public async Task <IHttpActionResult> Init(Auth.User data) { if (data != null && data.unique_id != null) { var u = await Resources.Database.User.Get.ByGuid(data.unique_id); if (u == null) { return(Unauthorized()); } else { if (await Resources.Database.User.Check.IsAdmin(data)) { return(Ok(new CustomClasses.API.Data() { users = await Resources.Database.User.Get.AllUsersData(), disks = Global.GlobalMovieDisksList ?? null, movies = Resources.Database.AllMovies ?? new List <Movie_Data>(), settings = Global.GlobalServerSettings ?? null, apiHistory = await History.Get.API() })); } return(Unauthorized()); } } return(BadRequest()); }
public TokenUser RefreshTokenLogin(string refreshToken) { if (refreshToken != null) { Models.Users dbUser = _dbContext.Users.FirstOrDefault(x => x.RefreshToken == refreshToken); if (dbUser != null && dbUser?.RefreshTokenEndDate > DateTime.Now) { MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); dbUser.RefreshToken = token.RefreshToken; dbUser.RefreshTokenEndDate = token.Expiration.AddMinutes(5); _dbContext.SaveChanges(); Auth.User user = new Auth.User() { Email = dbUser.UserName, Name = dbUser.Name, Password = dbUser.Password, Surname = dbUser.Surname }; return(new TokenUser() { Token = token, User = user }); } } return(null); }
public ServiceResult <TokenUser> IlanAuthenticate(string username, string password) { try { VakifDb db = new VakifDb(_appSettings.ConnStr); if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 1, ResultData = null, ResultExplanation = "Kullanıcı Adı ve Şifre Boş Olamaz!" }); } var sonuc = db.GetKullanici(username, password); if (sonuc.BasariliMi)//yalnızca kullanıcı bulurusa true { Auth.User user = new Auth.User() { PersonelID = int.Parse(sonuc.Veri.Rows[0]["ID"].ToString()), TCKimlikNo = sonuc.Veri.Rows[0]["TCKimlikNo"].ToString(), Name = sonuc.Veri.Rows[0]["Adi"].ToString(), Surname = sonuc.Veri.Rows[0]["Soyadi"].ToString(), DogumTarihi = (DateTime)(sonuc.Veri.Rows[0]["DogumTarihi"]), DogumYeri = sonuc.Veri.Rows[0]["DogumYeri"].ToString(), MedeniDurumu = sonuc.Veri.Rows[0]["MedeniHali"].ToString(), Cinsiyet = sonuc.Veri.Rows[0]["Cinsiyeti"].ToString(), Email = sonuc.Veri.Rows[0]["EPosta"].ToString(), }; MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); db.SetRefreshToken(token, sonuc.Veri.Rows[0]["ID"].ToString()); return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 0, ResultData = new TokenUser() { Token = token, User = user }, ResultExplanation = "Giriş Başarılı!" }); } else { return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 1, ResultData = null, ResultExplanation = sonuc.Mesaj }); } } catch (Exception exc) { return(new ServiceResult <TokenUser>() { isSuccessfull = false, ResultCode = 2, ResultData = null, ResultExplanation = exc.Message }); } }
private void ReadSpringfieldAccessControlDb() { using (var connection = new QBasicConnection(port: 5010)) { connection.Open(); var userPrincipals = connection.QueryObjects <Acl.UserPrincipal>("select from .acl.userPrincipal") .ToLookup(u => u.User); // Pull out the users and initialise the objects with all relevant principal Ids var users = connection.QueryObjects <Auth.User>("select from .auth.user") .Select(u => { u.PrincipalIds = userPrincipals[u.Id].Select(p => p.Principal).ToArray(); return(u); }) .ToDictionary(u => u.Id); // pull out the grant acl and restructure the data for rapid in-proc queries var grantResourceAcl = connection.QueryObjects <Acl.GrantResourceAcl>("select from .acl.grantResourceAcl") .GroupBy(row => row.Resource) .ToDictionary(group => group.Key, group => group.ToLookup(entry => entry.Operation, entry => entry.Principal)); var denyResourceAcl = connection.QueryObjects <Acl.DenyResourceAcl>("select from .acl.denyResourceAcl") .GroupBy(row => row.Resource) .ToDictionary(group => group.Key, group => group.ToLookup(entry => entry.Operation, entry => entry.Principal)); // Now we can test our ACL Auth.User dbUser = users[Users.Bart.Id]; var denyOutcome = denyResourceAcl.OnResource(Resources.SimpsonHome).PermissionTo(Operations.Enter).ExistsFor(dbUser); var grantOutcome = grantResourceAcl.OnResource(Resources.SimpsonHome).PermissionTo(Operations.Enter).ExistsFor(dbUser); Console.WriteLine($"{dbUser.Name} is {IsPermitted(denyOutcome, grantOutcome)} to Enter the Simpson Home"); // We gave Smithers specific access to enter the Simpsons Home dbUser = users[Users.Smithers.Id]; denyOutcome = denyResourceAcl.OnResource(Resources.SimpsonHome).PermissionTo(Operations.Leave).ExistsFor(dbUser); grantOutcome = grantResourceAcl.OnResource(Resources.SimpsonHome).PermissionTo(Operations.Leave).ExistsFor(dbUser); Console.WriteLine($"{dbUser.Name} is {IsPermitted(denyOutcome, grantOutcome)} specifically to Enter the Simpson Home"); dbUser = users[Users.MrBurns.Id]; denyOutcome = denyResourceAcl.OnResource(Resources.HeadOffice).PermissionTo(Operations.Leave).ExistsFor(dbUser); grantOutcome = grantResourceAcl.OnResource(Resources.HeadOffice).PermissionTo(Operations.Leave).ExistsFor(dbUser); Console.WriteLine($"{dbUser.Name} is {IsPermitted(denyOutcome, grantOutcome)} to Leave the office"); Console.ReadKey(); } }
public static bool ExistsFor(this IEnumerable <string> principalIds, Auth.User user) { if (principalIds == null) { return(false); } return(principalIds.Any( aclPrincipal => user.PrincipalIds.Any( userPrincipal => string.Equals(aclPrincipal, userPrincipal)))); }
/// <summary> /// Initialize the app and retrieve all data from API /// </summary> /// <param name="data">Auth.User</param> /// <returns>APIData</returns> public static async Task <Objects.Communication.Data> InitApp(Auth.User data) { var response = await Administration.Init(Create.HttpContent <Auth.User>(data)); Objects.Communication.Data init = new Objects.Communication.Data(); try { init = JsonConvert.DeserializeObject <Objects.Communication.Data>(await response.Content.ReadAsStringAsync()); } catch (Exception ex) { MessageBox.Show(ex.Message, "An error occured", MessageBoxButtons.OK, MessageBoxIcon.Error); } return(init); }
public TokenUser IlanAuthenticate(string username, string password) { // var appSettingsSection = Configuration.GetSection("AppSettings"); // services.Configure<AppSettings>(appSettingsSection); // Oluşturduğumuz gizli anahtarımızı byte dizisi olarak alıyoruz. // var appSettings = appSettingsSection.Get<AppSettings>(); // var key = Encoding.ASCII.GetBytes(appSettings.SecretKey); VakifDb db = new VakifDb(); if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { throw new Exception("Kullanıcı Adı ve Şifre Boş Olamaz!"); } if (Util.TcKontrol(username)) { var sonuc = db.GetKullanici(username, password); if (sonuc.BasariliMi) { Auth.User user = new Auth.User() { Email = sonuc.Veri.Rows[0]["EPosta"].ToString(), ApplicantID = int.Parse(sonuc.Veri.Rows[0]["ID"].ToString()), Name = sonuc.Veri.Rows[0]["Adi"].ToString(), Surname = sonuc.Veri.Rows[0]["Soyadi"].ToString() }; MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); return(new TokenUser() { Token = token, User = user }); } else { throw new Exception("Bağlantı Hatası!"); } } else { throw new Exception("Kullanıcı Bulunamadı!"); } }
/// <summary> /// Refresh movies and retrieve new list /// </summary> /// <param name="data">Auth.User</param> /// <returns>List<Movie.Data></returns> public static async Task <List <Movie.Data> > RefreshData(Auth.User data) { var response = await Administration.Refresh( Create.HttpContent <Auth.User>(data) ); List <Movie.Data> m = new List <Movie.Data>(); try { m = JsonConvert.DeserializeObject <List <Movie.Data> >(await response.Content.ReadAsStringAsync()); } catch (Exception ex) { MessageBox.Show(ex.Message, "An error occured", MessageBoxButtons.OK, MessageBoxIcon.Error); } return(m); }
public async Task <IHttpActionResult> Create([FromBody] Auth.User data) { var user = await Resources.Database.User.Get.ByUsername(data.username); if (user == null) { if (data.password != null && data.email != null) { user = await Resources.Database.User.Create.New(new User_Info() { username = data.username, password = data.password, email = data.email, birthday = data.birthday, display_name = data.display_name, }); if (user != null && user.unique_id != null) { if (Resources.Email.Email.Send(user)) { if ((await Resources.Database.User.Get.ByGuid(user.unique_id)).unique_id != null) { return(Ok()); } await Resources.Database.User.Remove.User(user); return(Conflict()); } else { await Resources.Database.User.Remove.User(user); return(BadRequest("Email address was incorrect or invalid!")); } } } return(BadRequest("not enough paramaters were set to create a user")); } return(Unauthorized()); }
