public CardModel <User> Save([FromBody] CardModel <User> card) { if (card?.Member == null) { throw new ArgumentNullException(nameof(card)); } var existUser = _repository.Find(new { login = card.Member.Login }); if (existUser != null && existUser.Id != card.Member.Id) { throw new PawnshopApplicationException("Пользователь с выбранным именем уже существует."); } var existIdentityNumber = _repository.Find(new { login = card.Member.IdentityNumber }); if (existIdentityNumber != null && existIdentityNumber.Id != card.Member.Id) { var error = String.Concat("Пользователь с таким ИИН уже существует: ", existIdentityNumber.Fullname); throw new PawnshopApplicationException(error); } using (var transaction = _repository.BeginTransaction()) { if (card.Member.Id > 0) { _repository.Update(card.Member); } else { card.Member.OrganizationId = _sessionContext.OrganizationId; card.Member.CreateDate = DateTime.Now; card.Member.ExpireDate = DateTime.Now.Date; _repository.Insert(card.Member); /*** TODO Нормальный механизм активации пользователя через электронную почту ***/ string hash; string salt; _saltedHash.GetHashAndSaltString("123456", out hash, out salt); _repository.SetPasswordAndSalt(card.Member.Id, hash, salt, 0); } var dbRoles = _memberRepository.Roles(card.Member.Id, false); var rolesAdd = card.Roles.Diff(dbRoles); var rolesDel = dbRoles.Diff(card.Roles); var dbGroups = _memberRepository.Groups(card.Member.Id, MemberRelationType.Direct); var groupsAdd = card.Groups.Diff(dbGroups); var groupsDel = dbGroups.Diff(card.Groups); _memberRepository.InsertRoles(card.Member.Id, rolesAdd); _memberRepository.DeleteRoles(card.Member.Id, rolesDel); _memberRepository.InsertGroups(card.Member.Id, groupsAdd); _memberRepository.DeleteGroups(card.Member.Id, groupsDel); transaction.Commit(); } return(card); }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; SaveUser(newUser); return(newUser); }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; using (var nhSession = GetCurrentSessionFn(sessionFactory)) { nhSession.Save(new UserAuthNHibernate(newUser)); } return(newUser); }
public async Task Seed() { string hashedPassword, salt; var hasher = new SaltedHash(); hasher.GetHashAndSaltString("p@ssw0rd", out hashedPassword, out salt); await new AddUserCommandHandler().HandleAsync(new AddUserCommand() { Email = "*****@*****.**", FirstName = "Abdul Jabbar", LastName = "Zaffar", HashedPassword = hashedPassword, PasswordSalt = salt, Role = (int)Role.Admin }); await new AddUserCommandHandler().HandleAsync(new AddUserCommand() { Email = "*****@*****.**", FirstName = "Abdul Qudoos", LastName = "Chaudhry", HashedPassword = hashedPassword, PasswordSalt = salt, Role = (int)Role.Admin }); }
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; Session.Save(new UserAuthPersistenceDto(newUser)); return(newUser); }
public UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHA1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; using (var session = _documentStore.OpenSession()) { session.Store(newUser); session.SaveChanges(); } return(newUser); }
// Return Id = Hash ; Name = Salt public ListModel PasswordGenerate(string password) { var PasswordHasher = new SaltedHash(); string salt; string hash; PasswordHasher.GetHashAndSaltString(password, out hash, out salt); return(new ListModel() { Id = hash, Name = salt }); }
public UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; Session.Save(new UserAuthPersistenceDto(newUser)); return(newUser); }
