public Task InsertCredentials(UserCredentialsModel credentials)
{
const string query = @"INSERT INTO MedPractice.usercredentials(username, password)
VALUES(@UserName, @Password)";
return(_dataAccess.SaveData(query, credentials));
}
public async Task <IActionResult> SignIn([FromBody] UserCredentialsModel user)
{
string userName = user.UserName;
string password = user.Password;
return(await this.exceptionHandler.SendResponse(this, authentication.SignIn(userName, password)));
}
public async Task GetToken([FromBody] UserCredentialsModel credentials)
{
try
{
//var token = await _authenticationSerivce.GetToken(credentials.Username, credentials.Password);
var token = await _authenticationSerivce.GetTokenAsync();
if (!string.IsNullOrEmpty(token))
{
Response.StatusCode = (int)HttpStatusCode.OK;
var response = new
{
id_token = token,
};
await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
else
{
Response.StatusCode = (int)HttpStatusCode.Unauthorized;
}
}
catch (Exception ex)
{
HandleException(ex);
}
}
public async Task <IActionResult> GetToken([FromBody] UserCredentialsModel model)
{
var user = await _authenticationService.AuthenticateAsync(model.Username, model.Password);
if (user == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim("name", user.DisplayName),
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes((string)Key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(Issuer,
Issuer,
claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) }));
}
public async Task <IActionResult> Login([Bind] UserCredentialsModel userCredentialsModel)
{
if (ModelState.IsValid)
{
string uri = $"{_configOptions.ApiBaseUrl}/api/AccountApi/AuthenticateUser";
string LoginStatus = await _httpHelper.PostAsync <UserCredentialsModel, string>(uri, userCredentialsModel);
if (LoginStatus == "success")
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, userCredentialsModel.Username)
};
ClaimsIdentity userIdentity = new ClaimsIdentity(claims, "login");
ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity);
await HttpContext.SignInAsync(principal);
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["LoginFailure"] = "Login Failed.Please enter correct credentials";
return(View());
}
}
else
{
return(View());
}
}
public void CreateAccount(UserCredentialsModel userCredentialsModel)
{
var isUsernameUsed = _userRepository.IsUsernameUsed(userCredentialsModel.Username);
if (isUsernameUsed)
{
throw new ExceptionResourceConflict("Username used");
}
var securityQuestions = _securityQuestionRepository.GetAll();
var allQuestionAreAnswered = securityQuestions.AsEnumerable().All(
questionDal => userCredentialsModel.SecurityAnswers.Any(
answerUI => answerUI.SecurtityQuestion.Question == questionDal.Question));
if (!allQuestionAreAnswered)
{
throw new ExceptionBusinessNotRespected("Questions not answered.");
}
var role = _roleRepository.GetById((int)RolesEnum.User);
if (role == null)
{
throw new ExceptionResourceNotFound("Role not in databse.");
}
userCredentialsModel.Password = PasswordManager.HashPassword(userCredentialsModel.Password);
var user = userCredentialsModel.ToUser(role, securityQuestions);
_userRepository.Add(user);
_userRepository.SaveChanges();
}
public async Task<ActionResult> Login(string userName, string password)
{
UserCredentialsModel user = null;
try
{
var client = new OAuth2Client(new Uri(tokenEndPointURL), "mymonkeycap", "Nexusdata#1");
await Task.Run(() =>
{
var requestResponse = client.RequestAccessTokenUserName(userName, password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token",requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
});
user = new UserCredentialsModel
{
Email = userName,
IsLoggedIn = true
};
}
catch (Exception ex)
{
return Json(ex.Message, JsonRequestBehavior.AllowGet);
}
return Json(user, JsonRequestBehavior.AllowGet);
}
public IHttpActionResult UserCredentialsAreValid(
UserCredentialsModel userCredentials)
{
bool result;
try
{
//// get header value(s)
//var authValues = Request.Headers.Authorization;
//if (authValues?.Scheme == null || authValues.Parameter == null)
//{
// return BadRequest();
//}
//if (!authValues.Scheme.Equals(_webConfigContainer.AuthScheme) ||
// !authValues.Parameter.Equals(_webConfigContainer.ApiKey))
//{
// return Unauthorized();
//}
result = _loginServices.ValidateUserCredentials(userCredentials);
}
catch (Exception oEx)
{
return(InternalServerError(oEx));
}
return(Ok(result));
}
public IHttpActionResult VerifyIvrUserCredentials(
IvrUserCredentialsInputModel ivrUserCredentialsInput)
{
int voterId = 0;
//result = _loginServices.ValidateUserCredentials(userCredentials);
try
{
// TODO: check the number of login attempts first!
