public override bool AuthorizeAdmin(AuthorizationFilterContext context) { bool result = base.AuthorizeAdmin(context); if (!result) { return(false); } string sessionId = context.HttpContext.Request.Cookies["SessionId"]; string userName = EncoderUtils.Base64Decode(sessionId.Split("-")[USER_NAME_INDEX]); IUserDAO userDAO = context.HttpContext.RequestServices.GetRequiredService <IUserDAO>(); UserDBModel user = userDAO.GetUser(userName); if (user.Role < ADMIN_ROLE) { CtfOptions ctfOptions = context.HttpContext.RequestServices.GetRequiredService <IOptions <CtfOptions> >().Value; CtfChallangeModel ctfChallange = ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.ChangeRoleInCookie) .Single(); context.HttpContext.Response.Headers.Add(ctfChallange.FlagKey, ctfChallange.Flag); } return(true); }
private void AddCredit() { bool exists = _context.UserData .Where(x => x.UserName == SecureBankConstants.CREDIT_USERNAME) .Any(); if (exists) { return; } UserDBModel creditDbModel = new UserDBModel { Name = "credit", Surname = "credit", UserName = SecureBankConstants.CREDIT_USERNAME, Password = Guid.NewGuid().ToString(), Confirmed = true, Role = 100 }; _context.UserData.Add(creditDbModel); int changes = _context.SaveChanges(); if (changes <= 0) { throw new Exception("Failed to add credit"); } }
public IActionResult Register(UserModel user) { UserDBModel db = new UserDBModel(); UserModel luser = db.UserRegister(user.fUsername, user.fPassword); return(RedirectToAction("../Home/Index")); }
private AuthResultModel GenerateAuthResultForUser(UserDBModel userModel) { var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_jwtSettings.Secret)); var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim("UserName", userModel.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, userModel.Email), new Claim("PhoneNumber", userModel.PhoneNumber), new Claim("id", userModel.Id), }), Expires = DateTime.UtcNow.AddHours(2), SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return(new AuthResultModel { Token = tokenHandler.WriteToken(token), Success = true, UserName = userModel.UserName, }); }
public User(UserDBModel user) { Username = user.Username; Password = user.Password; Cash = user.Cash; Admin = user.Admin; }
public IActionResult Login(UserModel user) { if (user.fUsername != null && user.fPassword != null) { UserDBModel db = new UserDBModel(); UserModel luser = db.UserLogin(user.fUsername, user.fPassword); if (luser.fUsername != null) { Response.Cookies.Append("user", luser.fUsername); Response.Cookies.Append("userID", luser.fID); if (db.AdminChecking(luser.fUsername, luser.fPassword)) { string id = luser.fID; return(Redirect(@"../Admin/Index/?id=" + id)); } return(Redirect("../Home/Index/?id=" + luser.fID)); } else { ModelState.AddModelError("", "Wrong username or password"); } } else { ModelState.AddModelError("", "should not empty username or password"); } return(RedirectToAction("../User/Login/")); }
public async Task <ChangedInformationResultModel> RegisterAsync(RegUserRequest userInfo) { var existingUser = await _userManager.FindByEmailAsync(userInfo.Email); if (existingUser != null) { return(new ChangedInformationResultModel { Success = false, ErrorsMessages = new[] { "User with this email addres already exist" } }); } var userName = userInfo.Email.Substring(0, userInfo.Email.LastIndexOf('@')); var newUser = new UserDBModel { Email = userInfo.Email, UserName = userName, FirstName = userInfo.FirstName, LastName = userInfo.LastName, PhoneNumber = userInfo.PhoneNumber, }; var createdUser = await _userManager.CreateAsync(newUser, userInfo.Password); if (!createdUser.Succeeded) { return(new ChangedInformationResultModel { Success = false, ErrorsMessages = createdUser.Errors.Select(x => x.Description) }); } return(new ChangedInformationResultModel { Success = true }); }
public ActionResult GetData() { using (UserDBModel db = new UserDBModel()) { List <UserCourse> courList = db.UserCourses.ToList <UserCourse>(); return(Json(new { data = courList }, JsonRequestBehavior.AllowGet)); } }
