public Task InsertCredentials(UserCredentialsModel credentials) { const string query = @"INSERT INTO MedPractice.usercredentials(username, password) VALUES(@UserName, @Password)"; return(_dataAccess.SaveData(query, credentials)); }
public async Task <IActionResult> SignIn([FromBody] UserCredentialsModel user) { string userName = user.UserName; string password = user.Password; return(await this.exceptionHandler.SendResponse(this, authentication.SignIn(userName, password))); }
public async Task GetToken([FromBody] UserCredentialsModel credentials) { try { //var token = await _authenticationSerivce.GetToken(credentials.Username, credentials.Password); var token = await _authenticationSerivce.GetTokenAsync(); if (!string.IsNullOrEmpty(token)) { Response.StatusCode = (int)HttpStatusCode.OK; var response = new { id_token = token, }; await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented })); } else { Response.StatusCode = (int)HttpStatusCode.Unauthorized; } } catch (Exception ex) { HandleException(ex); } }
public async Task <IActionResult> GetToken([FromBody] UserCredentialsModel model) { var user = await _authenticationService.AuthenticateAsync(model.Username, model.Password); if (user == null) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim("name", user.DisplayName), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes((string)Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(Issuer, Issuer, claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); }
public async Task <IActionResult> Login([Bind] UserCredentialsModel userCredentialsModel) { if (ModelState.IsValid) { string uri = $"{_configOptions.ApiBaseUrl}/api/AccountApi/AuthenticateUser"; string LoginStatus = await _httpHelper.PostAsync <UserCredentialsModel, string>(uri, userCredentialsModel); if (LoginStatus == "success") { var claims = new List <Claim> { new Claim(ClaimTypes.Name, userCredentialsModel.Username) }; ClaimsIdentity userIdentity = new ClaimsIdentity(claims, "login"); ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity); await HttpContext.SignInAsync(principal); return(RedirectToAction("Index", "Home")); } else { TempData["LoginFailure"] = "Login Failed.Please enter correct credentials"; return(View()); } } else { return(View()); } }
public void CreateAccount(UserCredentialsModel userCredentialsModel) { var isUsernameUsed = _userRepository.IsUsernameUsed(userCredentialsModel.Username); if (isUsernameUsed) { throw new ExceptionResourceConflict("Username used"); } var securityQuestions = _securityQuestionRepository.GetAll(); var allQuestionAreAnswered = securityQuestions.AsEnumerable().All( questionDal => userCredentialsModel.SecurityAnswers.Any( answerUI => answerUI.SecurtityQuestion.Question == questionDal.Question)); if (!allQuestionAreAnswered) { throw new ExceptionBusinessNotRespected("Questions not answered."); } var role = _roleRepository.GetById((int)RolesEnum.User); if (role == null) { throw new ExceptionResourceNotFound("Role not in databse."); } userCredentialsModel.Password = PasswordManager.HashPassword(userCredentialsModel.Password); var user = userCredentialsModel.ToUser(role, securityQuestions); _userRepository.Add(user); _userRepository.SaveChanges(); }
public async Task<ActionResult> Login(string userName, string password) { UserCredentialsModel user = null; try { var client = new OAuth2Client(new Uri(tokenEndPointURL), "mymonkeycap", "Nexusdata#1"); await Task.Run(() => { var requestResponse = client.RequestAccessTokenUserName(userName, password, "openid profile offline_access"); var claims = new[] { new Claim("access_token",requestResponse.AccessToken), new Claim("refresh_token", requestResponse.RefreshToken) }; var claimsIdentity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity); }); user = new UserCredentialsModel { Email = userName, IsLoggedIn = true }; } catch (Exception ex) { return Json(ex.Message, JsonRequestBehavior.AllowGet); } return Json(user, JsonRequestBehavior.AllowGet); }
public IHttpActionResult UserCredentialsAreValid( UserCredentialsModel userCredentials) { bool result; try { //// get header value(s) //var authValues = Request.Headers.Authorization; //if (authValues?.Scheme == null || authValues.Parameter == null) //{ // return BadRequest(); //} //if (!authValues.Scheme.Equals(_webConfigContainer.AuthScheme) || // !authValues.Parameter.Equals(_webConfigContainer.ApiKey)) //{ // return Unauthorized(); //} result = _loginServices.ValidateUserCredentials(userCredentials); } catch (Exception oEx) { return(InternalServerError(oEx)); } return(Ok(result)); }
