public PHSUser GenerateHashedUser(PHSUser user, out string message) { if (user == null) { message = Constants.ValueIsEmpty("User"); return(null); } if (string.IsNullOrEmpty(user.Username)) { message = Constants.ValueIsEmpty("User Id"); return(null); } if (string.IsNullOrEmpty(user.Password)) { message = Constants.ValueIsEmpty("Password"); return(null); } try { user.PasswordSalt = PasswordManager.GenerateSalt(); user.Password = PasswordManager.SecureStringToString(PasswordManager.CreateHash(user.Password, user.PasswordSalt)); message = string.Empty; return(user); } catch (Exception ex) { ExceptionLog(ex); message = Constants.OperationFailedDuringAddingValue("User"); return(null); } }
public bool ChangePassword(PHSUser user, string oldPass, string newPass, string newPassConfirm, out string message) { if (user == null || user.PHSUserID == 0 || string.IsNullOrEmpty(user.Username)) { message = "Cannot find user"; return(false); } if (string.IsNullOrEmpty(oldPass)) { message = "Please Enter Old Password"; return(false); } if (string.IsNullOrEmpty(newPass) || string.IsNullOrEmpty(newPass.Trim())) { message = "Please Enter New Password"; return(false); } if (string.IsNullOrEmpty(newPassConfirm) || string.IsNullOrEmpty(newPassConfirm.Trim())) { message = "Please Enter Confirmed New Password"; return(false); } if (!newPass.Trim().Equals(newPassConfirm, StringComparison.CurrentCultureIgnoreCase)) { message = "Please confirm new password"; return(false); } if (!PasswordManager.IsPasswordComplex(newPass)) { message = "Password must be a combination of at least 1 digit, 1 upper case letter, 1 lower case letter, 1 symbol and length of at least 8"; return(false); } var existingUser = IsAuthenticated(user.Username, oldPass, out message); if (existingUser == null) { message = "Invalid Password"; return(false); } SecureString newPassHash = PasswordManager.CreateHash(newPass, user.PasswordSalt); using (var unitOfWork = CreateUnitOfWork()) { try { unitOfWork.Users.Get(user.PHSUserID).Password = PasswordManager.SecureStringToString(newPassHash); unitOfWork.Users.Get(user.PHSUserID).UsingTempPW = false; unitOfWork.Users.Get(user.PHSUserID).UpdatedDateTime = DateTime.Now; unitOfWork.Complete(); return(true); } catch (Exception ex) { ExceptionLog(ex); message = "Operation failed during saving Password. Please contact system admin"; return(false); } } }
// radi remember me user kuki - stavlja username i HASH PWD-a private void AddRememberMeUserCookieIfChecked(string userName, string password) { if (cbRemeberMe.Checked) { HttpCookie kuki = new HttpCookie("RememberMeUser"); kuki.Expires = DateTime.Now.AddYears(1); string kukiValue = $"{userName}{DELIMITER}{PasswordManager.CreateHash(password)}"; kuki.Value = kukiValue; Response.Cookies.Add(kuki); } }
public void Post([FromBody] UserDto userDto) { if (userDto != null) { try { var encryptedPassword = PasswordManager.CreateHash(userDto.Password); IUserBo userBo = new UserBo(); if (userBo.Save(userDto.Username, encryptedPassword, userDto.Email, userDto.DomainId, userDto.RoleId)) { var verCode = AccountVerification.GenerateVerificationCode(); if (userBo.SaveVerificationCode(verCode, userDto.Username)) { try { EmailManager.SendEmail(userDto.Email, AccountVerification.SignUpConfirmationSubject, AccountVerification.GetVerificationMessage(verCode)); } catch (Exception exception) { var message = new HttpResponseMessage(HttpStatusCode.ServiceUnavailable) { Content = new StringContent("Error Sending Verification Email") }; Logger.Error("API LAYER: ERROR IN CLASS: UserController, METHOD: POST =>> EXCEPTION MESSAGE: " + exception.Message); throw new HttpResponseException(message); } } } } catch (Exception exception) { var message = new HttpResponseMessage(HttpStatusCode.ServiceUnavailable) { Content = new StringContent(exception.Message) }; Logger.Error("API LAYER: ERROR IN CLASS: UserController, METHOD: POST =>> EXCEPTION MESSAGE: " + exception.Message); throw new HttpResponseException(message); } } else { throw new HttpResponseException(HttpStatusCode.BadRequest); } }
// --- LOGIN FORMA - postoji li user s tim podacima protected void btnLogin_Click(object sender, EventArgs e) { string userName = txtEmail.Text; string password = txtPassword.Text; // provjeri je li ALFA MATER user ADMIN :) if (LoginIsApplicationAdmin(userName, PasswordManager.CreateHash(password))) { AddRememberMeUserCookieIfChecked(userName, password); RedirectSuccessfulLogin(Application["ApplicationAdmin"] as User); } // traži iz DataManagera tog usera else if (LoginIsRegisteredUser(userName, PasswordManager.CreateHash(password))) { AddRememberMeUserCookieIfChecked(userName, password); RedirectSuccessfulLogin(DataManager.GetUserByEmail(userName)); } // ak nije našao iz DataManagera else { lblNoUser.Visible = true; txtEmail.Focus(); } }
