public async Task <bool> ChangePassword(ChangePasswordDto model)
{
var user = await GetUser(model.Email, model.Phone);
if (user.Email != model.Email || user.Phone != model.Phone)
{
return(false);
}
using (var db = base.NewDb())
{
//先判定原密碼是否正確
if (!PasswordHash.VerifyPasswordHash(model.OldPassword, user.PasswordHash, user.PasswordSalt))
{
return(false);
}
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(model.NewPassword, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.WriteTime = System.DateTime.Now;
db.AppUser.Update(user);
var saveNumber = await db.SaveChangesAsync();
return(saveNumber > 0);
}
}
public static void Intialize()
{
if (initialized == false)
{
Presto.Sequence.Add <User>();
Presto.Define <User>(x => {
var passwordHash = new PasswordHash();
x.ID = Presto.Sequence.Next <User>();
x.UserName = "******";
x.Salt = passwordHash.CreateSalt();
x.Password = passwordHash.CreatePasswordHash("Password", x.Salt);
x.FirstName = "First Name";
x.LastName = "Last Name";
x.Role = Role.Admin;
x.CreatedDate = DateTime.Now;
});
Presto.PersistAction = entity => {
var addEntityMethod = typeof(IClarityDB).GetMethod("AddEntity");
var addEntityOfTypeMethod = addEntityMethod.MakeGenericMethod(new[] { entity.GetType() });
addEntityOfTypeMethod.Invoke(ClarityDB.Instance, new object[] { entity });
};
}
initialized = true;
}
public async Task <string> NewPassword(ForgetPasswordDto model)
{
using (var db = base.NewDb())
{
var user = await GetUser(model.Email, model.Phone);
if (user.Email != model.Email || user.Phone != model.Phone || user.UserName != model.UserName)
{
return("");
}
var newPass = new System.Random();
var newPassword = newPass.Next(111111, 999999).ToString();
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(newPassword, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
db.AppUser.Update(user);
var saveNumber = await db.SaveChangesAsync();
return(newPassword);
}
}
public UserModel Create(UserModel user, string password)
{
UserModel userObj = new UserModel
{
UserName = user.UserName,
Password = user.Password,
Role = "Customer",
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
};
//validation
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
if (_dbContext.Users.Any(x => x.UserName == user.UserName))
{
throw new AppException("Username \"" + user.UserName + "\" is already taken");
}
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
userObj.PasswordHash = passwordHash;
userObj.PasswordSalt = passwordSalt;
_dbContext.Users.Add(userObj);
_dbContext.SaveChanges();
return(userObj);
}
/// <summary>
/// Creates the password with hash and salt
/// </summary>
/// <param name="emp"></param>
private void createPassword(EmployeeBO emp)
{
password = emp.Password;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
userFromDb.PasswordHash = passwordHash;
userFromDb.PasswordSalt = passwordSalt;
}
public void Update(User userParam, string password = null)
{
var user = _users.Find(x => x.Id == userParam.Id).SingleOrDefault();
if (user == null)
{
throw new Exception("User not found");
}
if (userParam.Username != user.Username)
{
// username has changed so check if the new username is already taken
if (_users.Find(x => x.Username == userParam.Username).Any())
{
throw new Exception("Username " + userParam.Username + " is already taken");
}
}
// update user properties
user.FirstName = userParam.FirstName;
user.LastName = userParam.LastName;
user.Username = userParam.Username;
// update password if it was entered
if (!string.IsNullOrWhiteSpace(password))
{
PasswordHash.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
}
_users.ReplaceOne(x => x.Id == user.Id, user);
}
protected override void Up(MigrationBuilder migrationBuilder)
{
var optionsBuilder = new DbContextOptionsBuilder <SiriusContext>();
string connectionString = "Host=127.0.0.1;Port=5432;Database=siriusdb;Username=siriususer;Password=Uncle340571578;Integrated Security=false;";
var options = optionsBuilder
.UseNpgsql(connectionString)
.Options;
using (var context = new SiriusContext(options))
{
Role viewerRole = context.Roles.Where(role => role.Id == DefaultValues.Roles.Viewer.Id).FirstOrDefault();
var startDate = DateConverter.ConvertToRTS(DateTime.UtcNow.ToLocalTime());
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash("user2019", out passwordHash, out passwordSalt);
var user = new User {
FirstName = "Пользователь",
LastName = "",
Username = "******",
Id = Guid.NewGuid(),
Role = viewerRole,
StartDate = startDate,
IsConfirmed = true,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt
};
