//----------------------
// 已经登录了的用户修改密码
public async Task <bool> UpdatePwd(long?userId, string oldPwd, string pwd)
{
var user = dataContext.User.Where(b => b.UserId == userId).First();
IPasswordStore passwordStore = passwordStoreFactory.Instance(user);
//验证旧密码
var vd = passwordStore.VerifyPassword(user.Pwd.Base64ToByteArray(), oldPwd.Base64ToByteArray(), user.Salt.Base64ToByteArray(), user.PasswordHashIterations);
if (!vd)
{
return(vd);
}
//产生新的盐
var salt = RandomTool.CreatSafeSaltByteArray(16);
passwordStore = passwordStoreFactory.Instance(Config.SecurityConfig);
//更新用户生成密码哈希的安全策略
user.PasswordDegreeOfParallelism = Config.SecurityConfig.PasswordStoreDegreeOfParallelism;
user.PasswordHashAlgorithm = Config.SecurityConfig.PasswordHashAlgorithm;
user.PasswordHashIterations = Config.SecurityConfig.PasswordHashIterations;
user.PasswordMemorySize = Config.SecurityConfig.PasswordStoreMemorySize;
//更新盐
user.Salt = salt.ByteArrayToBase64();
//生成新的密码哈希
user.Pwd = (passwordStore.Encryption(pwd.Base64ToByteArray(), salt, user.PasswordHashIterations)).ByteArrayToBase64();
if (this.Config.SecurityConfig.LogNeedHmac)
{
//计算hmac
user.AddMac(this.cryptographyProvider);
}
return(dataContext.SaveChanges() > 0);
}
// 注册
/*
* 注册 [email protected] userId = "5368c1aa99c37b029d000001"
* 添加 在博客上添加一篇欢迎note, note1 5368c1b919807a6f95000000
*
* 将nk1(只读), nk2(可写) 分享给该用户
* 将note1 复制到用户的生活nk上
*/
// 1. 添加用户
// 2. 将leanote共享给我
// [ok]
public async Task <bool> Register(string email, string pwd, long?fromUserId)
{
email = email.ToLower();//邮箱保存时全部使用小写形式
var Msg = "";
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(pwd) || pwd.Length < 6)
{
Msg = "参数错误";
return(false);
}
if (UserService.IsExistsUser(email))
{
Msg = "userHasBeenRegistered-" + email;
return(false);
}
//产生一个盐用于保存密码
var salt = RandomTool.CreatSafeSaltByteArray(16);
var passwordStore = passwordStoreFactory.Instance(config.SecurityConfig);
//对用户密码做哈希运算
string genPass = (passwordStore.Encryption(pwd.Base64ToByteArray(), salt, config.SecurityConfig.PasswordHashIterations)).ByteArrayToBase64();
if (string.IsNullOrEmpty(genPass))
{
Msg = "密码处理过程出现错误";
return(false);
}
var userId = idGenerator.NextId();
//生成一个新用户
User user = new User()
{
UserId = userId,
Email = email,
Username = userId.ToHex(),
UsernameRaw = userId.ToHex(),
PasswordHashIterations = config.SecurityConfig.PasswordHashIterations,//加密强度=1
PasswordDegreeOfParallelism = config.SecurityConfig.PasswordStoreDegreeOfParallelism,
PasswordMemorySize = config.SecurityConfig.PasswordStoreMemorySize,
Pwd = genPass,
PasswordHashAlgorithm = config.SecurityConfig.PasswordHashAlgorithm,
Salt = salt.ByteArrayToBase64(),
FromUserId = fromUserId,
Role = "User",
NotebookWidth = 160,
NoteListWidth = 384,
MdEditorWidth = 621,
LeftIsMin = false,
Verified = false,
Usn = 1
};
if (user.Email.Equals("*****@*****.**"))
{
user.Role = "Admin";
}
if (Register(user))
{
Msg = "注册成功";
return(true);
}
else
{
Msg = "注册失败";
return(false);
}
}