public async Task <IHttpActionResult> Refresh(Auth.User data) { if (data != null && data.unique_id != null) { var user = await Resources.Database.User.Get.ByGuid(data.unique_id); if (user != null && user.unique_id == data.unique_id) { Resources.Database.Movie.Refresh.RefreshAndOrganize(); await History.Create(History.Type.API, new History_API() { api_action = "Administration -> Refresh movie list requested from user " + user.username, api_datetime = DateTime.Now, api_type = "Refresh movie list" }); return(Ok(Resources.Database.AllMovies)); } } return(Unauthorized()); }
public TokenUser IlanRefreshTokenLogin(string refreshToken, int applicantId) { if (refreshToken != null) { VakifDb db = new VakifDb(); var sonuc = db.CheckRefreshToken(refreshToken); if (sonuc.Veri.Rows.Count > 0 && (DateTime)(sonuc.Veri.Rows[0]["RefreshTokenEndDate"]) > DateTime.Now) { MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); db.SetRefreshToken(token.RefreshToken, applicantId.ToString()); Auth.User user = new Auth.User() { Email = sonuc.Veri.Rows[0]["EPosta"].ToString(), ApplicantID = int.Parse(sonuc.Veri.Rows[0]["ID"].ToString()), Name = sonuc.Veri.Rows[0]["Adi"].ToString(), Surname = sonuc.Veri.Rows[0]["Soyadi"].ToString() }; return(new TokenUser() { Token = token, User = user }); } else { throw new Exception("Refresh token Süresi Doldu!"); } } else { throw new Exception("RefreshToken boş olamaz!"); } }
public async Task <IHttpActionResult> GetAllUsers(Auth.User data) { if (await Resources.Database.User.Check.IsAdmin(data)) { if (data != null && data.unique_id != null) { var user = await Resources.Database.User.Get.ByGuid(data.unique_id); if (user != null && user.username == data.username) { await History.Create(History.Type.API, new History_API() { api_action = "Administration -> Requesting user list from DB, user: "******"Request new user list" }); return(Ok(await Resources.Database.User.Get.AllUsersData())); } } return(BadRequest()); } return(Unauthorized()); }
//Ekstra bir DTO veya model oluşturmamak için şimdilik değerlerimi geriye tuple olarak dönüyorum. // public (string username, string token)? Authenticate(string username, string password) #region orginal methods public TokenUser Authenticate(string username, string password) { //Kullanıcının gerçekten olup olmadığı kontrol ediyorum yoksa direk null dönüyorum. var dbUser = _dbContext.Users.SingleOrDefault(x => x.UserName == username && x.Password == password); if (dbUser == null) { return(null); } Auth.User user = new Auth.User() { Email = dbUser.UserName, Name = dbUser.Name, Password = dbUser.Password, Surname = dbUser.Surname }; MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); //_appSettings. //Refresh token Users tablosuna işleniyor. dbUser.RefreshToken = token.RefreshToken; dbUser.RefreshTokenEndDate = token.Expiration.AddMinutes(3); user.RefreshToken = token.RefreshToken; user.RefreshTokenEndDate = dbUser.RefreshTokenEndDate; _dbContext.SaveChanges(); return(new TokenUser() { Token = token, User = user }); #region original /* * İlk Versiyon(REfresh TOKEN olmayan) * * // Token oluşturmak için önce JwtSecurityTokenHandler sınıfından instance alıyorum. * var _tokenHandler = new JwtSecurityTokenHandler(); * //İmza için gerekli gizli anahtarımı alıyorum. * var key = Encoding.ASCII.GetBytes(_appSettings.SecretKey); * * var tokenDescriptor = new SecurityTokenDescriptor * { * //Özel olarak şu Claimler olsun dersek buraya ekleyebiliriz. * Subject = new ClaimsIdentity(new[] * { * //İstersek string bir property istersek ClaimsTypes sınıfının sabitlerinden çağırabiliriz. * new Claim("userId", user.Id.ToString()), * new Claim(ClaimTypes.Name,user.Email), * new Claim("Name",user.Name), * new Claim("Surname",user.Surname) * }), * //Tokenın hangi tarihe kadar geçerli olacağını ayarlıyoruz. * Expires = DateTime.UtcNow.AddMinutes(15), * //Son olarak imza için gerekli algoritma ve gizli anahtar bilgisini belirliyoruz. * SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) * }; * //Token oluşturuyoruz. * var _token = _tokenHandler.CreateToken(tokenDescriptor); * //Oluşturduğumuz tokenı string olarak bir değişkene atıyoruz. * string generatedToken = _tokenHandler.WriteToken(_token); * * // Sonuçlarımızı tuple olarak dönüyoruz. * return (user.Email, generatedToken); * // return ("", ""); * */ #endregion }
