public async Task <IActionResult> PutAsync(Guid id, [FromBody] UserInputModel model)
{
if (default(Guid).Equals(id))
{
AddNotification("O Id do usuário não foi informado.");
return(ResponseInvalid());
}
if (ModelState.IsValid)
{
var encryptedPassword = CryptographyHelper.Sha256(model.Password);
var user = new User(model.UserName, encryptedPassword);
await _userService.UpdateAsync(id, user);
if (ValidOperation())
{
return(NoContent());
}
return(ResponseInvalid());
}
NotifyModelStateError();
return(ResponseInvalid());
}
public IActionResult VerifyVerificationCodeSms(MobileVerificationDto dto)
{
var mobileNumber = CryptographyHelper.Decrypt(dto.EncryptedMobileNumber);
var user = UnitOfWork.UserRepository.Find(u => u.MobileNumber == mobileNumber).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
bool result = UserManager.VerifyVerificationCodeSms(user, dto.Code);
if (result)
{
var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.Mobile);
if (nextStep == AuthenticationSteps.Done.ToString())
{
return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId)));
}
else
{
return(Ok(new { NextRoute = nextStep }));
}
}
else
{
return(StatusCode(400, new { Error = "کد ارسالی مورد تأیید نمی باشد" }));
}
}
protected override void Execute(CodeActivityContext context)
{
try
{
string inputFilePath = InputFilePath.Get(context);
string outputFilePath = OutputFilePath.Get(context);
string key = Key.Get(context);
Encoding keyEncoding = KeyEncoding.Get(context);
if (string.IsNullOrWhiteSpace(inputFilePath))
{
throw new ArgumentNullException(Resources.InputFilePathDisplayName);
}
if (string.IsNullOrWhiteSpace(outputFilePath))
{
throw new ArgumentNullException(Resources.OutputFilePathDisplayName);
}
if (string.IsNullOrWhiteSpace(key))
{
throw new ArgumentNullException(Resources.Key);
}
if (keyEncoding == null)
{
throw new ArgumentNullException(Resources.Encoding);
}
if (!File.Exists(inputFilePath))
{
throw new ArgumentException(Resources.FileDoesNotExistsException, Resources.InputFilePathDisplayName);
}
// Because we use File.WriteAllText below, we don't need to delete the file now.
if (File.Exists(outputFilePath) && !Overwrite)
{
throw new ArgumentException(Resources.FileAlreadyExistsException, Resources.OutputFilePathDisplayName);
}
byte[] encrypted = File.ReadAllBytes(inputFilePath);
byte[] decrypted = null;
try
{
decrypted = CryptographyHelper.DecryptData(Algorithm, encrypted, keyEncoding.GetBytes(key));
}
catch (CryptographicException ex)
{
throw new InvalidOperationException(Resources.GenericCryptographicException, ex);
}
// This overwrites the file if it already exists.
File.WriteAllBytes(outputFilePath, decrypted);
}
catch (Exception ex)
{
Trace.TraceError(ex.ToString());
if (!ContinueOnError.Get(context))
{
throw;
}
}
}
public void Aes()
{
using (AesCryptoServiceProvider provider = new AesCryptoServiceProvider())
{
// retrieves the new pair of key and IV created
// upon creation on the provider
byte[] key = provider.Key;
byte[] initializationVector = provider.IV;
string secret = "This is the secret.";
byte[] dataBytes = Encoding.UTF8.GetBytes(secret);
byte[] encryptedData =
CryptographyHelper.Encrypt(
dataBytes, key, initializationVector, SymmetricEncryptionMethod.AES);
byte[] decrptedData =
CryptographyHelper.Decrypt(
encryptedData, key, initializationVector, SymmetricEncryptionMethod.AES);
string decryptedSecret = Encoding.UTF8.GetString(decrptedData);
Assert.Equal(secret, decryptedSecret);
encryptedData =
CryptographyHelper.Encrypt(
secret, key, initializationVector, SymmetricEncryptionMethod.AES, Encoding.UTF8);
decryptedSecret =
CryptographyHelper.DecryptToString(
encryptedData, key, initializationVector, SymmetricEncryptionMethod.AES, Encoding.UTF8);
Assert.Equal(secret, decryptedSecret);
}
}
/// <summary>
/// Open a new authenticated session via password
/// </summary>
/// <param name="spaceName">space name</param>
/// <param name="password">space password</param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
public async Task <ApiSession> OpenSessionViaSpacePasswordAsync(string spaceName, string password, CancellationToken cancellationToken)
{
if (string.IsNullOrEmpty(spaceName))
{
throw new ArgumentException("Space name is not set.", nameof(spaceName));
}
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
var passwordHash = CryptographyHelper.CalculateSha256HEX(password);
var serverNonce = await internalGetAuthNonceAsync(GetHttpClient(), cancellationToken);
var clientNonce = ConvertHelper.ByteArrayToHexString(CryptographyHelper.GenerateRandomSequence(16));
var all = passwordHash + serverNonce + clientNonce;
var allHash = CryptographyHelper.CalculateSha256HEX(all);
