public IActionResult AdminLogin(ADMINMast ADMINMast)
{
var UserName = _dbContext.ADMINMast.FirstOrDefault(a => a.UserName == a.UserName);
if (UserName == null)
{
return(StatusCode(StatusCodes.Status404NotFound));
}
var hashedPassword = UserName.Password;
if (!SecurePasswordHasherHelper.Verify(ADMINMast.Password, hashedPassword))
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, ADMINMast.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Name, ADMINMast.UserName),
};
var token = _auth.GenerateAccessToken(claims);
return(new ObjectResult(new
{
access_token = token.AccessToken,
token_type = token.TokenType,
Admin_Id = ADMINMast.AdminID,
user_name = ADMINMast.UserName,
expires_in = token.ExpiresIn,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
}));
}
public IActionResult Login([FromBody] User user)
{
var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email);
if (userEmail == null)
{
return(NotFound());
}
if (!SecurePasswordHasherHelper.Verify(user.Password, userEmail.Password))
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Role, userEmail.Role)
};
var token = _auth.GenerateAccessToken(claims);
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_id = userEmail.Id
}));
}
public ActionResult Login(UserDTO userDTO, string ReturnUrl)
{
UserDTO userDetails = utilisateurLogic.GetUserByMail(userDTO.Email);
if (userDetails == null)
{
userDTO.LoginErrorMessage = "Aucun compte n'a été trouvé avec cette addresse";
return(View("Login", userDTO));
}
else if (SecurePasswordHasherHelper.Verify(userDTO.Password, userDetails.Password) == false)
{
userDTO.LoginErrorMessage = "Vérifiez vos identifiants";
return(View("Login", userDTO));
}
else
{
Session["userID"] = userDetails.Id;
Session["firstname"] = userDetails.Firstname;
Session["lastName"] = userDetails.Lastname;
Session["userJob"] = userDetails.Job;
Session["notifs"] = notifLogic.ListAllForUser(userDetails.Id).FindAll(n => n.IsRead == 0).Count;
FormsAuthentication.SetAuthCookie(userDetails.Email, false);
return(Redirect("/"));
}
}
public IActionResult Login([Bind("UserId", "Email", "Password")] UserModel login)
{
if (login.Email == null || login.Password == null)
{
return(View());
}
string Email = login.Email;
//find user in database
var user = new_db.findUser(Email);
if (user == null)
{
return(View("Register"));
}
string userPassword = user.Password;
if (SecurePasswordHasherHelper.Verify(login.Password, userPassword))
{
HttpContext.Session.SetInt32("ID", user.UserId);
sessionState = true;
admin = user.Admin;
userId = user.UserId;
//Console.WriteLine("id" + user.UserId);
return(Redirect("../Home/"));
}
return(View());
}
public async Task <IActionResult> Register([FromBody] CreateUserDto user)
{
try
{
if (await IsAnotherUserHasMyEmail(user.Email))
{
return(BadRequest($"{user.Email} is already used!"));
}
var userMapped = _mapper.Map <User>(user);
userMapped.Role = GetDefaultUserRole();
userMapped.Password = SecurePasswordHasherHelper.Hash(userMapped.Password);
await _cinemaDbContext.User.AddAsync(userMapped);
await _cinemaDbContext.SaveChangesAsync();
return(Created(HttpContext.Request.Path, user));
}
catch (Exception x)
{
return(BadRequest(x.InnerException?.Message ?? x.Message));
}
}
public IActionResult Login([FromBody] Usuario usuario)
{
var usuarioEmail = _dashboardDbContext.Usuarios.FirstOrDefault(u => u.Email == usuario.Email);
if (usuarioEmail == null)
{
return(NotFound());
}
if (!SecurePasswordHasherHelper.Verify(usuario.Senha, usuarioEmail.Senha))
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, usuario.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, usuario.Email),
new Claim(ClaimTypes.Name, usuario.Email),
};
var token = _auth.GenerateAccessToken(claims);
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_id = usuarioEmail.Id,
user_name = usuarioEmail.Nome,
user_email = usuario.Email,
}));
}
public IActionResult Login([FromBody] Usuario usuario)
{
//usando o LINQ para fazer a consulta no email do usuário
var userEmail = _svtaDbContext.Usuarios.FirstOrDefault(u => u.Email == usuario.Email);
if (userEmail == null)
{
return(NotFound());
}
//verifica se o hash na senha do usuario é falso
if (!SecurePasswordHasherHelper.Verify(usuario.Senha, userEmail.Senha))
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Email, usuario.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Email, usuario.Email),
};
var token = _auth.GenerateAccessToken(claims);
//conteúdo que será retorno ao fazermos nossa requisição da API, essa requisições serão utilizadas no projeto do app para exibir nome do usuário
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_id = userEmail.Id,
user_nome = userEmail.Nome,
user_email = userEmail.Email
}));
}
public void SecurePasswordHasherHelper_Verify_NotSupportedExceptionWasThrown_Fail()
{