public virtual Task <UserModel> Login(UserModel loginModel) { if (loginModel == null || string.IsNullOrEmpty(loginModel.UserName) || string.IsNullOrEmpty(loginModel.Password)) { return(Task.FromResult <UserModel>(null)); } var accessLogModel = new { Ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(), Username = loginModel.UserName, Password = loginModel.Password }; _accessLogger.Info($"{Newtonsoft.Json.JsonConvert.SerializeObject(accessLogModel)}"); if (!_userDAO.ValidatePassword(loginModel.UserName, loginModel.Password)) { return(Task.FromResult <UserModel>(null)); } UserDBModel userModel = _userDAO.GetUser(loginModel.UserName); Random random = new Random(); var byteArray = new byte[256]; random.NextBytes(byteArray); string cookie = Sha256HashUtils.ComputeSha256Hash(byteArray); string inrole = userModel.Role > 0 ? "1" : "0"; if (userModel.Role > 50) { inrole = "100"; } string allCookie = $"{EncoderUtils.Base64Encode(loginModel.UserName)}-{cookie}-{inrole}"; if (!_userDAO.SaveSession(cookie, DateTime.UtcNow.AddDays(1))) { return(Task.FromResult <UserModel>(null)); } loginModel.Password = null; loginModel.Cookie = allCookie; loginModel.Status = "ok"; _httpContextAccessor.HttpContext.Response.Cookies.Append(AUTH_COOKIE, loginModel.Cookie, new CookieOptions { Expires = DateTime.Now.AddDays(3), HttpOnly = false }); return(Task.FromResult(loginModel)); }
public virtual UserModel GetUser(string userName) { UserDBModel user = _userDAO.GetUser(userName); return(new UserModel { UserName = user.UserName, Password = user.Password }); }
public void CheckingExistUser() { UserDBModel db = new UserDBModel(); string username = "******"; bool um = db.UserNameExistChecking(username); Assert.IsFalse(um); //false mean does not exist, true mean user exist }
public IActionResult Edit(UserModel user) { UserDBModel db = new UserDBModel(); bool userEdit = db.EditUser(Int32.Parse(user.fID), user); if (userEdit) { return(Redirect("Index/?Id=" + user.fID)); } return(Redirect("Edit/?Id=" + user.fID)); }
public IActionResult Delete(int id, int value) { UserDBModel db = new UserDBModel(); bool removeUser = db.RemoveUserById(id.ToString()); if (removeUser) { return(Redirect(@"../Index/?id=" + value)); } return(View("Cannot remove this user")); }
public void RegisterTest() { UserDBModel db = new UserDBModel(); //Model that contains user details string email = "*****@*****.**"; string password = "******"; UserModel um = db.UserRegister(email, password); Assert.AreEqual(um.fUsername, email); Assert.AreEqual(um.fPassword, password); }
public void LoginTest() { UserDBModel db = new UserDBModel(); string email = "*****@*****.**"; string password = "******"; UserModel um = db.UserLogin(email, password); Assert.AreEqual(um.fUsername, email); Assert.AreEqual(um.fPassword, password); }
public UserDBModel AddUserToDatabase(UserDBModel user) { string PasswordHash = SecurePasswordHasher.Hash(user.Pass); user.Pass = PasswordHash; user.Created = DateTime.Now; user.IsVerify = false; user.VeryficationToken = TokenManager.RandomTokenString(); _context.userDBModels.Add(user); _context.SaveChanges(); return(user); }
public IActionResult RegisterUser(UserDBModel user) { try { _userService.CreateAsync(user); return(Ok(new { message = "Registration successful, please check your email for verification instructions" })); } catch (ApplicationException ex) { // return error message if there was an exception return(BadRequest(new { message = ex.Message })); } }
public ActionResult AddOrEdit(int id = 0) { if (id == 0) { return(View(new UserCourse())); } else { using (UserDBModel db = new UserDBModel()) { return(View(db.UserCourses.Where(x => x.CourseID == id).FirstOrDefault <UserCourse>())); } } }
public UserDBModel CreateAsync(UserDBModel user) { // validation _userAuthenticate.ValidateUser(user); var newUser = _userAuthenticate.AddUserToDatabase(user); var newMessage = _mailService.GenerateMessageForUserVerification(UserController.ClientBaseUrl, TokenManager.GenerateRegisterToken(newUser.VeryficationToken)); _mailService.SendMail(newUser.Email, newMessage.Item1, newMessage.Item2); BackgroundTask task = new BackgroundTask(_logger, _scopeFactory); Task.Factory.StartNew(() => task.RemoveUnverifiedUserAsync(user.VeryficationToken)); return(user); }
public virtual bool UpdatePassword(string userName, string password) { UserDBModel user = GetUser(userName); if (user == null) { return(false); } user.Password = password; _portalDBContext.Entry(user).State = Microsoft.EntityFrameworkCore.EntityState.Modified; int changes = _portalDBContext.SaveChanges(); return(changes > 0); }
public virtual bool ConfirmToken(string userName) { UserDBModel user = GetUser(userName); if (user == null) { return(false); } user.Confirmed = true; _portalDBContext.Entry(user).State = Microsoft.EntityFrameworkCore.EntityState.Modified; int changes = _portalDBContext.SaveChanges(); return(changes > 0); }
