public HttpResponseMessage PostLogin([FromBody] UserModel user)
{
var messageModel = new MessageModel();
var foundUser = _userDal.GetUserByUsername(user.Username);
if (foundUser == null)
{
messageModel.Message = "User with given email does not exist";
return(Request.CreateResponse(HttpStatusCode.BadRequest, messageModel));
}
var password = foundUser.Salt + user.Password;
if (foundUser.Password.Equals(SHA512Encrypter.Encrypt(password), StringComparison.OrdinalIgnoreCase))
{
var checkForSession = _userSessionDal.GetAllUserSessions().FirstOrDefault(u => u.UserID == foundUser.Id && u.IsValid) != null;
if (checkForSession)
{
_userSessionDal.SetSessionInvalid(foundUser.Id);
}
_userSessionDal.AddUserSession(foundUser.Id);
messageModel.Authorization =
_userSessionDal.GetAllUserSessions()
.FirstOrDefault(u => u.UserID == foundUser.Id && u.IsValid).Id.ToString();
messageModel.Message = foundUser.IsAdmin ? "Admin" : "User";
return(Request.CreateResponse(HttpStatusCode.OK, messageModel));
}
messageModel.Message = "Password is incorrect";
return(Request.CreateResponse(HttpStatusCode.BadRequest, messageModel));
}
public ActionResult Login(string username, string password)
{
var viewModel = new UserViewModel();
viewModel.Username = username;
using (QuizEntities context = new QuizEntities())
{
context.Database.Exists();
if (context != null)
{
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
viewModel.ErrorMessage = "Incorrect username and/or password!";
return(View(viewModel));
}
var user = _userDal.GetUserByUsername(username);
if (user != null && user.ActivStatus)
{
if (user.Password.Equals(SHA512Encrypter.Encrypt(password), StringComparison.OrdinalIgnoreCase))
{
FormsAuthentication.SetAuthCookie(user.Username, false);
var quizUser = new QuizUser
{
Id = user.Id,
Username = user.Username,
IsAdmin = user.IsAdmin
};
if (!user.IsAdmin)
{
quizUser.TestId = _userTestDal.GetTestIdByUserId(user.Id);
}
this.Session.Add("QuizUser", quizUser);
if (user.IsAdmin)
{
return(RedirectToAction("StartPageAdmin", "Admin"));
}
return(RedirectToAction("StartPage", "Quiz"));
}
}
viewModel.ErrorMessage = "Incorrect username and/or password!";
}
else
{
viewModel.ErrorMessage = "You are not connect to database";
}
}
return(View(viewModel));
}
public async Task <bool> ValidateUserAsync(PersonDto person)
{
var downloader = new HTTP.BlackListVotersDownloader();
var persons = await downloader.GetDisallowedPersonsAsync();
if (persons == null)
{
return(false);
}
var personPesel = SHA512Encrypter.SHA512(person.Pesel);
return(persons.Any(p => SHA512Encrypter.SHA512(p.Pesel) == personPesel) ? false : true);
}
public async Task <bool> ValidateUserFromDatabase(PersonDto person)
{
var personInDb = await Task.Run(
() => DatabaseManager.Instance.GetPerson(SHA512Encrypter.SHA512(person.Pesel)));
if (personInDb == null)
{
return(true);
}
person.Voted = personInDb.Voted;
return(person.Name.ToLower().Trim() == personInDb.Name.ToLower().Trim() &&
person.Surname.ToLower().Trim() == personInDb.Surname.ToLower().Trim());
}
public HttpResponseMessage PostUser([FromBody] UserDataModel userEmail)
{
var isRegistered = _userDal.GetUserByUsername(userEmail.Email) != null;
if (isRegistered)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, new { Message = "User already exists" }));
}
var id = Guid.NewGuid();
var salt = Guid.NewGuid();
var password = SHA512Encrypter.Encrypt(salt + "1234");
_userDal.AddUser(id, userEmail.Email, salt, password, false);
var message = new MailMessage();
var centralEmail = "*****@*****.**";
message.To.Add(new MailAddress(userEmail.Email));
message.From = new MailAddress(centralEmail);
message.Subject = "Quiz Password";
message.Body = "Hello user your password is : 1234";
using (var smtp = new SmtpClient())
{
var credential = new NetworkCredential
{
UserName = centralEmail,
Password = "******"
};
smtp.Credentials = credential;
smtp.Host = "smtp.gmail.com";
smtp.Port = 587;
smtp.EnableSsl = true;
smtp.Send(message);
}
return(Request.CreateResponse(HttpStatusCode.Created));
}
public ActionResult AddUser(UserAdminViewModel model)
{
if (ModelState.IsValid)
{
_userDal.AddUser(model.Username, SHA512Encrypter.Encrypt(model.Password), model.Email);
var userId = _userDal.GetUserByUsername(model.Username).Id;
var tests = _testsDal.GetAllTests();
int testId = 0;
foreach (var test in tests)
{
if (test.Name == model.TestName)
{
testId = test.Id;
}
}
_userTestDal.AddUserTest(userId, testId, false);
return(RedirectToAction("UserAdmin", "AdminUser"));
}
SetView();
return(View("UserAdmin", model));
}