Assert.Throws <NotSupportedException>(() =>
{
SecurePasswordHasherHelper.Verify("test", "test");
});
}
public /*async Task<IActionResult>*/ IActionResult Login(User objUser)
{
User user = null;
if (ModelState.IsValid)
{
// var obj = _context.Where(a => a.UserName.Equals(objUser.UserName) && a.Password.Equals(objUser.Password)).FirstOrDefault();
if (use_test_repository)
{
foreach (User item in _repository.GetAllItems())
{
if (item.username == objUser.username)
{
user = item;
}
}
}
else
{
user = /*await*/ _context.User.FirstOrDefault/*Async*/ (m => m.username == objUser.username);
}
if (user != null)
{
if (SecurePasswordHasherHelper.Verify(objUser.encrypted_password, user.encrypted_password))
{
logged_user = user;
return(RedirectToAction("Dashboard", logged_user));// new User(user.name,user.username,user.encrypted_password));
}
}
}
return(View("Login", objUser));
}
public IActionResult Registro([FromBody] Usuario usuario)
{
var userWithSameEmail = _dashboardDbContext.Usuarios.Where(u => u.Email == usuario.Email).SingleOrDefault();
if (userWithSameEmail != null)
{
return(BadRequest("Um usuário com o mesmo email já existe"));
}
if (usuario.Senha != usuario.ConfirmarSenha)
{
return(BadRequest("Senhas não são iguais."));
}
var usuarioObj = new Usuario()
{
Nome = usuario.Nome,
Sobrenome = usuario.Sobrenome,
Telefone = usuario.Telefone,
Endereco = usuario.Endereco,
Email = usuario.Email,
DataNascimento = usuario.DataNascimento,
DataInclusao = DateTime.Now,
Senha = SecurePasswordHasherHelper.Hash(usuario.Senha),
ConfirmarSenha = SecurePasswordHasherHelper.Hash(usuario.ConfirmarSenha),
Status = '1'
};
_dashboardDbContext.Usuarios.Add(usuarioObj);
_dashboardDbContext.SaveChanges();
return(StatusCode(StatusCodes.Status201Created));
}
public async Task <IActionResult> Login(User user)
{
var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email);
if (userEmail == null)
{
return(StatusCode(StatusCodes.Status404NotFound));
}
var hashedPassword = userEmail.Password;
if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword))
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(ClaimTypes.Name, user.Email)
};
var token = _auth.GenerateAccessToken(claims);
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_Id = userEmail.Id
}));
}
public IActionResult ChangePassword(ChangePasswordModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value;
var user = _dbContext.Users.FirstOrDefault(u => u.Email == userEmail);
if (user == null)
{
return(NotFound());
}
var hashedPassword = user.Password;
if (!SecurePasswordHasherHelper.Verify(model.OldPassword, hashedPassword))
{
return(BadRequest("You can't change the password"));
}
user.Password = SecurePasswordHasherHelper.Hash(model.NewPassword);
_dbContext.SaveChanges();
return(Ok("Your password has been changed"));
}
/// <summary>
///
/// </summary>
/// <param name="userDTO"></param>
public void UpdatePasswordByMail(UserDTO userDTO)
{
if (userDTO.Password == userDTO.confirmPassword)
{
utilisateurEngine.UpdatePasswordByMail(SecurePasswordHasherHelper.Hash(userDTO.Password), userDTO.Email);
}
}
public async Task CreateTenant(CreateTenantDto input)
{
var hashedPassword = SecurePasswordHasherHelper.Hash(input.Password);
var user = new Tenant
{
TenantName = input.TenantName,
Address = input.Address,
IsPremium = input.IsPremium,
PhoneNumber = input.PhoneNumber,
PhoneNumber2 = input.PhoneNumber2,
Password = hashedPassword,
Email = input.Email,
AboutUs = input.AboutUs,
Title = input.Title,
LocationId = input.LocationId,
};
if (input.LogoFile != null)
{
var logoPath = await _blobService.InsertFile(input.LogoFile);
user.LogoPath = logoPath;
}
await _tenantRepository.AddAsync(user);
}
public IActionResult Login([FromBody] LoginUserResource loginUserResource)
{
var user = mapper.Map <LoginUserResource, User>(loginUserResource);
var userEmail = unitOfWork.Accounts.FindUserByEmail(user.Email);
if (userEmail == null)
{
return(NotFound(new ApiResponse(404, "User not found")));
}
var hashedPassword = userEmail.Password;
if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword))
{
return(Unauthorized(new ApiResponse(401, "Username or password don't match")));
}
var token = unitOfWork.Accounts.Login(user, _auth);
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_Id = userEmail.Id,
user_name = userEmail.Name,
user_image = userEmail.ImageUrl
}));
}
public static async Task <object> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)]
HttpRequestMessage req, ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
string token = req.Headers.Authorization.ToString();
if (!AuthorizationHelper.Authorized(token, new string[] { Role.Manager }))
{
return(req.CreateResponse(HttpStatusCode.BadRequest, "Unauthorized!"));
}
//We retrieve the userName field, which comes as a parameter to the function, by deserializing req.Content.