public IHttpActionResult VerifyIvrUserCredentials( IvrUserCredentialsInputModel ivrUserCredentialsInput) { int voterId = 0; //result = _loginServices.ValidateUserCredentials(userCredentials); try { // TODO: check the number of login attempts first! // how this should be set in the client //httpClient.DefaultRequestHeaders.Authorization = // new AuthenticationHeaderValue("Bearer", "Your_token"); var ucm = new UserCredentialsModel { UsernameOrId = ivrUserCredentialsInput.PIN, PasswordOrPin = ivrUserCredentialsInput.SSN, ElectionId = ivrUserCredentialsInput.ElectionID }; _loginServices.ValidateUserCredentials(ucm); voterId = ucm.VoterId; } catch (Exception oEx) { return(InternalServerError(oEx)); } return(Ok(voterId)); }
public Task UpdateCredentials(UserCredentialsModel credentials) { const string query = @"UPDATE MedPractice.usercredentials SET username=@UserName, password=@Password WHERE ID=@Id"; return(_dataAccess.SaveData(query, credentials)); }
public async Task <IdentityResult> Create(UserCredentialsModel model) { var user = new IdentityUser { UserName = model.Email, Email = model.Email }; return(await _userManager.CreateAsync(user, model.Password)); }
public Task <bool> AuthenticateAsync(UserCredentialsModel userCredentials) { // TODO: Implement if (userCredentials?.Username == "admin" && userCredentials.Password == "admin") { _isAuthenticated = true; } return(Task.FromResult(_isAuthenticated)); }
public ActionResult Logout() { Request.GetOwinContext().Authentication.SignOut(); UserCredentialsModel user = new UserCredentialsModel { Email = string.Empty, IsLoggedIn = false }; return Json(user, JsonRequestBehavior.AllowGet); }
public async Task <string> Login(string email, string password) { if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password)) { return(null); } var credentials = new UserCredentialsModel(email, password); Token token; UserModel user; try { token = await _gatewayRepository.ApiAccountsLoginPostAsync(_mapper.Map <UserCredentials>(credentials)); if (token == null || string.IsNullOrEmpty(token.UserId)) { throw new BusinessException(ErrorMessages.unknownUserBodyText); } var tokenModel = _mapper.Map <TokenModel>(token); AppSettings.AccessToken = tokenModel; var entity = await _gatewayRepository.ApiAccountsUsersByIdGetAsync(token.UserId); user = _mapper.Map <UserModel>(entity); AppSettings.CurrentUser = user; if (user == null || string.IsNullOrEmpty(user.Id)) { throw new BusinessException(ErrorMessages.unknownUserBodyText); } try { await SecureStorage.SetAsync(CacheKeys._CurrentUser, JsonConvert.SerializeObject(user)); } catch { _logger.LogInformation("This device AND debug type doesn't support secure storage (probably iOS + Debug on simulator)"); } return(tokenModel.UserId); } catch (ApiException apiExc) { if (apiExc.StatusCode == 401) { throw new BusinessException("Cet utilisateur n'existe pas. Veuillez vous inscrire via la page précédente."); } else { throw new TechnicalException(ErrorMessages.serverErrorText + apiExc.StatusCode); } } }
/// <summary> /// Avoiding having all this code written twice just to change one /// line for the different tests /// </summary> /// <param name="ucm"></param> /// <returns></returns> private bool TestValidateUserCredentials(UserCredentialsModel ucm) { // Arrange var mockElectionsRepo = new Mock <IElectionsRepository>(); mockElectionsRepo.Setup(x => x.GetById(It.IsAny <int>())) .Returns <int>(electionId => { var newElection = new Election(); // this test doesn't care about this. //{ // Id = electionId, // OpenDate = ExpectedOpenDate, // CloseDate = ExpectedCloseDate, // LoginScreenOpenMessage = ExpectedLoginScreenOpenMessage, // LoginScreenCloseMessage = ExpectedLoginScreenCloseMessage, // LoginIdLabelTxt = ExpectedLoginIdLabelTxt, // LoginPinLabelTxt = ExpectedLoginPinLabelTxt, // LandingPageTitle = ExpectedLandingPageTitle, // LandingPageMessage = ExpectedLandingPageMessage //}; return(newElection); }); var mockVotersRepo = new Mock <IVotersRepository>(); //Expression<Func<Voter, bool>> testExpression = expr => (expr.LoginId == "22232222"); //mockVotersRepo.Setup(x => x.Get(It.Is<Expression<Func<Voter, bool>>>( // criteria => Lambda.Eq(criteria, testExpression)))) -- This is only needed if we're comparing the expressions themselves. var testDb = new List <Voter> { new Voter { ElectionId = 1, LoginId = "22222222", LoginPin = "1234" } }; mockVotersRepo.Setup(_ => _.Get(It.IsAny <Expression <Func <Voter, bool> > >())) .Returns((Expression <Func <Voter, bool> > expr) => { var voter = testDb.FirstOrDefault(expr.Compile()); if (voter == null || (voter.LoginId != "22222222" || voter.LoginPin != "1234")) { return(null); } return(voter); }); var loginServices = new LoginServices( mockElectionsRepo.Object, mockVotersRepo.Object); return(loginServices.ValidateUserCredentials(ucm)); }
void CmdOnPlayerReady(UserCredentialsModel model, NetworkInstanceId netId) { hub.DoLogin(model, netId); if (++readyPlayers == hub.Count) { time = 3f; countdownText = "3"; countdownOn = true; } }
public static User ToUser(this UserCredentialsModel userRegisterModel, Role role, IEnumerable <SecurityQuestion> securityQuestions) { return(new User { Username = userRegisterModel.Username, Password = userRegisterModel.Password, Role = role, SecurityAnswers = userRegisterModel.SecurityAnswers.ConvertAndMapSecurityAnswers(securityQuestions) .ToList() }); }
public async Task <object> Register([FromBody] UserCredentialsModel model) { var result = await _userManagementService.Create(model); if (result.Succeeded) { return(_resultManagementService.Result("User registration success.", "200")); } return(_resultManagementService.Result("User registration failed.", "400")); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.TryGetValue("Authorization", out var authorizationValues)) { return(AuthenticateResult.Fail("Missing authorization header")); } if (!AuthenticationHeaderValue.TryParse(authorizationValues.First(), out var parsedAuthorizationValue)) { return(AuthenticateResult.Fail("Invalid authorization header")); } var authenticationScheme = parsedAuthorizationValue.Scheme; if (authenticationScheme != AuthenticationSchemeConstants.BASIC) { return(AuthenticateResult.Fail($"Invalid authentication scheme: '{authenticationScheme}'")); } var authorizationParameter = parsedAuthorizationValue.Parameter.FromBase64ToString(); var userCredentials = authorizationParameter.Split(':'); if (userCredentials.Length != 2 || userCredentials[0] == "" || userCredentials[1] == "") { return(AuthenticateResult.Fail($"Invalid user credentials")); } var userCredentialsModel = new UserCredentialsModel { Login = userCredentials[0], Password = userCredentials[1] }; var areCredentialsValid = await _userService.AreCredentialsValidAsync(userCredentialsModel); if (!areCredentialsValid) { return(AuthenticateResult.Fail($"Invalid user login or password")); } var userClaims = new[] { new Claim(ClaimTypes.Name, userCredentialsModel.Login), new Claim(ClaimTypes.Role, StarsUserRoleConstants.USER), new Claim(ClaimTypes.AuthenticationMethod, authenticationScheme) }; var claimsIdentity = new ClaimsIdentity(userClaims, authenticationScheme); var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); var authenticationTicket = new AuthenticationTicket(claimsPrincipal, authenticationScheme); return(AuthenticateResult.Success(authenticationTicket)); }
public async Task TestAreCredentialsValidAsync_Should_Return_Result(string login, string password) { var userService = _userServiceFixture.CreateUserService(); var userCredentials = new UserCredentialsModel { Login = login, Password = password }; var expectedResult = _userServiceFixture.AreUserCredentialsValid; var actualResult = await userService.AreCredentialsValidAsync(userCredentials); Assert.Equal(expectedResult, actualResult); }
public IActionResult SetUserPassword([FromBody] UserCredentialsModel model) { if (ModelState.IsValid) { if (!String.IsNullOrEmpty(model.Password) && !String.IsNullOrWhiteSpace(model.Password)) { User user = ds.GetUserByEmail(model.Email); if (user != null) { if (!user.IsPasswordSet) { using (var managementClient = new ManagementApiClient()) { try { managementClient.EditUsersPassword(model.Email, model.Password); ds.EditUserPassword(user.Id, model.Email, model.Password); return(new StatusCodeResult(200)); } catch { return(StatusCode(500, "Error occured, please try again")); } } } else { return(BadRequest("The link you clicked on is invalid or has expired. Please contact the administrator.")); } } else { return(NotFound("User not found")); } } else { return(BadRequest("Password field is empty")); } } else { return(BadRequest("Model is wrong")); } }
