Exemple #1
0
        public LogInProMaUserResponse LogInProMaUser([FromBody] LogInProMaUserRequestObject requestObject)
        {
            string shaPassword = requestObject.skipHash ? requestObject.password : ProMaUser.ComputeSHA256(requestObject.password);

            // For the convenience of users, we want to return a message in the case where a user name exists, but the password is wrong
            // the slight security concerns relating to this is noted
            ProMaUser relevantUser = ProMaUserHandler.ThisCache.FirstOrDefault(x => x.UserName.ToLower() == requestObject.userName.ToLower());

            if (relevantUser != null)
            {
                if (relevantUser.HashedPassword == shaPassword)
                {
                    HttpContext.Session.SetInt32(USERIDSESSIONKEY, relevantUser.UserId);
                    HttpContext.Session.SetString(USERPASSWORDSESSIONKEY, shaPassword);

                    LogInProMaUserResponse response = new LogInProMaUserResponse();
                    response.User             = relevantUser;
                    response.PassBackPassword = shaPassword;

                    return(response);
                }
                else
                {
                    throw new InvalidLogInException();
                }
            }
            else
            {
                throw new InvalidLogInException();
            }
        }
Exemple #2
0
        public ProMaUser RegisterProMaUser([FromBody] RegisterProMaUserRequestObject requestObject)
        {
            using (ProMaDB scope = new ProMaDB())
            {
                if (string.IsNullOrWhiteSpace(requestObject.md5Password))
                {
                    throw new Exception("Invalid password");
                }

                if (!ProMaUser.VerifyName(requestObject.userName))
                {
                    throw new Exception("Invalid user name");
                }

                // make sure no user with the same name
                ProMaUser existingUser = ProMaUserHandler.GetUserByUserName(requestObject.userName);

                if (existingUser != null)
                {
                    throw new Exception("User already exists by that name");
                }

                ProMaUser newUser = new ProMaUser();

                newUser.HashedPassword = ProMaUser.ComputeSHA256(requestObject.md5Password);;
                newUser.JoinTime       = ProMaUser.NowTime();
                newUser.UserName       = requestObject.userName;

                ProMaUserHandler.AddProMaUser(newUser);

                PostedNote seedNote = new PostedNote();
                seedNote.UserId        = newUser.UserId;
                seedNote.NoteText      = @"You can create new notes by using the text area in the right.\r\n\r\nNotes can have note types (see the ""as type"" selector). You can create new note types using the utilties area to the bottom right, and selecting the ""Note Types"" tab.\r\n\r\nYou can sort by note types using the filters at the bottom of the screen, among other filter options.\r\n\r\nEach note has buttons to the top right of them, like the pencil icon for editing a note or the target icon for marking it as complete. Use these to alter the notes however you would like.\r\n\r\nTry out the other tabs for useful utilities, like keeping track of daily chores, or the Egg Timer tab to handle productivity cycles.\r\n\r\nHave fun using ProMa!";
                seedNote.PostedTime    = ProMaUser.NowTime();
                seedNote.Active        = true;
                seedNote.Completed     = false;
                seedNote.CompletedTime = null;
                seedNote.Highlighted   = false;
                seedNote.NoteTypeId    = null;

                PostedNoteHandler.AddPostedNote(seedNote);

                return(newUser);
            }
        }
Exemple #3
0
        public void ChangePassword([FromForm] string md5Password)
        {
            ProMaUser user = DataController.LoggedInUser;

            if (user == null)
            {
                throw new NotLoggedInException();
            }

            if (string.IsNullOrEmpty(md5Password))
            {
                throw new Exception("Invalid password");
            }

            if (user.IsDemo)
            {
                throw new Exception("Can't change Demo Account password");
            }

            user.HashedPassword = ProMaUser.ComputeSHA256(md5Password);

            ProMaUserHandler.UpdateUser(user);
        }