string jsonContent = await req.Content.ReadAsStringAsync();
dynamic data = JsonConvert.DeserializeObject(jsonContent);
string email = data.email;
string Firstname = data.Firstname;
string Lastname = data.Lastname;
string Position = data.Position;
string Password = data.Password;
string branchID = data.branchID;
string CompanyID = data.CompanyID;
Password = SecurePasswordHasherHelper.Hash(Password);
//If there is no username, we return the error message.
try
{
//We get the Connection String in the Function App Settings section we defined.
var str = Environment.GetEnvironmentVariable("sqldb_connection");
int modified;
using (SqlConnection connection = new SqlConnection(str))
{
string text = @"INSERT INTO Users (email, Firstname, Lastname, Position, branchID, PasswordHash, Role, CompanyID) " +
"OUTPUT INSERTED.UserID " +
"VALUES (@email, @Firstname, @Lastname, @Position, @branchID, @PasswordHash, @Role, @CompanyID);";
SqlCommand command = new SqlCommand(text, connection);
command.Parameters.AddWithValue("@email", email);
command.Parameters.AddWithValue("@Firstname", Firstname);
command.Parameters.AddWithValue("@Lastname", Lastname);
command.Parameters.AddWithValue("@Position", Position);
command.Parameters.AddWithValue("@branchID", branchID);
command.Parameters.AddWithValue("@PasswordHash", Password);
command.Parameters.AddWithValue("@Role", Role.Employee);
command.Parameters.AddWithValue("@CompanyID", CompanyID);
connection.Open();
modified = (int)command.ExecuteScalar();
connection.Close();
}
return(req.CreateResponse(HttpStatusCode.OK, modified));
}
catch
{
return(req.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong!"));
}
}
public void SecurePasswordHasherHelper_Hash_PasswordHashed_Success()
{
const string password = "******";
var hash = SecurePasswordHasherHelper.Hash(password);
Assert.NotEqual(password, hash);
}
public static bool PasswordMatch(string DBPass, string Pass)
{
if (SecurePasswordHasherHelper.Verify(Pass, DBPass))
{
return(true);
}
return(false);
}
public Account(string email, string password)
{
Id = Guid.NewGuid();
Email = email;
HashedPassword = SecurePasswordHasherHelper.Hash(password);
CreatedAt = DateTime.UtcNow;
UpdatedAt = DateTime.UtcNow;
}
public async Task <bool> Login(LoginDto input)
{
var user = await _userRepository.GetAll()
.FirstOrDefaultAsync(x => x.Username == input.Username);
if (user == null)
{
return(false);
}
var decodedPassword = SecurePasswordHasherHelper.Verify(input.Password, user.Password);
return(decodedPassword);
}
public IActionResult Put(int id, [FromBody] User user)
{
var entity = _dbContext.Users.Find(id);
if (entity == null)
{
return(NotFound("Usuário não enconrado !"));
}
entity.Name = user.Name;
entity.Email = user.Email;
entity.Password = SecurePasswordHasherHelper.Hash(user.Password);
//Atualiza e salva o novo usuário ao banco de dados e retorna o StatusCode201Created.