public async Task <bool> AreCredentialsValidAsync(UserCredentialsModel userCredentialsModel) { var userCredentialsLogText = $"user credentials with login '{userCredentialsModel.Login}'"; _logger.Information($"Checking if {userCredentialsLogText} are valid..."); var vegaConfiguration = _starsConfigurationService.Root.Vega; if (string.IsNullOrEmpty(vegaConfiguration.HostName)) { throw new ConfigurationParameterException("Vega host name is null or empty"); } var uri = $"{vegaConfiguration.HostName}:{vegaConfiguration.Port}"; uri = uri.AddQueryPath(StarsApiConstants.Vega.USER_ACCOUNT_ARE_CREDENTIALS_VALID); var requestDto = new UserAreCredentialsValidRequestDto { Login = userCredentialsModel.Login, PasswordHashBase64 = userCredentialsModel.Password.GetSHA256().ToBase64() }; var requestModel = new HttpRequestModel { Method = HttpMethod.Post, Uri = uri, Body = requestDto }; var response = await _httpService.SendRequestAsync <UserAreCredentialsValidResponseDto>(requestModel); if (!response.IsSuccessful) { throw new InterserviceApiException($"Request to Vega API failed (uri = '{uri}')"); } if (response.Body.AreUserCredentialsValid) { _logger.Information($"Check has been completed, {userCredentialsLogText} are valid"); } else { _logger.Information($"Check has been completed, {userCredentialsLogText} are not valid"); } return(response.Body.AreUserCredentialsValid); }
public async Task <UserCredentialsModel> GetUserDetails(string username) { var userEntity = await userManager.GetByUsername(username); var userModel = new UserCredentialsModel { Username = userEntity.Username, Email = userEntity.Email, Nickname = userEntity.Nickname, FirstName = userEntity.FirstName, LastName = userEntity.LastName, Role = userEntity.Role }; return(userModel); }
public async Task <ActionResult> IndexPost(LoginViewModel loginVm, string returnUrl) { if (!ModelState.IsValid) { // go back and try again loginVm = _uiDependentLoginServices.VotingIsOpenVerification(loginVm); return(View(loginVm)); } var userCredentials = new UserCredentialsModel { ElectionId = Convert.ToInt32(loginVm.ElectionId), UsernameOrId = loginVm.LoginId, PasswordOrPin = loginVm.LoginPin }; // DAL needed here. var userCredentialsValid = await _userCredentialsValidation.ValidateUserCredentialsAsync(userCredentials); if (!userCredentialsValid) { ModelState.AddModelError(string.Empty, "Invalid login attempt. Please try again."); loginVm = _uiDependentLoginServices.VotingIsOpenVerification(loginVm); return(View(loginVm)); } AuthenticationManager.SignOut("ApplicationCookie", "ExternalCookie"); ClaimsIdentity identity = _uiDependentLoginServices.CreateOwinUserIdentity(loginVm); // TODO: Do I need to add a role that all voter's can belong to? // because I thought this signed me in, and yet the [Authorize] on the Landing Controller's Index method is sending me back to the login page. AuthenticationManager.SignIn(identity); // TODO: The UserIp & BrowserAgent fields are used when logging 'this' login attempt to the LoginAttempts table //var landingPgVm = _uiDependentLoginServices.BuildLandingPgViewModel(loginVm); return(await Task.Run <ActionResult>(() => RedirectToAction("Index", "Landing"))); // return View() -- there is no opportunity to give the controller name // which means if I want to go from here, I do have to redirect. }
public async Task <IHttpActionResult> ChangePassword(UserCredentialsModel usermodel) { ApplicationUser user = await UManager.FindByIdAsync(usermodel.Id); if (user == null) { return(NotFound()); } user.PasswordHash = UManager.PasswordHasher.HashPassword(usermodel.Password); var result = await UManager.UpdateAsync(user); if (!result.Succeeded) { //throw exception...... } return(Ok()); }
public void ValidateUserCredentials_ShouldReturn_True() { // Arrange var uc = new UserCredentialsModel { ElectionId = 1, UsernameOrId = "22222222", PasswordOrPin = "1234" }; // Act var result = TestValidateUserCredentials(uc); // Assert Assert.IsInstanceOfType(result, typeof(bool)); Assert.IsTrue(result); }