// how this should be set in the client
//httpClient.DefaultRequestHeaders.Authorization =
// new AuthenticationHeaderValue("Bearer", "Your_token");
var ucm = new UserCredentialsModel
{
UsernameOrId = ivrUserCredentialsInput.PIN,
PasswordOrPin = ivrUserCredentialsInput.SSN,
ElectionId = ivrUserCredentialsInput.ElectionID
};
_loginServices.ValidateUserCredentials(ucm);
voterId = ucm.VoterId;
}
catch (Exception oEx)
{
return(InternalServerError(oEx));
}
return(Ok(voterId));
}
public Task UpdateCredentials(UserCredentialsModel credentials)
{
const string query = @"UPDATE MedPractice.usercredentials
SET username=@UserName, password=@Password
WHERE ID=@Id";
return(_dataAccess.SaveData(query, credentials));
}
public async Task <IdentityResult> Create(UserCredentialsModel model)
{
var user = new IdentityUser
{
UserName = model.Email,
Email = model.Email
};
return(await _userManager.CreateAsync(user, model.Password));
}
public Task <bool> AuthenticateAsync(UserCredentialsModel userCredentials)
{
// TODO: Implement
if (userCredentials?.Username == "admin" && userCredentials.Password == "admin")
{
_isAuthenticated = true;
}
return(Task.FromResult(_isAuthenticated));
}
public ActionResult Logout()
{
Request.GetOwinContext().Authentication.SignOut();
UserCredentialsModel user = new UserCredentialsModel
{
Email = string.Empty,
IsLoggedIn = false
};
return Json(user, JsonRequestBehavior.AllowGet);
}
public async Task <string> Login(string email, string password)
{
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password))
{
return(null);
}
var credentials = new UserCredentialsModel(email, password);
Token token;
UserModel user;
try
{
token = await _gatewayRepository.ApiAccountsLoginPostAsync(_mapper.Map <UserCredentials>(credentials));
if (token == null || string.IsNullOrEmpty(token.UserId))
{
throw new BusinessException(ErrorMessages.unknownUserBodyText);
}
var tokenModel = _mapper.Map <TokenModel>(token);
AppSettings.AccessToken = tokenModel;
var entity = await _gatewayRepository.ApiAccountsUsersByIdGetAsync(token.UserId);
user = _mapper.Map <UserModel>(entity);
AppSettings.CurrentUser = user;
if (user == null || string.IsNullOrEmpty(user.Id))
{
throw new BusinessException(ErrorMessages.unknownUserBodyText);
}
try
{
await SecureStorage.SetAsync(CacheKeys._CurrentUser, JsonConvert.SerializeObject(user));
}
catch
{
_logger.LogInformation("This device AND debug type doesn't support secure storage (probably iOS + Debug on simulator)");
}
return(tokenModel.UserId);
}
catch (ApiException apiExc)
{
if (apiExc.StatusCode == 401)
{
throw new BusinessException("Cet utilisateur n'existe pas. Veuillez vous inscrire via la page précédente.");
}
else
{
throw new TechnicalException(ErrorMessages.serverErrorText + apiExc.StatusCode);
}
}
}
/// <summary>
/// Avoiding having all this code written twice just to change one
/// line for the different tests
/// </summary>
/// <param name="ucm"></param>
/// <returns></returns>
private bool TestValidateUserCredentials(UserCredentialsModel ucm)
{
// Arrange
var mockElectionsRepo = new Mock <IElectionsRepository>();
mockElectionsRepo.Setup(x => x.GetById(It.IsAny <int>()))
.Returns <int>(electionId =>
{
var newElection = new Election(); // this test doesn't care about this.
//{
// Id = electionId,
// OpenDate = ExpectedOpenDate,
// CloseDate = ExpectedCloseDate,
// LoginScreenOpenMessage = ExpectedLoginScreenOpenMessage,
// LoginScreenCloseMessage = ExpectedLoginScreenCloseMessage,
// LoginIdLabelTxt = ExpectedLoginIdLabelTxt,
// LoginPinLabelTxt = ExpectedLoginPinLabelTxt,
// LandingPageTitle = ExpectedLandingPageTitle,
// LandingPageMessage = ExpectedLandingPageMessage
//};
return(newElection);
});
var mockVotersRepo = new Mock <IVotersRepository>();
//Expression<Func<Voter, bool>> testExpression = expr => (expr.LoginId == "22232222");
//mockVotersRepo.Setup(x => x.Get(It.Is<Expression<Func<Voter, bool>>>(
// criteria => Lambda.Eq(criteria, testExpression)))) -- This is only needed if we're comparing the expressions themselves.