public void UpdatePassword([FromBody] PasswordModel model) { if (model == null) { throw new ArgumentNullException(nameof(model)); } ModelState.Validate(); string password, salt; _userRepository.GetPasswordAndSalt(_sessionContext.UserId, out password, out salt); var verified = _saltedHash.VerifyHashString(model.OldPassword, password, salt); if (!verified) { throw new PawnshopApplicationException("Пароль указан не верно."); } _saltedHash.GetHashAndSaltString(model.NewPassword, out password, out salt); _userRepository.SetPasswordAndSalt(_sessionContext.UserId, password, salt, _options.ExpireDay); }
public IUserAuth CreateUserAuth(IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; SaveUser(newUser); return(newUser); }
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password = null) { ValidateNewUserWithoutPassword(newUser); AssertNoExistingUser(newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHA1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHA1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; using (var session = _documentStore.OpenSession()) { session.Store(newUser); session.SaveChanges(); } return(newUser); }
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; SaveUser(newUser); return newUser; }
public IUserAuth CreateUserAuth(IUserAuth newUser, string password) { ValidateNewUser(newUser, password); AssertNoExistingUser(mongoDatabase, newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; SaveUser(newUser); return newUser; }
public System.Web.Http.Results.OkNegotiatedContentResult <ResponseModel> ChangePassword([FromBody] ChangePasswordModel changePasswordModel) { try { SaltedHash SH = new SaltedHash(); string strHash = ""; string strSalt = ""; byte[] hash = null; byte[] salt = null; ResponseModel response = new ResponseModel(); // See if this is a temporary password if (IsTemporaryPassword(changePasswordModel) == true) { // Dont check for a valid login } else if (IsValidLogin(changePasswordModel.LoginId, changePasswordModel.OldPassword) == false) { response.Code = "error"; response.Message = "Invalid Login or Password"; return(Ok(content: response)); } SH.GetHashAndSaltString(changePasswordModel.NewPassword, out strHash, out strSalt); System.Text.UTF8Encoding encoding = new System.Text.UTF8Encoding(); hash = encoding.GetBytes(strHash); salt = encoding.GetBytes(strSalt); SqlConnection myConnection = new SqlConnection(); myConnection.ConnectionString = System.Configuration.ConfigurationManager.AppSettings["DBConnection"]; SqlCommand sqlCmd = new SqlCommand(); sqlCmd.CommandText = "spChangePassword"; sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Connection = myConnection; SqlParameter parameter = new SqlParameter(); parameter.ParameterName = "@Login_Id"; parameter.SqlDbType = SqlDbType.VarChar; parameter.Direction = ParameterDirection.Input; parameter.Size = 50; parameter.Value = changePasswordModel.LoginId; sqlCmd.Parameters.Add(parameter); parameter = new SqlParameter(); parameter.ParameterName = "@Hash"; parameter.SqlDbType = SqlDbType.VarBinary; parameter.Direction = ParameterDirection.Input; parameter.Size = 250; parameter.Value = hash; sqlCmd.Parameters.Add(parameter); parameter = new SqlParameter(); parameter.ParameterName = "@Salt"; parameter.SqlDbType = SqlDbType.VarBinary; parameter.Direction = ParameterDirection.Input; parameter.Size = 250; parameter.Value = salt; sqlCmd.Parameters.Add(parameter); parameter = new SqlParameter(); parameter.ParameterName = "@Results"; parameter.SqlDbType = SqlDbType.VarChar; parameter.Size = 50; parameter.Direction = ParameterDirection.Output; sqlCmd.Parameters.Add(parameter); myConnection.Open(); sqlCmd.ExecuteNonQuery(); if (parameter.Value.ToString().Equals("0")) { response.Code = "success"; response.Message = "Your Password Has Been Changed Successfully"; } else { response.Code = "error"; response.Message = "Invalid Login or Password"; } myConnection.Close(); return(Ok(content: response)); } catch (Exception ex) { ExceptionModel.SaveException(ex.Message, System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString(), System.Reflection.MethodInfo.GetCurrentMethod().Name); return(null); } }
