public async Task ChangePassword(int id, string password, string oldPass)
{
var user = await this._userRepos.GetByIdAsync(id);
/*var hashedPassword = PasswordHasher.GetHashPassword(password);
* user.Password = hashedPassword.HashedPassword;
* user.Salt = hashedPassword.Salt;
* await _userRepos.UpdateUser(user);*/
var isCorrectPassword = PasswordHasher.CheckHashedPassword(new Models.HashPassword()
{
HashedPassword = user.Password,
Password = oldPass,
Salt = user.Salt
});
if (isCorrectPassword)
{
var hashedPassword = PasswordHasher.GetHashPassword(password);
user.Password = hashedPassword.HashedPassword;
user.Salt = hashedPassword.Salt;
await _userRepos.UpdateUser(user);
}
else
{
throw new Exception("Mật khẩu cũ không đúng");
}
}
public Task <string> CheckLogin(Models.LoginRequest loginInfo)
{
var user = _userRepos.GetAllIncluding(u => u.Role, u => u.Premises, u => u.Premises.PremisesType).Where(u => u.Username == loginInfo.Username).SingleOrDefault();
if (user != null)
{
var isCorrectPassword = PasswordHasher.CheckHashedPassword(new Models.HashPassword()
{
HashedPassword = user.Password,
Password = loginInfo.Password,
Salt = user.Salt
});
if (isCorrectPassword)
{
if (!user.IsActive)
{
throw new DeActivedUsernameException(msg: MessageConstant.DEACTIVED_USER);
}
if (user.RoleId != RoleDataConstant.ADMIN_ID && user.RoleId != RoleDataConstant.VETERINARY_ID)
{
if (!user.Premises.IsActive)
{
throw new DeActivedPremisesException(msg: MessageConstant.DEACTIVED_PREMISES);
}
}
var roles = new List <string>
{
user.Role.Name
};
string premesisId = null;
ClaimsIdentity subject = new ClaimsIdentity();
subject.AddClaim(new Claim("userID", user.UserId.ToString()));
if (user.Premises != null)
{
roles.Add(user.Premises.PremisesType.Name);
premesisId = user.Premises.PremisesId.ToString();
subject.AddClaim(new Claim("premisesID", premesisId));
}
foreach (var role in roles)
{
subject.AddClaim(new Claim(ClaimTypes.Role, role));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = subject,
Expires = DateTime.UtcNow.AddMinutes(30),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return(Task.FromResult(token));
}
}
throw new InvalidUsernameOrPasswordException(msg: MessageConstant.WRONG_PASS_OR_USERNAME);
}
public async Task <Student> Login(string email, string password)
{
var user = await _repository.GetByEmailAsync(email);
if (user != null && PasswordHasher <Student, Guid> .CheckHashedPassword(user, password))
{
return(user);
}
return(null);
}
public async Task <Employer> Login(string email, string password)
{
var employer = await _repository.GetByEmailAsync(email);
if (employer != null && PasswordHasher <Employer, Guid> .CheckHashedPassword(employer, password))
{
return(employer);
}
return(null);
}
public async Task <User> CheckLogin(Models.LoginRequest loginInfo)
{
var user = await this._userRepos.FindByUsername(loginInfo.Username);
if (user != null)
{
var isCorrectPassword = PasswordHasher.CheckHashedPassword(new Models.HashPassword()
{
HashedPassword = user.Password,
Password = loginInfo.Password,
Salt = user.Salt
});
if (isCorrectPassword)
{
return(user);
}
}
throw new InvalidUsernameOrPasswordException("Wrong Username or Password");
}