_dbContext.SaveChanges();
return(Ok("Usuário atualizado com sucesso !"));
}
public IActionResult Register([FromBody] User user)
{
var userWithSameEmail = _dbContext.Users.FirstOrDefault(x => x.Email == user.Email);
if (userWithSameEmail != null)
{
return(BadRequest("User with same email already exists"));
}
user.Password = SecurePasswordHasherHelper.Hash(user.Password);
user.Role = "Users";
_dbContext.Users.Add(user);
_dbContext.SaveChanges();
return(StatusCode(StatusCodes.Status201Created));
}
public IActionResult RegisterMember([Bind("UserId", "Email", "FullName", "Password", "Role")]UserModel register)
{
if (/* ModelState.IsValid && */!UserModel.EmailExists(register.Email, _db))
{
//create
string hashed_password = SecurePasswordHasherHelper.Hash(register.Password);
register.Password = hashed_password;
_db.Users.Add(register);
_db.SaveChanges();
return Redirect("../Home/");
}
return View(register);
}
public ActionResult UpdateUser(
int id, string lastname, string firstname, string idCompany,
string mail, string phone, string[] selectRole, string job
)
{
if (id != -1)
{
UserDTO user = new UserDTO();
user.Id = id;
user.Lastname = lastname;
user.Firstname = firstname;
int resCompany = 0;
Int32.TryParse(idCompany, out resCompany);
user.Id_Company = resCompany;
user.Email = mail;
int resRole = 0;
user.Phone_Number = phone;
user.Job = job;
user.Password = SecurePasswordHasherHelper.Hash("Motdepasse1");
user.Is_Active = 1;
user.Note = "";
user.Is_Address_Private = 1;
Tuple <Boolean, String> res = this.isFormValid(lastname, firstname, idCompany, mail, phone, selectRole.GetValue(0).ToString(), job);
if (res.Item1)
{
userLogic.Update(user);
userLogic.RemoveAllUserRole(userLogic.Get(user.Id));
foreach (string idRole in selectRole)
{
Int32.TryParse(idRole, out resRole);
roleLogic.Add_User_Role(userLogic.GetUserByMail(user.Email).Id, resRole);
}
TempData["SuccessModal"] = "Utilisateur " + user.Lastname + " " + user.Firstname + " modifié avec succès";
}
else
{
TempData["userToEdit"] = id;
TempData["FormError"] = res.Item2;
}
}
return(RedirectToAction("Index"));
}
public async Task <IActionResult> CompanyRegister(CompanyRegisterModel model)
{
if (ModelState.IsValid)
{
var name = model.CompanyEmail;
var pass = model.CompanyPassword;
var confirmPass = model.CompanyConfirmPassword;
string hashed_password = SecurePasswordHasherHelper.Hash(pass);
connect = new ConnDatabase();
connect.sqlQuery("INSERT INTO Company (CompanyEmail, CompanyPassword) Values('" + name + "', '" + hashed_password + "')");
connect.NonExecute();
}
return(View(model));
}
public IActionResult Register([Bind("UserId", "Email", "FullName", "Password", "Admin")] UserModel register)
{
if (ModelState.IsValid) //&& !UserModel.EmailExists(register.Email, _db))
{
//create
string hashed_password = SecurePasswordHasherHelper.Hash(register.Password);
register.Password = hashed_password;
new_db.addUser(register);
/* _db.Users.Add(register);
* _db.SaveChanges(); */
return(Redirect("Login"));
}
return(View("Register", register));
}
public IActionResult TrocarSenha([FromBody] ChangePasswordModel changepasswordModel)
{
var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
var user = _dashboardDbContext.Usuarios.FirstOrDefault(u => u.Email == userEmail);
if (user == null)
{
return(NotFound());
}
if (!SecurePasswordHasherHelper.Verify(changepasswordModel.OldPassword, user.Senha))
{
return(Unauthorized("Me desculpe você não pode alterar sua senha"));
}
user.Senha = SecurePasswordHasherHelper.Hash(changepasswordModel.NewPassword);
_dashboardDbContext.SaveChanges();
return(Ok("Sua senha foi alterada com sucesso!"));
}
public async Task <bool> ResetPassword(ResetPasswordDto input)
{
var user = await _userRepository.GetAll().Where(x =>
x.EmailAddress == input.EmailAddress && x.ResetPasswordCode == input.ResetCode)
.FirstOrDefaultAsync();
if (user == null)
{
throw new Exception("Böyle bir işlem yok");
}
var hashedPassword = SecurePasswordHasherHelper.Hash(input.NewPassword);
user.Password = hashedPassword;
await _userRepository.UpdateAsync(user);
return(true);
}
public IActionResult ChangePassword([FromBody] ChangePasswordModel changePasswordModel)
{
var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
var user = _cWheelsDbContext.Users.FirstOrDefault(u => u.Email == userEmail);
if (user == null)
{
return(NotFound());
}
if (!SecurePasswordHasherHelper.Verify(changePasswordModel.OldPassword, user.Password))
{
return(Unauthorized("Sorry you can't change the password"));
}
user.Password = SecurePasswordHasherHelper.Hash(changePasswordModel.NewPassword);
_cWheelsDbContext.SaveChanges();
return(Ok("Your password has been changed"));
}
public async Task <IActionResult> Login(User objUser)
{
if (ModelState.IsValid)
{
var user = await _context.User.FirstOrDefaultAsync(m => m.username == objUser.username);
if (user != null)
{
if (SecurePasswordHasherHelper.Verify(objUser.encrypted_password, user.encrypted_password))
{
logged_user = user;
}
return(RedirectToAction("Dashboard", logged_user));
}
}
ViewBag.Message = string.Format("Incorrect username or password");
return(View("Login", objUser));
}