context.Users.Add(user);
context.SaveChanges();
}
}
public void CreatePasswordHash_CreatesHash()
{
var passwordHash = new PasswordHash();
var salt = passwordHash.CreateSalt();
var hash = passwordHash.CreatePasswordHash("abc123@X", salt);
Assert.Less(0, hash.Length);
}
public async Task<User> Register(User user, string password)
{
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
await _context.Users.AddAsync(user);
await _context.SaveChangesAsync();
return user;
}
public async Task <Member> Register(Member user, string password)
{
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
using (var db = base.NewDb())
{
db.Member.Add(user);
await db.SaveChangesAsync();
return(user);
}
}
/// <summary>
/// Create an employee with password hash and salt
/// Sends mail with first login password
/// </summary>
/// <param name="employee"> EmployeeBO to create</param>
/// <returns> new EmployeeBO</returns>
public EmployeeBO Create(EmployeeBO employee)
{
using (var uow = _facade.UnitOfWork)
{
password = employee.Password;
_newEmployee = uow.EmployeeRepository.Create(_employeeConverter.Convert(employee));
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
_newEmployee.PasswordHash = passwordHash;
_newEmployee.PasswordSalt = passwordSalt;
_newEmployee.PasswordReset = true;
_newEmployee.IsAdmin = "User";
// _mailto.mailTo(_newEmployee.Username, password, _newEmployee.Firstname);
uow.Complete();
return(_employeeConverter.Convert(_newEmployee));
}
}
public async Task <string> NewPassword(Member member)
{
using (var db = base.NewDb())
{
var newPass = new System.Random();
var newPassword = newPass.Next(111111, 999999).ToString();
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(newPassword, out passwordHash, out passwordSalt);
member.PasswordHash = passwordHash;
member.PasswordSalt = passwordSalt;
await db.SaveChangesAsync();
return(newPassword);
}
}
public User Register(User userIn, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new Exception("Password is required");
}
if (_users.Find(user => user.Username == userIn.Username).Any())
{
throw new Exception("Username \"" + userIn.Username + "\" is already taken");
}
PasswordHash.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
userIn.PasswordHash = passwordHash;
userIn.PasswordSalt = passwordSalt;
_users.InsertOne(userIn);
return(userIn);
}
public void SeedUsers()
{
var userData = System.IO.File.ReadAllText("Data/UserSeedData.json");
var users = JsonConvert.DeserializeObject <List <User> >(userData);
foreach (var user in users)
{
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash("password", out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Username = user.Username.ToLower();
_context.Users.Add(user);
}
_context.SaveChanges();
}
public async Task <UserToReturnDto> Register(RegisterDto registerDto, string password)
{
var user = _mapper.Map <RegisterDto, AppUser>(registerDto);
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.IsInWork = true;
user.LoginDate = System.DateTime.Now;
user.UserRole = "users";
using (var db = base.NewDb())
{
db.AppUser.Add(user);
var saveNumber = await db.SaveChangesAsync();
return(_mapper.Map <AppUser, UserToReturnDto>(user));
}
}
public async Task <bool> ChangePassword(Member member, string oldPassword, string newPassword)
{
using (var db = base.NewDb())
{
//先判定原密碼是否正確
if (!PasswordHash.VerifyPasswordHash(oldPassword, member.PasswordHash, member.PasswordSalt))
{
return(false);
}
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(newPassword, out passwordHash, out passwordSalt);
member.PasswordHash = passwordHash;
member.PasswordSalt = passwordSalt;
member.UpdateTime = System.DateTime.Now;
await db.SaveChangesAsync();
return(true);
}
}
public void Update(UserModel user, string password = null)
{
var userParam = _dbContext.Users.Find(user.UserId);
if (userParam == null)
{
throw new AppException("User not found");
}
if (userParam.UserName != user.UserName)
{
//username has changed so check if the new username is already taken
if (_dbContext.Users.Any(x => x.UserName == userParam.UserName))
{
throw new AppException("Username " + userParam.UserName + " is already taken");
}
}
//update user properties
user.FirstName = userParam.FirstName;
user.LastName = userParam.LastName;
user.UserName = userParam.UserName;
user.Email = userParam.Email;
//update password if it was entered
if (!string.IsNullOrWhiteSpace(password))
{
byte[] passwordHash, passwordSalt;
PasswordHash.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
}
_dbContext.Users.Update(user);
_dbContext.SaveChanges();
}
