Exemple #1
0
        public async Task <string> PostAsync([FromBody] UserDto userDto)
        {
            var userData = new Dictionary <string, object>()
            {
                { "profile_pic", userDto.ProfilePictureUrl }
            };

            try
            {
                // Add user to the Stream API
                await _streamApi.StreamClient.Users.Add(userDto.Username, userData);

                PasswordHasher ph = new PasswordHasher();
                // Add user to the DB
                _database.GetInstance.Execute("INSERT INTO users (username, pass, pic_url) VALUES(@user, @pass, @pic)", new { user = userDto.Username, pass = ph.Hash(userDto.Password), pic = userDto.ProfilePictureUrl });
                // Register user timeline to his profile (the user timeline will show his own posts)
                IStreamFeed userTimeline = _streamApi.StreamClient.Feed("timeline", userDto.Username);
                await userTimeline.FollowFeed("user", userDto.Username);

                // Follow the admin account with the welcome message (if the user registering is already RecYou ignore it)
                if (userDto.Username != "RecYou")
                {
                    await userTimeline.FollowFeed("user", "RecYou");
                }
            }
            catch (Exception e)
            {
                return(e.Message);
            }

            return(JWT.GenerateToken(userDto.Username));
        }
Exemple #2
0
        public string Post([FromBody] UserDto userDto)
        {
            PasswordHasher ph   = new PasswordHasher();
            UserDto        user = _database.GetInstance.QuerySingleOrDefault <UserDto>("SELECT username, pass FROM users WHERE username = @user", new { user = userDto.Username });

            if (user == null)
            {
                HttpContext.Response.StatusCode = 401;
                return(null);
            }

            (bool Verified, bool NeedsUpgrade)checkResult = ph.Check(user.Pass, userDto.Password);
            if (checkResult.Verified)
            {
                return(JWT.GenerateToken(userDto.Username));
            }
            else
            {
                HttpContext.Response.StatusCode = 401;
                return(null);
            }
        }
Exemple #3
0
        public async Task <LoginResponse> AuthenticateUser(string login, string password)
        {
            User user = null;

            using (var connection = new SqlConnection(_connectionString))
            {
                connection.Open();

                user = connection
                       .Query <User>(
                    "EXEC [Support-API].[dbo].[SP_Get_User] @Login = @Login",
                    new { Login = login }
                    ).FirstOrDefault();
            }

            LoginResponse response = new LoginResponse
            {
                Success = false,
                Errors  = new List <string>(),
                JWT     = string.Empty,
            };

            if (user == null)
            {
                response.Errors.Add("Invalid Username or Password");
            }
            else
            {
                Hash   currentHash = new Hash(user.Hash);
                string hash        = Hashing.GenerateHash(password, currentHash.iterations, currentHash.salt);

                if (hash == user.Hash)
                {
                    string JwtSecret = _configuration.GetValue <string>("JwtSecret");
                    var    token     = JWT.GenerateToken(user.UUID, user.Login, JwtSecret);

                    int    code       = Generator.RandomNum(111111, 999999);
                    string hashedCode = Hashing.GenerateHash(code.ToString());

                    string emailPlainTemplate = "Hello {0} {1} {2}! Your Verification Code is: {3}";
                    string emailHtmlTemplate  = "<html>" +
                                                "<body>" +
                                                "<div>" +
                                                "<h2>Support App</h3>" +
                                                "<div>Hello {0} {1} {2}!</div>" +
                                                "<div>Your Verification Code is: {3}</div>" +
                                                "</div>" +
                                                "</body>" +
                                                "</html>";

                    string          emailApiKey = _configuration.GetValue <string>("MailApiKey");
                    SingleEmailPost email       = new SingleEmailPost
                    {
                        From_Email    = "*****@*****.**",
                        From_Name     = "Support App",
                        To_Email      = user.Email,
                        To_Name       = $"{user.First_Name} {user.Middle_Name} {user.Last_Name}",
                        Subject       = "Verification Email",
                        Content_Html  = string.Format(emailHtmlTemplate, user.First_Name, user.Middle_Name, user.Last_Name, code),
                        Content_Plain = string.Format(emailPlainTemplate, user.First_Name, user.Middle_Name, user.Last_Name, code),
                    };
                    await Email.SingleEmail(email, emailApiKey);

                    Session session = _sessionManager.CreateSession(user, token, hashedCode);

                    if (token == null || session == null)
                    {
                        response.Errors.Add("Authentication Error, please contact Administrator.");
                    }
                    else
                    {
                        response.Success = true;
                        response.JWT     = token;
                    }
                }
                else
                {
                    response.Errors.Add("Invalid Username or Password");
                }
            }

            return(response);
        }
Exemple #4
0
        public async Task <ResultContract <LoginResultContract> > Login([FromBody] LoginParamContract loginParam)
        {
            try
            {
                if (string.IsNullOrWhiteSpace(loginParam.Account))
                {
                    return(new ResultContract <LoginResultContract> {
                        Code = -1, Msg = "请输入账号"
                    });
                }
                if (string.IsNullOrWhiteSpace(loginParam.Password))
                {
                    return(new ResultContract <LoginResultContract> {
                        Code = -1, Msg = "请输入密码"
                    });
                }
                //用户验证
                var user = userService.CheckUser(loginParam.Account, loginParam.Password);
                if (user == null)
                {
                    return(new ResultContract <LoginResultContract> {
                        Code = -1, Msg = "账号或密码不正确"
                    });
                }

                //平台验证
                var application = applicationService.GetApplicationByID(loginParam.AppId);

                if (application == null)
                {
                    return(new ResultContract <LoginResultContract> {
                        Code = -1, Msg = "平台未注册"
                    });
                }

                //更改用户登录状态
                var userEntity = userService.GetUser(user.UserId);
                userEntity.IsLogin = true;
                userService.Update(userEntity);

                //生成token
                var model = new TokenDataModel
                {
                    UserId     = user.UserId,
                    Account    = user.UserAccount,
                    AppName    = application.AppName,
                    FromSystem = ""
                };
                var token  = JWT.GenerateToken(model, application.AppSecret);
                var result = new LoginResultContract()
                {
                    Token = token,
                    User  = new Contracts.DB.UserContract()
                    {
                        UserId         = user.UserId,
                        UserName       = user.UserName,
                        OrganizationId = user.OrganizationId
                    }
                };
                return(new Contracts.ResultContract <LoginResultContract>()
                {
                    Code = 0, Msg = "", Data = result
                });
            }
            catch (Exception)
            {
                return(new Contracts.ResultContract <LoginResultContract>()
                {
                    Code = -1, Msg = "服务异常"
                });;
            }
        }