var testDb = new List <Voter> {
new Voter {
ElectionId = 1, LoginId = "22222222", LoginPin = "1234"
}
};
mockVotersRepo.Setup(_ => _.Get(It.IsAny <Expression <Func <Voter, bool> > >()))
.Returns((Expression <Func <Voter, bool> > expr) =>
{
var voter = testDb.FirstOrDefault(expr.Compile());
if (voter == null ||
(voter.LoginId != "22222222" || voter.LoginPin != "1234"))
{
return(null);
}
return(voter);
});
var loginServices = new LoginServices(
mockElectionsRepo.Object,
mockVotersRepo.Object);
return(loginServices.ValidateUserCredentials(ucm));
}
void CmdOnPlayerReady(UserCredentialsModel model, NetworkInstanceId netId)
{
hub.DoLogin(model, netId);
if (++readyPlayers == hub.Count)
{
time = 3f;
countdownText = "3";
countdownOn = true;
}
}
public static User ToUser(this UserCredentialsModel userRegisterModel, Role role, IEnumerable <SecurityQuestion> securityQuestions)
{
return(new User
{
Username = userRegisterModel.Username,
Password = userRegisterModel.Password,
Role = role,
SecurityAnswers = userRegisterModel.SecurityAnswers.ConvertAndMapSecurityAnswers(securityQuestions)
.ToList()
});
}
public async Task <object> Register([FromBody] UserCredentialsModel model)
{
var result = await _userManagementService.Create(model);
if (result.Succeeded)
{
return(_resultManagementService.Result("User registration success.", "200"));
}
return(_resultManagementService.Result("User registration failed.", "400"));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.TryGetValue("Authorization", out var authorizationValues))
{
return(AuthenticateResult.Fail("Missing authorization header"));
}
if (!AuthenticationHeaderValue.TryParse(authorizationValues.First(), out var parsedAuthorizationValue))
{
return(AuthenticateResult.Fail("Invalid authorization header"));
}
var authenticationScheme = parsedAuthorizationValue.Scheme;
if (authenticationScheme != AuthenticationSchemeConstants.BASIC)
{
return(AuthenticateResult.Fail($"Invalid authentication scheme: '{authenticationScheme}'"));
}
var authorizationParameter = parsedAuthorizationValue.Parameter.FromBase64ToString();
var userCredentials = authorizationParameter.Split(':');
if (userCredentials.Length != 2 || userCredentials[0] == "" || userCredentials[1] == "")
{
return(AuthenticateResult.Fail($"Invalid user credentials"));
}
var userCredentialsModel = new UserCredentialsModel
{
Login = userCredentials[0],
Password = userCredentials[1]
};
var areCredentialsValid = await _userService.AreCredentialsValidAsync(userCredentialsModel);
if (!areCredentialsValid)
{
return(AuthenticateResult.Fail($"Invalid user login or password"));
}
var userClaims = new[]
{
new Claim(ClaimTypes.Name, userCredentialsModel.Login),
new Claim(ClaimTypes.Role, StarsUserRoleConstants.USER),
new Claim(ClaimTypes.AuthenticationMethod, authenticationScheme)
};
var claimsIdentity = new ClaimsIdentity(userClaims, authenticationScheme);
var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
var authenticationTicket = new AuthenticationTicket(claimsPrincipal, authenticationScheme);
return(AuthenticateResult.Success(authenticationTicket));
}
public async Task TestAreCredentialsValidAsync_Should_Return_Result(string login, string password)
{
var userService = _userServiceFixture.CreateUserService();
var userCredentials = new UserCredentialsModel
{
Login = login,
Password = password
};
var expectedResult = _userServiceFixture.AreUserCredentialsValid;
var actualResult = await userService.AreCredentialsValidAsync(userCredentials);
Assert.Equal(expectedResult, actualResult);
}
public IActionResult SetUserPassword([FromBody] UserCredentialsModel model)
{
if (ModelState.IsValid)
{
if (!String.IsNullOrEmpty(model.Password) &&
!String.IsNullOrWhiteSpace(model.Password))
{
User user = ds.GetUserByEmail(model.Email);
if (user != null)
{
if (!user.IsPasswordSet)
{
using (var managementClient = new ManagementApiClient())
{
try
{
managementClient.EditUsersPassword(model.Email, model.Password);
ds.EditUserPassword(user.Id, model.Email, model.Password);
return(new StatusCodeResult(200));
