassword("ElreyOtak02");
jugador.Código = generator.Next(0, 999999).ToString("D6");
Assert.AreEqual(DBOperationResult.AddResult.NullObject, services.SerachUserInDB(jugador));
}
public override int GetHashCode()
{
unchecked
{
var hashCode = (Nome != null ? Nome.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Cognome != null ? Cognome.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Email != null ? Email.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Username != null ? Username.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (HashPass != null ? HashPass.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (SaltPass != null ? SaltPass.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ LoginRemoto.GetHashCode();
hashCode = (hashCode * 397) ^ Id.GetHashCode();
return(hashCode);
}
}
private static bool CheckUserCredentials(string username, string password)
{
string[] HashData = GetHashData(username);
if (HashData[0] == "-1")
{
return(false);
}
string CurrentHash = HashPass.ConfirmHash(password, HashData[1]);
if (CurrentHash != HashData[0])
{
return(false);
}
return(CheckDetails(username, CurrentHash));
}
public IActionResult Register(RegisterDto body)
{
var userList = _BaseService.GetListWriteBy <Users>(x => x.Email == body.Email);
int count = userList.Where(x => x.CreateTime.AddHours(2) > DateTime.Now).Count();
if (count > 0)
{
return(Ok(new ApiNResponse(code: CodeAndMessage.重复邮箱在俩小时内注册, message: "Repeat email to register within two hours")));
}
int userinfo = userList.Where(x => x.Email == body.Email && x.CreateTime.AddHours(2) < DateTime.Now).Count();
if (userinfo > 0)
{
var userlist = userList.Single(x => x.Email == body.Email);
userlist.CreateTime = DateTime.Now;
userlist.Count = userlist.Count + 1;
_BaseService.ModifyNo(userlist);
_SendService.SendEmail(body.Email, body.Email, "123456");
}
else
{
Users users = new Users()
{
Id = SequenceID.GetSequenceID(),
AuthRole = AuthRole.User,
CreateTime = DateTime.Now,
Disable = false,
Email = body.Email,
LastModifiedTime = DateTime.Now,
LoginType = LoginType.LimitWeb,
UserName = body.Email.ToString(),
ComPany = body.ComPany,
NickName = body.NickName,
Count = 1,
PassWord = HashPass.HashString("123456", "MD5")
};
_BaseService.Add(users);
_SendService.SendEmail(body.Email, users.UserName, "123456");
}
return(Ok(new ApiResponse()));
}
private static bool CheckUserCredentials(string username, string password, int LoginType)
{
string[] HashData = GetHashData(username, LoginType); //This Gets The Hash Stored in the Database
string[] serverHashData = HashPass.HashPassword(password); //Re-Hashes Server Password
if (HashData[0] == "-1") //If Hash Is Invalid
{
return(false);
}
//string CurrentHash = HashPass.ConfirmHash(password, HashData[1]);
if (serverHashData[0] != HashData[0]) //Checks ServerHash Against Database Hash
{
return(false);
}
return(CheckDetails(username, serverHashData[0], LoginType)); //Returns the Hash Data weather it is valid or False
}
public ActionResult Edit([Bind(Include = "id,fullname,username,password,email,role")] Accounts accounts)
{
try
{
ViewBag.Roles = ca.User_Roles();
if (ModelState.IsValid)
{
accounts.password = HashPass.SHA512(accounts.password);
db.Entry(accounts).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(accounts));
}
catch (Exception e)
{
ViewBag.ExceptionMessage = e.Message;
}
return(View("~/Views/Errors/Details.cshtml"));
}
protected void ButtonAdduser_Click(object sender, EventArgs e)
{
SqlDataSourceCompany.DataBind();
DataView dview = (DataView)SqlDataSourceCompany.Select(DataSourceSelectArguments.Empty);
if (dview.Count == 0)
{
errorLabel.Text = "Въведеният администратор вече съществува!";
errorLabel.Visible = true;
}
else if (Convert.ToString(TextBoxPassword.Text) != Convert.ToString(TextBoxPasswordRepeat.Text))
{
errorLabel.Text = "Паролите не съвпадат";
errorLabel.Visible = true;
}
else
{
HashPass HashPass = new HashPass();
TextBoxPasswordRepeat.Text = HashPass.HashPassword(TextBoxPasswordRepeat.Text);
var procedure = "CreateUser";
connection.Open();
SqlCommand comm = new SqlCommand(procedure, connection);
comm.CommandType = CommandType.StoredProcedure;
comm.Parameters.AddWithValue("@Username", TextBoxUsername.Text);
comm.Parameters.AddWithValue("@Password", TextBoxPasswordRepeat.Text);
comm.Parameters.AddWithValue("@Email", TextBoxEmail.Text);
comm.Parameters.AddWithValue("@FirstName", TextBoxFirstName.Text);
comm.Parameters.AddWithValue("@LastName", TextBoxLastName.Text);
comm.Parameters.AddWithValue("@CompanyID", DropDownListCompany.SelectedItem.Value);
comm.ExecuteNonQuery();
connection.Close();
errorLabel.Visible = false;
this.GridView1.PageIndex = this.GridView1.PageCount - 1;
}
}
protected void ButtonNewPassword_Click(object sender, EventArgs e)
{
HashPass HashPass = new HashPass();
TextBoxOldPass.Text = HashPass.HashPassword(TextBoxOldPass.Text);
TextBoxNewPass.Text = HashPass.HashPassword(TextBoxNewPass.Text);
TextBoxRepeatNewPass.Text = HashPass.HashPassword(TextBoxRepeatNewPass.Text);
SqlDataSourceCheckOldPass.DataBind();
DataView dview = (DataView)SqlDataSourceCheckOldPass.Select(DataSourceSelectArguments.Empty);
if (dview.Count != 1)
{
errorLabel.Text = "Старата парола е грешна!";
errorLabel.Visible = true;
}
else if (Convert.ToString(TextBoxNewPass.Text) != Convert.ToString(TextBoxRepeatNewPass.Text))
{
errorLabel.Text = "Паролите не съвпадат";
errorLabel.Visible = true;
}
else
{
var procedure = "NewPassword";
connection.Open();
SqlCommand comm = new SqlCommand(procedure, connection);
comm.CommandType = CommandType.StoredProcedure;
comm.Parameters.AddWithValue("@UserID", Session["ID"]);
comm.Parameters.AddWithValue("@NewPassword", TextBoxRepeatNewPass.Text);
comm.ExecuteNonQuery();
connection.Close();
errorLabel.Visible = false;
successLabel.Text = "Паролата е променена успешно!";
successLabel.Visible = true;
}
}
[AuthFilter]//身份认证,不带token或者token错误会被拦截器拦截进不来这个接口
public IActionResult RegisterFree(RegisterFreeDto body)
{
int count = _BaseService.GetListWriteBy <Users>(x => x.UserName == body.UserName).Count();
if (count > 0)
{
return(Ok(new ApiResponse(code: CodeAndMessage.用户名重复)));
}
Users users = new Users()
{
Id = SequenceID.GetSequenceID(),
AuthRole = AuthRole.User,
CreateTime = DateTime.Now,
Disable = false,
Email = body.Email,
LastModifiedTime = DateTime.Now,
LoginType = LoginType.FreeWeb,
UserName = body.UserName,
PassWord = HashPass.HashString(body.PassWord, "MD5"),
};
_BaseService.Add(users);
return(Ok(new ApiResponse()));
}