public IActionResult Edit(int id = 0) { UserDBModel db = new UserDBModel(); if (Request.Cookies["userID"] != null) { id = Int32.Parse(Request.Cookies["userID"]); } else { return(RedirectToAction("/Home/Index/")); } UserModel user = db.GetUserById(id); return(View(user)); }
public IActionResult Index(int id = 0) { if (Request.Cookies["userID"] != null) { string userID = Request.Cookies["userID"]; UserDBModel db = new UserDBModel(); UserModel user = db.GetUserById(Int32.Parse(userID)); //get the total novel uploaded return(View(user)); } else { return(RedirectToAction("/Home/Index/")); } }
public void ValidateUser(UserDBModel user) { if (string.IsNullOrWhiteSpace(user.Pass)) { throw new ApplicationException("Password is required"); } if (_context.userDBModels.Any(x => x.Name == user.Name)) { throw new ApplicationException("Username " + user.Name + " is already taken"); } if (_context.userDBModels.Any(x => x.Email == user.Email)) { throw new ApplicationException("Email " + user.Email + " is already taken"); } }
public ActionResult AddOrEdit(UserCourse cour) { using (UserDBModel db = new UserDBModel()) { if (cour.CourseID == 0) { db.UserCourses.Add(cour); db.SaveChanges(); return(Json(new { success = true, message = "Saved Successfully" }, JsonRequestBehavior.AllowGet)); } else { db.Entry(cour).State = EntityState.Modified; db.SaveChanges(); return(Json(new { success = true, message = "Book Successfully" }, JsonRequestBehavior.AllowGet)); } } }
public override bool AuthorizeAdmin(AuthorizationFilterContext context) { bool result = base.AuthorizeAdmin(context); if (!result) { return(false); } IEnumerable <Claim> claims = _cookieService.GetClaims(context.HttpContext); string userName = claims .Where(x => x.Type == CookieConstants.USERNAME_CALIM_TYPE) .Select(x => x.Value) .SingleOrDefault(); IUserDAO userDAO = context.HttpContext.RequestServices.GetRequiredService <IUserDAO>(); UserDBModel user = userDAO.GetUser(userName); if (_ctfOptions.CtfChallengeOptions.ChangeRoleInCookie) { if (user.Role < 50) { CtfOptions ctfOptions = context.HttpContext.RequestServices.GetRequiredService <IOptions <CtfOptions> >().Value; CtfChallangeModel ctfChallange = ctfOptions.CtfChallanges .Where(x => x.Type == CtfChallengeTypes.ChangeRoleInCookie) .Single(); context.HttpContext.Response.Headers.Add(ctfChallange.FlagKey, ctfChallange.Flag); } } else { if (user.Role < 50) { return(false); } } return(true); }
public IActionResult Index(string id = "0") { UserDBModel db = new UserDBModel(); if (Request.Cookies["userID"] != null) { id = Request.Cookies["userID"]; } UserModel user = db.GetUserById(Int32.Parse(id)); List <UserModel> nv = db.GetAllUser(user.fUsername, user.fPassword); if (!db.AdminChecking(Int32.Parse(id))) { return(RedirectToAction("../Home/Index")); } return(View(nv)); }
private void AddAdmin(string admin, string adminPassword) { if (string.IsNullOrEmpty(admin) || string.IsNullOrEmpty(adminPassword)) { return; } bool exists = _context.UserData .Where(x => x.UserName == admin) .Any(); if (exists) { return; } UserDBModel adminDbModel = new UserDBModel { Name = "admin", Surname = "admin", UserName = admin, Password = adminPassword, Confirmed = true, Role = 100 }; _context.UserData.Add(adminDbModel); int changes = _context.SaveChanges(); if (changes <= 0) { throw new Exception("Failed to add admin"); } GiveMoney(new List <string> { adminDbModel.UserName }); }
public virtual bool RegisterUser(UserModel userModel) { if (_portalDBContext.UserData.Any(t => t.UserName == userModel.UserName)) { return(false); } UserDBModel user = new UserDBModel { Name = userModel.Name, UserName = userModel.UserName, Password = userModel.Password, Surname = userModel.Surname, Role = userModel.UserRight }; _portalDBContext.UserData.Add(user); int changes = _portalDBContext.SaveChanges(); return(changes > 0); }
//return default user database index private int GetDefaultUser() { SQLiteAsyncConnection db = UserDB; try { UserDBModel user = db.GetAsync <UserDBModel>(1).Result; int userid = user.userid; if (userid == -1) { return(Constants.DEFAULT_USER_NOT_EXIST); } string queryString = "SELECT * From UserDBModel WHERE userid = ?"; var queryResult = UserDB.QueryAsync <UserDBModel>(queryString, user.userid).Result; int DBIndex = queryResult[1].DBIndex; return(DBIndex); } catch (AggregateException) { return(Constants.DEFAULT_USER_NOT_EXIST); } }