public async Task <IActionResult> LoginAsync([FromBody] UserCredentialsModel userCredentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var response = await _authenticationService.CreateAccessTokenAsync(userCredentials.EmailAddress, userCredentials.Password); if (!response.Success) { return(BadRequest(response.Message)); } var accessTokenResource = _mapper.Map <AccessToken, TokenResponseModel>(response.Token); return(Ok(accessTokenResource)); }
/// <summary> /// Checks the credentials entered by the user and returns true or /// false based on whether or not those credentials match what's in /// the database. /// <para> /// This method will also hydrate the <c>VoterId</c> field of the /// passed-in <c>UserCredentialsModel</c> if the Voter was found. /// </para> /// </summary> /// <param name="userCredentials"> /// An instance of the <see cref="UserCredentialsModel"/> with its /// </param> /// <returns></returns> public bool ValidateUserCredentials(UserCredentialsModel userCredentials) { var foundVoter = _votersRepo.Get( vtf => vtf.LoginId == userCredentials.UsernameOrId && vtf.LoginPin == userCredentials.PasswordOrPin && vtf.ElectionId == userCredentials.ElectionId); // TODO: LOG THIS Login Attempt! (Doesn't that break SRP?) if (foundVoter == null) { return(false); } userCredentials.VoterId = foundVoter.Id; return(true); }
public async Task <IActionResult> Login([Bind] UserCredentialsModel userCredentialsModel, string returnUrl = "") { if (ModelState.IsValid) { string statusMsg = ""; statusMsg = _accountRepository.AuthenticateUser(userCredentialsModel); if (statusMsg == "success") { var claims = new List <Claim> { new Claim(ClaimTypes.Name, userCredentialsModel.Username) }; ClaimsIdentity userIdentity = new ClaimsIdentity(claims, "login"); ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity); // sign into IDP await HttpContext.SignInAsync(principal); if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { // create JWT for Relying party string jwt = CreateJwtForRelyingParty(userCredentialsModel.Username); HttpContext.Session.SetString("token", jwt); HttpContext.Session.SetString("returnUrl", String.IsNullOrEmpty(returnUrl) ? "" : returnUrl); return(RedirectToAction("Index", "Home", new { redirect = "true" })); } } else { TempData["LoginFailure"] = "Login Failed.Please enter correct credentials"; return(View()); } } else { return(View()); } }
public async Task <object> Login([FromBody] UserCredentialsModel credentials) { var result = await _singInManagementService.Login(credentials.Email, credentials.Password); if (result.Succeeded) { var appUser = _userManagementService.GetByEmail(credentials.Email); if (appUser == null) { return(_resultManagementService.Result("Invalid user.", "400")); } // That's the part when we generate JWT authentication token for user return(_jwtManagement.GenerateJwtToken(appUser.Result)); } return(_resultManagementService.Result("Invalid login attempt.", "400")); }
public Task InsertStaff(StaffModel staffModel, UserCredentialsModel credentialModel) { var query = @"INSERT INTO MedPractice.usercredentials(username, password) VALUES(@UserName, @Password) SET @UserId = SCOPE_IDENTITY() INSERT INTO MedPractice.staff (FirstName, LastName, Address, RoleId, UserId) VALUES (@FirstName, @LastName, @Address, @RoleId, @UserId)"; return(_dataAccess.SaveData(query, new { UserName = credentialModel.UserName, Password = credentialModel.Password, FirstName = staffModel.FirstName, LastName = staffModel.LastName, Address = staffModel.Address, RoleId = staffModel.RoleId, UserId = 0 })); }
public string AuthenticateUser(UserCredentialsModel userCredentials) { string result = ""; using (SqlConnection sqlConnection = new SqlConnection(_connectionString)) { SqlCommand sqlCommand = new SqlCommand("uspAuthenticateUser", sqlConnection) { CommandType = CommandType.StoredProcedure }; sqlCommand.Parameters.AddWithValue("@username", userCredentials.Username); sqlCommand.Parameters.AddWithValue("@password", userCredentials.Password); sqlConnection.Open(); result = sqlCommand.ExecuteScalar().ToString(); sqlConnection.Close(); return(result); } }