/// <summary> /// this function will do a inital for all tables /// </summary> public static void InitDbTable(string user, bool GainPermission = false, bool support_schema = false) { var dbConn = BasicModelBase.ServiceAppHost.TryResolve <IDbConnection>(); #region DanhMuc if (support_schema) { CreateSchemaIfNotExists(dbConn, "DanhMuc", GainPermission, user); } dbConn.CreateTableIfNotExists <DanhMuc_HanhChinh>(); #endregion #region CMS if (support_schema) { CreateSchemaIfNotExists(dbConn, "System", GainPermission, user); CreateSchemaIfNotExists(dbConn, "CMS", GainPermission, user); } // User Management dbConn.CreateTableIfNotExists <ABUserAuth>(); dbConn.CreateTableIfNotExists <ABUserOAuthProvider>(); dbConn.CreateTableIfNotExists <UsersActivation>(); // language dbConn.CreateTableIfNotExists <Language>(); // for sites dbConn.CreateTableIfNotExists <Website>(); dbConn.CreateTableIfNotExists <Site_ContactusConfig>(); //dbConn.CreateTable<Site_ContactusConfig>(overwrite: true); //dbConn.CreateTableIfNotExists<Site_Lang_Dis>(); dbConn.CreateTableIfNotExists <Site_MemberGroup>(); dbConn.CreateTableIfNotExists <Site_MemberGroupDetail>(); dbConn.CreateTableIfNotExists <SiteTopic>(); dbConn.CreateTableIfNotExists <SiteTopicLanguage>(); dbConn.CreateTableIfNotExists <SiteSetting>(); dbConn.CreateTableIfNotExists <Settings>(); dbConn.CreateTableIfNotExists <SiteNewsletter>(); dbConn.CreateTableIfNotExists <Site_MaillingListTemplate>(); dbConn.CreateTableIfNotExists <Site_ContactUs>(); dbConn.CreateTableIfNotExists <Testimonial>(); dbConn.CreateTableIfNotExists <SocialAccount>(); dbConn.CreateTableIfNotExists <Site_Banner>(); dbConn.CreateTableIfNotExists <Site_FlashHeader>(); // navigation dbConn.CreateTableIfNotExists <Navigation>(); // news dbConn.CreateTableIfNotExists <Site_News_Category>(); dbConn.CreateTableIfNotExists <Site_News>(); // blog dbConn.CreateTableIfNotExists <Site_Blog_Category>(); dbConn.CreateTableIfNotExists <Site_Blog>(); // system dbConn.CreateTableIfNotExists <Country>(); dbConn.CreateTableIfNotExists <Theme>(); dbConn.CreateTableIfNotExists <Language_Translation>(); dbConn.CreateTableIfNotExists <MailQueue>(); dbConn.CreateTableIfNotExists <Exceptions>(); #endregion #region SMS if (support_schema) { CreateSchemaIfNotExists(dbConn, "SMS", GainPermission, user); } dbConn.CreateTableIfNotExists <SMSTemplateModel>(); #endregion #region Products & Category if (support_schema) { CreateSchemaIfNotExists(dbConn, "Products", GainPermission, user); } dbConn.CreateTableIfNotExists <Product_Category>(); /* dbConn.CreateTable<Product_Category>(overwrite:true); */ dbConn.CreateTableIfNotExists <Product>(); dbConn.CreateTableIfNotExists <Product_Images>(); dbConn.CreateTableIfNotExists <ProductCategoryImage>(); dbConn.CreateTableIfNotExists <ProductCategoryMaterial>(); dbConn.CreateTableIfNotExists <ProductCategoryMaterialDetail>(); // product price dbConn.CreateTableIfNotExists <Price>(); // option dbConn.CreateTableIfNotExists <Product_Option>(); dbConn.CreateTableIfNotExists <OptionInProduct>(); // Payment dbConn.CreateTableIfNotExists <PayPalStandardPaymentSettings>(); // Coupon dbConn.CreateTableIfNotExists <CouponPromo>(); // order dbConn.CreateTableIfNotExists <AddressModel>(); dbConn.CreateTableIfNotExists <Order>(); dbConn.CreateTableIfNotExists <Order_History>(); dbConn.CreateTableIfNotExists <Order_ProductOptionUsing>(); dbConn.CreateTableIfNotExists <Order_ProductionJobSheet>(); dbConn.CreateTableIfNotExists <Order_UploadFilesTicket>(); // extra shipping dbConn.CreateTableIfNotExists <Country_State_ExtraShipping>(); #endregion #region Report if (support_schema) { CreateSchemaIfNotExists(dbConn, "Reports", GainPermission, user); } dbConn.CreateTableIfNotExists <StaffActivity>(); #endregion #region Extra Shipping #endregion #region Init System if (dbConn.Count <ABUserAuth>(m => m.ActiveStatus) == 0) { // add default user ABUserAuth u = new ABUserAuth() { UserName = "******", ActiveStatus = true, CreatedDate = DateTime.Now, DisplayName = "Trung Click4Corp", Email = "*****@*****.**", FirstName = "Imm", LastName = "Dang", FullName = "Imm Dang", Gender = "Male", Language = "EN", Roles = new global::System.Collections.Generic.List <string>() }; var PasswordHasher = new SaltedHash(); string salt; string hash; PasswordHasher.GetHashAndSaltString("123absoft.vn", out hash, out salt); u.PasswordHash = hash; u.Salt = salt; u.Roles.Add(RoleEnum.Administrator.ToString()); dbConn.Insert <ABUserAuth>(u); u.Id = (int)dbConn.GetLastInsertId(); if (dbConn.Count <Website>() == 0) { Website w = new Website() { CreatedBy = u.Id, CreatedOn = DateTime.Now, Domain = new global::System.Collections.Generic.List <string>(), Name = "ABSoft CMS Site" }; w.Domain.Add("localhost"); dbConn.Insert <Website>(w); } } #endregion }
private void button4_Click(object sender, EventArgs e) { if (!LoadCustomer()) { MessageBox.Show("Can load load data file"); return; } if (!ConnectDB()) { MessageBox.Show("Can not load db"); return; } //if (!ConnectToAccess()) //{ // MessageBox.Show("Can not load access file"); // return; //} var countries = Db.Select <Country>(); var count = 0; tSQL.Text = ""; tInserted.Text = "0"; tDuplicated.Text = "0"; foreach (var cus in customer) { // check existing if (Db.Select <ABUserAuth>(x => x.Where(m => m.Email == cus.email).Limit(1)).Count > 0) { UpdateInfo("User " + cus.email + " already existed"); tDuplicated.Text = (int.Parse(tDuplicated.Text) + 1).ToString(); continue; } var c = new ABUserAuth(); c.ActiveStatus = true; c.Addr = cus.address; // date try { c.BirthDate = DateTime.Parse(cus.dob); } catch { c.BirthDate = DateTime.MinValue; } c.City = cus.city; var country = countries.Where(x => x.Code == cus.country).FirstOrDefault(); if (country != null) { c.Country = country.Code; } else { c.Country = "MY"; } c.CreatedDate = DateTime.Now; c.DisplayName = cus.firstname + " " + cus.lastname; c.Email = cus.email; c.FirstName = cus.firstname; c.FullName = c.DisplayName; c.Gender = "male"; c.GroupId = 0; c.Id = 0; c.LastName = cus.lastname; c.MailAddress = cus.email; c.Permissions = new List <string>(); c.Roles = new List <string>(); c.Roles.Add("Customer"); c.Phone = cus.phone; c.PostalCode = cus.postcode; c.PrimaryEmail = cus.email; c.States = cus.state; c.UserName = cus.email; // password var PasswordHasher = new SaltedHash(); string salt; string hash; PasswordHasher.GetHashAndSaltString(cus.password, out hash, out salt); c.PasswordHash = hash; c.Salt = salt; // then insert Db.Insert <ABUserAuth>(c); Application.DoEvents(); count++; tInserted.Text = (int.Parse(tInserted.Text) + 1).ToString(); tSQL.Text = string.Format("Inserted customer {0} {1} {2} - {3:0.00}% ", cus.firstname, cus.lastname, cus.email, (double)count / (double)customer.Count * 100) + "\r\n" + tSQL.Text; Application.DoEvents(); Application.DoEvents(); } UpdateInfo("Finish " + DateTime.Now.ToString()); }