}
catch
{
return(StatusCode(500, "Error occured, please try again"));
}
}
}
else
{
return(BadRequest("The link you clicked on is invalid or has expired. Please contact the administrator."));
}
}
else
{
return(NotFound("User not found"));
}
}
else
{
return(BadRequest("Password field is empty"));
}
}
else
{
return(BadRequest("Model is wrong"));
}
}
public async Task <bool> AreCredentialsValidAsync(UserCredentialsModel userCredentialsModel)
{
var userCredentialsLogText = $"user credentials with login '{userCredentialsModel.Login}'";
_logger.Information($"Checking if {userCredentialsLogText} are valid...");
var vegaConfiguration = _starsConfigurationService.Root.Vega;
if (string.IsNullOrEmpty(vegaConfiguration.HostName))
{
throw new ConfigurationParameterException("Vega host name is null or empty");
}
var uri = $"{vegaConfiguration.HostName}:{vegaConfiguration.Port}";
uri = uri.AddQueryPath(StarsApiConstants.Vega.USER_ACCOUNT_ARE_CREDENTIALS_VALID);
var requestDto = new UserAreCredentialsValidRequestDto
{
Login = userCredentialsModel.Login,
PasswordHashBase64 = userCredentialsModel.Password.GetSHA256().ToBase64()
};
var requestModel = new HttpRequestModel
{
Method = HttpMethod.Post,
Uri = uri,
Body = requestDto
};
var response = await _httpService.SendRequestAsync <UserAreCredentialsValidResponseDto>(requestModel);
if (!response.IsSuccessful)
{
throw new InterserviceApiException($"Request to Vega API failed (uri = '{uri}')");
}
if (response.Body.AreUserCredentialsValid)
{
_logger.Information($"Check has been completed, {userCredentialsLogText} are valid");
}
else
{
_logger.Information($"Check has been completed, {userCredentialsLogText} are not valid");
}
return(response.Body.AreUserCredentialsValid);
}
public async Task <UserCredentialsModel> GetUserDetails(string username)
{
var userEntity = await userManager.GetByUsername(username);
var userModel = new UserCredentialsModel
{
Username = userEntity.Username,
Email = userEntity.Email,
Nickname = userEntity.Nickname,
FirstName = userEntity.FirstName,
LastName = userEntity.LastName,
Role = userEntity.Role
};
return(userModel);
}
public async Task <ActionResult> IndexPost(LoginViewModel loginVm, string returnUrl)
{
if (!ModelState.IsValid)
{
// go back and try again
loginVm = _uiDependentLoginServices.VotingIsOpenVerification(loginVm);
return(View(loginVm));
}
var userCredentials = new UserCredentialsModel
{
ElectionId = Convert.ToInt32(loginVm.ElectionId),
UsernameOrId = loginVm.LoginId,
PasswordOrPin = loginVm.LoginPin
};
// DAL needed here.
var userCredentialsValid = await
_userCredentialsValidation.ValidateUserCredentialsAsync(userCredentials);
if (!userCredentialsValid)
{
ModelState.AddModelError(string.Empty, "Invalid login attempt. Please try again.");
loginVm = _uiDependentLoginServices.VotingIsOpenVerification(loginVm);
return(View(loginVm));
}
AuthenticationManager.SignOut("ApplicationCookie", "ExternalCookie");
ClaimsIdentity identity = _uiDependentLoginServices.CreateOwinUserIdentity(loginVm);
// TODO: Do I need to add a role that all voter's can belong to?
// because I thought this signed me in, and yet the [Authorize] on the Landing Controller's Index method is sending me back to the login page.
AuthenticationManager.SignIn(identity);
// TODO: The UserIp & BrowserAgent fields are used when logging 'this' login attempt to the LoginAttempts table
//var landingPgVm = _uiDependentLoginServices.BuildLandingPgViewModel(loginVm);
return(await Task.Run <ActionResult>(() =>
RedirectToAction("Index", "Landing")));
// return View() -- there is no opportunity to give the controller name
// which means if I want to go from here, I do have to redirect.
}
public async Task <IHttpActionResult> ChangePassword(UserCredentialsModel usermodel)
{
ApplicationUser user = await UManager.FindByIdAsync(usermodel.Id);
if (user == null)
{
return(NotFound());
}
user.PasswordHash = UManager.PasswordHasher.HashPassword(usermodel.Password);
var result = await UManager.UpdateAsync(user);
if (!result.Succeeded)
{
//throw exception......
