internal static void RaiseOnBeforeLogon(UpdateAccountArgs args) { if(BeforeLogon != null) BeforeLogon(Core.HttpApplication, args); }
internal static void RaiseOnBeforeResetPassword(UpdateAccountArgs args) { if (BeforeResetPassword != null) BeforeResetPassword(Core.HttpApplication, args); }
internal static void RaiseOnAfterChangePassword(UpdateAccountArgs args) { if (AfterChangePassword != null) AfterChangePassword(Core.HttpApplication, args); }
internal static void RaiseOnAfterLogon(UpdateAccountArgs args) { if (AfterLogon != null) AfterLogon(Core.HttpApplication, args); }
public static JsonResponse ResetPassword(string logon) { var salt = BCrypt.GenerateSalt(); var newPassword = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).ToLower().Substring(1, 10); var newDigestPassword = BCrypt.HashPassword(newPassword, salt); var current = Session.Current; var j = new JsonResponse(); var args = new UpdateAccountArgs(current, current.Account, "", false, j); RaiseOnBeforeResetPassword(args); if(!args.AbortDefault) { // @NewDigestPassword @Logon var query = GetResString("/Sql/ResetPassword.sql"); using(var cmd = new SqlCommand(query, Sql.Connection)) { cmd.Parameters.Add("@Logon", SqlDbType.UniqueIdentifier).Value = logon; cmd.Parameters.Add("@NewDigestPassword", SqlDbType.VarChar).Value = newDigestPassword; using(var r = cmd.ExecuteReader()) { r.Read(); j.Error = r.GetInt32(0); j.Message = r.GetString(1); } } } RaiseOnAfterResetPassword(args); return j; }
public static JsonResponse Logon(string logon, string password) { var current = Session.Current; var j = new JsonResponse(); var query = GetResString("/Sql/LogonSession.sql"); var args = new UpdateAccountArgs(current, current.Account, password, false, j); RaiseOnBeforeLogon(args); if(!args.AbortDefault) { var nonce = GetNonce(logon); var digestPassword = BCrypt.HashPassword(password, nonce); // @Logon @DigestPassword @SessionId using(var cmd = new SqlCommand(query, Sql.Connection)) { cmd.Parameters.Add("@Logon", SqlDbType.VarChar).Value = logon; cmd.Parameters.Add("@DigestPassword", SqlDbType.VarChar).Value = digestPassword; cmd.Parameters.Add("@SessionId", SqlDbType.UniqueIdentifier).Value = current.Id; using(SqlDataReader r = cmd.ExecuteReader()) { r.Read(); // Result 1 @AccountId,'Logged On'; current.AccountId = r.GetGuid(0); j.Message = r.GetString(1); // Result 2 occurs when AccountId != Guid.Empty if(current.AccountId == Guid.Empty) { // logon failed j.Error = 1; } } } } RaiseOnAfterLogon(args); return j; }
public static JsonResponse Logoff() { var current = Session.Current; var j = new JsonResponse(); var args = new UpdateAccountArgs(current, current.Account, "", false, j); RaiseOnBeforeLogoff(args); if(!args.AbortDefault) { var query = GetResString("/Sql/LogoffSession.sql"); using(var cmd = new SqlCommand(query, Sql.Connection)) { cmd.Parameters.Add("@SessionId", SqlDbType.UniqueIdentifier).Value = current.Id; cmd.ExecuteNonQuery(); } // run another query to update the session data current.Refresh(); } RaiseOnAfterLogoff(args); return j; }
public static JsonResponse CreateAccount(string logon, string password) { var j = new JsonResponse(); var current = Session.Current; var nonce = BCrypt.GenerateSalt(); var query = GetResString("/Sql/CreateAccount.sql"); var digestPassword = BCrypt.HashPassword(password, nonce); var args = new UpdateAccountArgs(current, Session.AnonymousAccount, password, false, j); RaiseOnBeforeCreateAccount(args); if(!args.AbortDefault) { // @AccountId, @Logon, @DigestPassword using(var cmd = new SqlCommand(query, Sql.Connection)) { cmd.Parameters.Add("@Logon", SqlDbType.VarChar).Value = logon; cmd.Parameters.Add("@DigestPassword", SqlDbType.VarChar).Value = digestPassword; cmd.Parameters.Add("@Nonce", SqlDbType.VarChar).Value = nonce; using(var r = cmd.ExecuteReader()) { r.Read(); current.AccountId = r.GetGuid(0); j.Message = r.GetString(1); if(current.AccountId == Guid.Empty) { j.Error = 1; } } } } RaiseOnAfterCreateAccount(args); return j; }
public static JsonResponse ChangePassword(string logon, string oldPassword, string newPassword) { var j = new JsonResponse(); var oldNonce = GetNonce(logon); var newNonce = BCrypt.GenerateSalt(); var current = Session.Current; var oldDigestPassword = BCrypt.HashPassword(oldPassword, oldNonce); var newDigestPassword = BCrypt.HashPassword(newPassword, newNonce); var args = new UpdateAccountArgs(current, current.Account, oldPassword, false, j) {NewPassword = newPassword}; RaiseOnBeforeChangePassword(args); if(!args.AbortDefault) { var query = GetResString("/Sql/ChangePassword.sql"); // @NewDigestPassword @AccountId @DigestPassword using(var cmd = new SqlCommand(query, Sql.Connection)) { cmd.Parameters.Add("@Logon", SqlDbType.UniqueIdentifier).Value = logon; cmd.Parameters.Add("@DigestPassword", SqlDbType.VarChar).Value = oldDigestPassword; cmd.Parameters.Add("@NewDigestPassword", SqlDbType.VarChar).Value = newDigestPassword; cmd.Parameters.Add("@NewNonce", SqlDbType.VarChar).Value = newNonce; cmd.Parameters.Add("@OldNonce", SqlDbType.VarChar).Value = oldNonce; using(var r = cmd.ExecuteReader()) { r.Read(); j.Error = r.GetInt32(0); j.Message = r.GetString(1); } } } RaiseOnAfterChangePassword(args); return j; }