public bool ResetPassword(PHSUser loginUser, String[] selectedusers, string tempPW, out string message) { message = string.Empty; if (selectedusers == null || selectedusers.Length == 0) { message = "No Selection made!"; return(false); } //try { //using (var unitOfWork = CreateUnitOfWork()) { //using (TransactionScope scope = new TransactionScope()) { foreach (var username in selectedusers) { var userToUpdate = GetUserByUserName(username.ToString(), out message); if (userToUpdate == null) { return(false); } if (userToUpdate.PasswordSalt == "") { userToUpdate.PasswordSalt = PasswordManager.GenerateSalt(); } SecureString newPassHash = PasswordManager.CreateHash(tempPW, userToUpdate.PasswordSalt); userToUpdate.Password = PasswordManager.SecureStringToString(newPassHash); userToUpdate.UsingTempPW = true; userToUpdate.UpdatedDateTime = DateTime.Now; userToUpdate.UpdatedBy = loginUser.Username; if (!UpdateUser(loginUser, userToUpdate, out message)) { return(false); } //var user = GetUserByUserName(username.ToString(), out message); //var userToUpdate = unitOfWork.Users.Get(user.PHSUserID); //Util.CopyNonNullProperty(user, userToUpdate); //if (userToUpdate.PasswordSalt == "") // userToUpdate.PasswordSalt = PasswordManager.GenerateSalt(); //SecureString newPassHash = PasswordManager.CreateHash(tempPW, userToUpdate.PasswordSalt); //userToUpdate.Password = PasswordManager.SecureStringToString(newPassHash); //userToUpdate.UsingTempPW = true; //userToUpdate.UpdatedDateTime = DateTime.Now; //userToUpdate.UpdatedBy = loginUser.Username; } //unitOfWork.Complete(); //scope.Complete(); } } return(true); } //catch(Exception ex) //{ // ExceptionLog(ex); // message = "Operation failed during reset Password."; // return false; //} }
static void Main(string[] args) { var rand = new Random(); Console.WriteLine("Check DB exists..."); if (Database.Exists("BookStoreDb")) { Console.WriteLine("DB exists. Deleting..."); Database.Delete("BookStoreDb"); } else { Console.WriteLine("DB does not exist. Skip deleting."); } using (var db = new Db()) { Console.WriteLine("Creating DB.."); object tmp = db.Users.ToArray(); Console.WriteLine("Branches.."); var br1 = new Branch() { Address = "Mira prospect, 11 - 21", Name = "Booko na Mira" }; var br2 = new Branch() { Address = "Ulica Vzletnaya, 22", Name = "Booko na Vzletke" }; db.Branches.Add(br1); db.Branches.Add(br2); db.SaveChanges(); Console.WriteLine("Creating employees and users.."); var admin = new Employee { Branch = br1, FirstName = "Admin", MiddleName = "Admin", LastName = "Admin", User = new User() { LastLoginTime = DateTime.Now, Login = "******", Password = PasswordManager.CreateHash("admin"), Role = Role.Admin } }; var ivanov = new Employee { Branch = br1, FirstName = "Ivan", MiddleName = "Ivanovich", LastName = "Ivanov", User = new User() { LastLoginTime = DateTime.Now, Login = "******", Password = PasswordManager.CreateHash("iii"), Role = Role.User } }; var petrov = new Employee { Branch = br2, FirstName = "Petr", MiddleName = "Petrovich", LastName = "Petrov", User = new User() { LastLoginTime = DateTime.Now, Login = "******", Password = PasswordManager.CreateHash("ppp"), Role = Role.User } }; var sidorov = new Employee { Branch = br2, FirstName = "Sidor", MiddleName = "Sidorovich", LastName = "Sidorov", User = null }; db.Employees.Add(admin); db.Employees.Add(ivanov); db.Employees.Add(petrov); db.Employees.Add(sidorov); db.SaveChanges(); Console.WriteLine("Customers.."); var customers = JsonConvert.DeserializeObject <List <Customer> >(File.ReadAllText("Customers.json")); customers.ForEach(c => db.Customers.Add(c)); db.SaveChanges(); Console.WriteLine("Book categories.."); var fantasy = new BookCategory { Name = "Fantasy" }; var detective = new BookCategory { Name = "Detective" }; var scienceFiction = new BookCategory { Name = "Science Fiction" }; var novel = new BookCategory { Name = "Novel" }; db.BookCategories.Add(fantasy); db.BookCategories.Add(detective); db.BookCategories.Add(scienceFiction); db.BookCategories.Add(novel); db.SaveChanges(); Console.WriteLine("Writers.."); var writers = JsonConvert.DeserializeObject <List <Writer> >(File.ReadAllText("Writers.json")); writers.ForEach(w => db.Writers.Add(w)); db.SaveChanges(); Console.WriteLine("Books.."); int k = 0; foreach (BookCategory bookCategory in db.BookCategories) { for (int i = 0; i < 10; i++) { var book = new Book { Category = bookCategory, ISBN = (100 + k) + "-1477827" + (100 + k), Price = rand.Next(10000, 100000) / 100.0M, PublishYear = rand.Next(1990, 2015), Title = Titles.List[k], Writers = Enumerable.Range(1, k % 3 + 1) .Select(@int => writers[k + @int]) .ToList(), Amounts = new List <BookAmount> { new BookAmount { Branch = br1, Amount = 10, }, new BookAmount { Branch = br2, Amount = 10, } } }; db.Books.Add(book); k++; } } db.SaveChanges(); Console.WriteLine("Done"); } }