}
return(Ok());
}
public void ValidateUserCredentials_ShouldReturn_True()
{
// Arrange
var uc = new UserCredentialsModel
{
ElectionId = 1,
UsernameOrId = "22222222",
PasswordOrPin = "1234"
};
// Act
var result = TestValidateUserCredentials(uc);
// Assert
Assert.IsInstanceOfType(result, typeof(bool));
Assert.IsTrue(result);
}
public async Task <IActionResult> LoginAsync([FromBody] UserCredentialsModel userCredentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var response = await _authenticationService.CreateAccessTokenAsync(userCredentials.EmailAddress, userCredentials.Password);
if (!response.Success)
{
return(BadRequest(response.Message));
}
var accessTokenResource = _mapper.Map <AccessToken, TokenResponseModel>(response.Token);
return(Ok(accessTokenResource));
}
/// <summary>
/// Checks the credentials entered by the user and returns true or
/// false based on whether or not those credentials match what's in
/// the database.
/// <para>
/// This method will also hydrate the <c>VoterId</c> field of the
/// passed-in <c>UserCredentialsModel</c> if the Voter was found.
/// </para>
/// </summary>
/// <param name="userCredentials">
/// An instance of the <see cref="UserCredentialsModel"/> with its
/// </param>
/// <returns></returns>
public bool ValidateUserCredentials(UserCredentialsModel userCredentials)
{
var foundVoter = _votersRepo.Get(
vtf => vtf.LoginId == userCredentials.UsernameOrId &&
vtf.LoginPin == userCredentials.PasswordOrPin &&
vtf.ElectionId == userCredentials.ElectionId);
// TODO: LOG THIS Login Attempt! (Doesn't that break SRP?)
if (foundVoter == null)
{
return(false);
}
userCredentials.VoterId = foundVoter.Id;
return(true);
}
public async Task <IActionResult> Login([Bind] UserCredentialsModel userCredentialsModel, string returnUrl = "")
{
if (ModelState.IsValid)
{
string statusMsg = "";
statusMsg = _accountRepository.AuthenticateUser(userCredentialsModel);
if (statusMsg == "success")
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, userCredentialsModel.Username)
};
ClaimsIdentity userIdentity = new ClaimsIdentity(claims, "login");
ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity);
// sign into IDP
await HttpContext.SignInAsync(principal);
if (Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
// create JWT for Relying party
string jwt = CreateJwtForRelyingParty(userCredentialsModel.Username);
HttpContext.Session.SetString("token", jwt);
HttpContext.Session.SetString("returnUrl", String.IsNullOrEmpty(returnUrl) ? "" : returnUrl);
return(RedirectToAction("Index", "Home", new { redirect = "true" }));
}
}
else
{
TempData["LoginFailure"] = "Login Failed.Please enter correct credentials";
return(View());
}
}
else
{
return(View());
}
}
public async Task <object> Login([FromBody] UserCredentialsModel credentials)
{
var result = await _singInManagementService.Login(credentials.Email, credentials.Password);
if (result.Succeeded)
{
var appUser = _userManagementService.GetByEmail(credentials.Email);
if (appUser == null)
{
return(_resultManagementService.Result("Invalid user.", "400"));
}
// That's the part when we generate JWT authentication token for user
return(_jwtManagement.GenerateJwtToken(appUser.Result));
}
return(_resultManagementService.Result("Invalid login attempt.", "400"));
}
public Task InsertStaff(StaffModel staffModel, UserCredentialsModel credentialModel)
{
var query = @"INSERT INTO MedPractice.usercredentials(username, password)
VALUES(@UserName, @Password)
SET @UserId = SCOPE_IDENTITY()
INSERT INTO MedPractice.staff (FirstName, LastName, Address, RoleId, UserId)
VALUES (@FirstName, @LastName, @Address, @RoleId, @UserId)";
return(_dataAccess.SaveData(query, new
{
UserName = credentialModel.UserName,
Password = credentialModel.Password,
FirstName = staffModel.FirstName,
LastName = staffModel.LastName,
Address = staffModel.Address,
RoleId = staffModel.RoleId,
UserId = 0
}));
}
public string AuthenticateUser(UserCredentialsModel userCredentials)
{
string result = "";
using (SqlConnection sqlConnection = new SqlConnection(_connectionString))
{
SqlCommand sqlCommand = new SqlCommand("uspAuthenticateUser", sqlConnection)
{
CommandType = CommandType.StoredProcedure
};
sqlCommand.Parameters.AddWithValue("@username", userCredentials.Username);
sqlCommand.Parameters.AddWithValue("@password", userCredentials.Password);
sqlConnection.Open();
result = sqlCommand.ExecuteScalar().ToString();
sqlConnection.Close();
return(result);
}
}
