public ServiceResult CheckAuthorization(AuthorizationRequest authorizationData)
        {
            string hash           = _passwordHash.GeneratePasswordHash(authorizationData.Login, authorizationData.Password);
            var    userAdmittance = _dbContext.UserAdmittances.GetUserAdmittance(authorizationData.Login, hash);

            ServiceResult result = null;

            if (userAdmittance == null)
            {
                result = new ServiceResult(ServiceResult.ResultConnectionEnum.SystemError,
                                           "User with this login and password not found");
            }
            else if (userAdmittance.UserStatus.Status == UserStatus.StatusEnum.Active)
            {
                result = new ServiceResult(ServiceResult.ResultConnectionEnum.Correct, "");
            }
            else if (userAdmittance.UserStatus.Status == UserStatus.StatusEnum.Block)
            {
                result = new ServiceResult(ServiceResult.ResultConnectionEnum.SystemError,
                                           "The user is blocked");
            }
            else if (userAdmittance.UserStatus.Status == UserStatus.StatusEnum.Delete)
            {
                result = new ServiceResult(ServiceResult.ResultConnectionEnum.SystemError,
                                           "The user deleted");
            }

            return(result);
        }
Exemple #2
0
        public ServiceResult Create(string sessionToken, SystemUserData userData)
        {
            #region Check the administrator password is correct


            var user = _dbContext.UserAuthorizationsToken.GetByToken(sessionToken);

            string login    = user.UserSystem.UserAdmittance.Login;
            string password = userData.OldPassword;

            string newHash = _passwordHash.GeneratePasswordHash(login, password);
            string oldHash = user.UserSystem.UserAdmittance.PasswordHash;

            if (newHash != oldHash)
            {
                ServiceResult errorResult = new ServiceResult(ServiceResult.ResultConnectionEnum.AccessDenied,
                                                              "To create a new user, you must confirm the current password.");
                return(errorResult);
            }


            #endregion

            return(CreatByRegistration(userData));
        }
Exemple #3
0
        public string GenerateSessionToken(string login)
        {
            int    random = new Random().Next(10000000, 99999999);
            var    ticks  = DateTime.Now.Ticks;
            string numb   = $"{ticks}{random}";

            string loginHash = _passwordHash.GeneratePasswordHash(login, random.ToString());


            string result = "";

            for (int i = 0; result.Length < _userTokenLength; i++)
            {
                result += loginHash[i];
                result += numb[i];
            }

            return(result);
        }