public async Task <IHttpActionResult> Convert([FromBody] AccountConvertInfo info)
{
Logger.Info($"Account.Convert AccountName={info.AccountName}");
var account = await GetAndVerifyAccount(info.AccountId);
if (!EncryptHashManager.VerifyHash(info.OldPassword, account.Password))
{
await
this.RecordLogin(account, UCenterErrorCode.AccountLoginFailedPasswordNotMatch,
"The account name and password do not match");
throw new UCenterException(UCenterErrorCode.AccountLoginFailedPasswordNotMatch);
}
account.AccountName = info.AccountName;
account.IsGuest = false;
account.Name = info.Name;
account.IdentityNum = info.IdentityNum;
account.Password = EncryptHashManager.ComputeHash(info.Password);
account.SuperPassword = EncryptHashManager.ComputeHash(info.SuperPassword);
account.PhoneNum = info.PhoneNum;
account.Email = info.Email;
account.Sex = info.Sex;
await this.DatabaseContext.Bucket.UpsertSlimAsync(account);
await this.RecordLogin(account, UCenterErrorCode.Success, "Account converted successfully.");
return(CreateSuccessResult(ToResponse <AccountRegisterResponse>(account)));
}
public async Task <IHttpActionResult> ResetPassword([FromBody] AccountResetPasswordInfo info, CancellationToken token)
{
CustomTrace.TraceInformation($"Account.ResetPassword AccountName={info.AccountName}");
var account = await this.Database.Accounts.GetSingleAsync(a => a.AccountName == info.AccountName, token);
if (account == null)
{
throw new UCenterException(UCenterErrorCode.AccountNotExist);
}
if (!EncryptHashManager.VerifyHash(info.SuperPassword, account.SuperPassword))
{
await this.RecordLogin(
account,
UCenterErrorCode.AccountLoginFailedPasswordNotMatch,
"The super password provided is incorrect",
token);
throw new UCenterException(UCenterErrorCode.AccountLoginFailedPasswordNotMatch);
}
account.Password = EncryptHashManager.ComputeHash(info.Password);
await this.Database.Accounts.UpsertAsync(account, token);
await this.RecordLogin(account, UCenterErrorCode.Success, "Reset password successfully.", token);
return(this.CreateSuccessResult(this.ToResponse <AccountResetPasswordResponse>(account)));
}
public async Task <IHttpActionResult> Login([FromBody] AccountLoginInfo info, CancellationToken token)
{
CustomTrace.TraceInformation($"Account.Login AccountName={info.AccountName}");
var account = await this.Database.Accounts.GetSingleAsync(a => a.AccountName == info.AccountName, token);
if (account == null)
{
throw new UCenterException(UCenterErrorCode.AccountNotExist);
}
if (!EncryptHashManager.VerifyHash(info.Password, account.Password))
{
await this.RecordLogin(
account,
UCenterErrorCode.AccountLoginFailedPasswordNotMatch,
"The account name and password do not match",
token);
throw new UCenterException(UCenterErrorCode.AccountLoginFailedPasswordNotMatch);
}
account.LastLoginDateTime = DateTime.UtcNow;
account.Token = EncryptHashManager.GenerateToken();
await this.Database.Accounts.UpsertAsync(account, token);
await this.RecordLogin(account, UCenterErrorCode.Success, token : token);
return(this.CreateSuccessResult(this.ToResponse <AccountLoginResponse>(account)));
}
public void TestEncryptAndCompare()
{
string password = Guid.NewGuid().ToString();
var hash = EncryptHashManager.ComputeHash(password);
Assert.IsFalse(EncryptHashManager.VerifyHash(Guid.NewGuid().ToString(), hash));
Assert.IsTrue(EncryptHashManager.VerifyHash(password, hash));
}
public void TestEncryptAndCompare()
{
string password = Guid.NewGuid().ToString();
var hash = EncryptHashManager.ComputeHash(password);
CustomTrace.TraceInformation("Hash code is: {0}", hash);
Assert.IsFalse(EncryptHashManager.VerifyHash(Guid.NewGuid().ToString(), hash));
Assert.IsTrue(EncryptHashManager.VerifyHash(password, hash));
}
public async Task <IHttpActionResult> Login([FromBody] AccountLoginInfo info)
{
Logger.Info($"Account.Login AccountName={info.AccountName}");
var accountResourceByName =
await
this.DatabaseContext.Bucket.GetByEntityIdSlimAsync <AccountResourceEntity>(
AccountResourceEntity.GenerateResourceId(AccountResourceType.AccountName, info.AccountName),
false);
AccountEntity account = null;
if (accountResourceByName != null)
{
// this means the temp value still exists, we can directly get the account by account id.
account =
await
this.DatabaseContext.Bucket.GetByEntityIdSlimAsync <AccountEntity>(
accountResourceByName.AccountId);
}
else
{
// this means the temp value not exists any more, meanwhile, it have passed a period after the account created
// so the index should be already created and we can query the entity by query string
account =
await
this.DatabaseContext.Bucket.FirstOrDefaultAsync <AccountEntity>(
a => a.AccountName == info.AccountName);
}
if (account == null)
{
throw new UCenterException(UCenterErrorCode.AccountNotExist);
}
if (!EncryptHashManager.VerifyHash(info.Password, account.Password))
{
await
this.RecordLogin(account, UCenterErrorCode.AccountLoginFailedPasswordNotMatch,
"The account name and password do not match");
throw new UCenterException(UCenterErrorCode.AccountLoginFailedPasswordNotMatch);
}
account.LastLoginDateTime = DateTime.UtcNow;
account.Token = EncryptHashManager.GenerateToken();
await this.DatabaseContext.Bucket.UpsertSlimAsync(account);
await this.RecordLogin(account, UCenterErrorCode.Success);
return(CreateSuccessResult(ToResponse <AccountLoginResponse>(account)));
}
public async Task <IHttpActionResult> ResetPassword([FromBody] AccountResetPasswordInfo info)
{
Logger.Info($"Account.ResetPassword AccountName={info.AccountId}");
var account = await GetAndVerifyAccount(info.AccountId);
if (!EncryptHashManager.VerifyHash(info.SuperPassword, account.SuperPassword))
{
await
this.RecordLogin(account, UCenterErrorCode.AccountLoginFailedPasswordNotMatch,
"The super password provided is incorrect");
throw new UCenterException(UCenterErrorCode.AccountLoginFailedPasswordNotMatch);
}
account.Password = EncryptHashManager.ComputeHash(info.Password);
await this.DatabaseContext.Bucket.UpsertSlimAsync(account);
await this.RecordLogin(account, UCenterErrorCode.Success, "Reset password successfully.");
return(CreateSuccessResult(ToResponse <AccountResetPasswordResponse>(account)));
}