public ServiceResult <TokenUser> IlanRefreshTokenLogin(string refreshToken) { try { if (refreshToken != null) { VakifDb db = new VakifDb(_appSettings.ConnStr); var sonuc = db.CheckRefreshToken(refreshToken); if (sonuc.Veri.Rows.Count > 0 && (DateTime)(sonuc.Veri.Rows[0]["RefreshTokenEndDate"]) > DateTime.Now) { MyTokenHandler tokenHandler = new MyTokenHandler(_appSettings); Token token = tokenHandler.CreateAccessToken(); string applicantId = sonuc.Veri.Rows[0]["ID"].ToString(); db.SetRefreshToken(token, applicantId); Auth.User user = new Auth.User() { PersonelID = int.Parse(sonuc.Veri.Rows[0]["ID"].ToString()), TCKimlikNo = sonuc.Veri.Rows[0]["TCKimlikNo"].ToString(), Name = sonuc.Veri.Rows[0]["Adi"].ToString(), Surname = sonuc.Veri.Rows[0]["Soyadi"].ToString(), DogumTarihi = (DateTime)(sonuc.Veri.Rows[0]["DogumTarihi"]), DogumYeri = sonuc.Veri.Rows[0]["DogumYeri"].ToString(), MedeniDurumu = sonuc.Veri.Rows[0]["MedeniHali"].ToString(), Cinsiyet = sonuc.Veri.Rows[0]["Cinsiyeti"].ToString(), Email = sonuc.Veri.Rows[0]["EPosta"].ToString(), }; return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 0, ResultData = new TokenUser() { Token = token, User = user }, ResultExplanation = "Giriş Başarılı!" }); } else { return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 1, ResultData = null, ResultExplanation = sonuc.Mesaj }); } } else { return(new ServiceResult <TokenUser>() { isSuccessfull = true, ResultCode = 1, ResultData = null, ResultExplanation = "RefreshToken boş olamaz!" }); //throw new Exception(); } } catch (Exception exc) { return(new ServiceResult <TokenUser>() { isSuccessfull = false, ResultCode = 2, ResultData = null, ResultExplanation = exc.Message }); } }
public async Task <IHttpActionResult> ChangeProfilePicture([FromBody] Auth.User data) { try { string status = "BadRequest"; if (data != null && (data.image_url != null || data.unique_id != null)) { status = await Resources.Database.User.Edit.UserPicture(data); } switch (status) { case "OK": { await History.Create(History.Type.User, new History_User() { user_action = "User changed profile picture -> " + data.unique_id, user_datetime = DateTime.Now, user_id = data.unique_id, user_movie = "", user_type = "Ok-UserChangeProfilePicture" }); return(Ok()); } case "NotAuthorized": { await History.Create(History.Type.User, new History_User() { user_action = "User change profile picture -> " + data.unique_id, user_datetime = DateTime.Now, user_id = data.unique_id, user_movie = "", user_type = "NotAuth-UserChangeProfilePicture" }); return(Unauthorized()); } case "Exception": { await History.Create(History.Type.User, new History_User() { user_action = "User change profile picture -> " + data.unique_id, user_datetime = DateTime.Now, user_id = data.unique_id, user_movie = "", user_type = "Exception-UserChangeProfilePicture" }); return(BadRequest()); } case "BadRequest": { await History.Create(History.Type.User, new History_User() { user_action = "User change profile picture -> " + data.unique_id, user_datetime = DateTime.Now, user_id = data.unique_id, user_movie = "", user_type = "BadReq-UserChangeProfilePicture" }); return(BadRequest()); } } await History.Create(History.Type.User, new History_User() { user_action = "User change profile picture : " + data.unique_id, user_datetime = DateTime.Now, user_id = data.unique_id, user_movie = "", user_type = "BadReq-UserChangeProfilePicture" }); return(BadRequest()); } catch (Exception ex) { await History.Create(History.Type.API, new History_API() { api_action = "UserController --> ChangeProfilePicture" + ex.Message, api_datetime = DateTime.Now, api_type = "Exception in UserController --> ChangeProfilePicture" }); return(BadRequest()); } }
private void OnSetReferall(Auth.User rez) { Debug.Log("GOOD = " + rez); }