var token = await internalAuthLoginAsync(clientNonce, serverNonce, spaceName, allHash, cancellationToken);
return(new ApiSession(this)
{
AuthToken = token,
IsAnonymous = false,
IsClosed = false,
SpaceName = spaceName
});
}
/// <inheritdoc />
public virtual async Task StoreAsync(PersistedGrant token)
{
using (var session = OpenAsyncSession())
{
var hashedTokenKey = CryptographyHelper.CreateHash(token.Key);
var existing = await session.Query <Entities.PersistedGrant, PersistedGrantIndex>()
.SingleOrDefaultAsync(x => x.Key == hashedTokenKey);
if (existing == null)
{
Logger.LogDebug("{persistedGrantKey} not found in database", token.Key);
var persistedGrant = token.ToEntity();
await session.StoreAsync(persistedGrant);
SetTokenExpirationInDocumentMetadata(session, persistedGrant);
}
else
{
Logger.LogDebug("{persistedGrantKey} found in database", token.Key);
token.UpdateEntity(existing);
}
try
{
await session.WaitForIndexAndSaveChangesAsync <PersistedGrantIndex>();
}
catch (Exception ex)
{
Logger.LogWarning("exception updating {persistedGrantKey} persisted grant in database: {error}", token.Key, ex.Message);
}
}
}
public async Task <Response> Signup([FromForm] User user)
{
var response = await loginBal.Signup(user);
if (response.Status is true)
{
response.previousState = HttpContext.Session.GetString("PreviousState");
var hash = await Task.FromResult <string>(
CryptographyHelper.GenerateHash(user.Account.Username + DateTime.Now.ToString(),
(response.Obj as User).Account.Salt));
SessionHelper.SetWebsiteSession(this.HttpContext.Session, hash);
SessionHelper.SetUserSession(this.HttpContext.Session, (response.Obj as User).Id,
(response.Obj as User).FullName);
CookieHelper.SetWebsiteCookie(this.Response, hash);
await loginBal.SetCookieForAccount(hash, (response.Obj as User).Account);
ViewBag.Session = HttpContext.Session.GetString("BookStore");
ViewBag.FullName = response.Obj as User is null
? null
: (response.Obj as User).FullName;
return(response);
}
else
{
return(response);
}
}
public async Task Store_should_update_record_if_key_already_exists()
{
var storeHolder = GetOperationalDocumentStoreHolder();
var persistedGrant = CreateTestObject();
var entity = persistedGrant.ToEntity();
using (var session = storeHolder.OpenAsyncSession())
{
await session.StoreAsync(entity);
await session.SaveChangesAsync();
}
var newDate = persistedGrant.Expiration.Value.AddHours(1);
var store = new PersistedGrantStore(storeHolder, FakeLogger <PersistedGrantStore> .Create());
persistedGrant.Expiration = newDate;
await store.StoreAsync(persistedGrant);
var hashedTokenKey = CryptographyHelper.CreateHash(persistedGrant.Key);
using (var session = storeHolder.OpenAsyncSession())
{
var foundGrant = await session.Query <Storage.Entities.PersistedGrant>()
.FirstOrDefaultAsync(x => x.Key == hashedTokenKey);
Assert.NotNull(foundGrant);
Assert.Equal(newDate, persistedGrant.Expiration);
}
}
public ActionResult Edit(int id)
{
if (!ViewBag.HasAccessToWorkerModule)
{
WebHelper.CurrentSession.Content.ErrorMessage = "You are not eligible to do this action";
return(RedirectToAction(Constants.Actions.AccessDenied, Constants.Controllers.Home, new { Area = String.Empty }));
}
//find the existing worker from database
Worker worker = workerRepository.Find(id);
try
{
worker.Password = CryptographyHelper.Decrypt(worker.Password);
}
catch { }
worker.ConfirmPassword = worker.Password;
worker.WorkerInRole = new WorkerInRole();
worker.WorkerInRole.EffectiveFrom = DateTime.Today;
worker.WorkerInRole.EffectiveTo = new DateTime(2080, 12, 30);
worker.WorkerInRole.WorkerID = id;
if (IsRegionalAdministrator)
{
worker.WorkerInRole.AllSubPrograms = subprogramRepository.FindAllByWordkerID(CurrentLoggedInWorker.ID, 0).ToList();
}
else
{
worker.WorkerInRole.AllSubPrograms = subprogramRepository.All.Where(item => item.IsActive == true).ToList();
}
//ViewBag.Programs = programRepository.All.AsEnumerable().Select(o => new { ID = o.ID, Name = o.Name }).ToList();
//ViewBag.SubPrograms = subprogramRepository.All.AsEnumerable().Select(o => new { ID = o.ID, Name = o.Name }).ToList();
//ViewBag.Regions = regionRepository.All.AsEnumerable().Select(o => new { ID = o.ID, Name = o.Name }).ToList();
//return editor view
return(View(worker));
}
internal void ControlSignature(string secretKey, string hashVersion)
{
var transactionId = (!string.IsNullOrEmpty(this.TransactionId) ? this.TransactionId : "");
var transactionTime = (!string.IsNullOrEmpty(this.TransactionTime) ? this.TransactionTime : "");
var currency = (!string.IsNullOrEmpty(this.Currency) ? this.Currency : "");
var installment = (this.Installment.HasValue ? this.Installment.ToString() : "");
var commonPaymentUniqueId = (!string.IsNullOrEmpty(this.CommonPaymentUniqueId)
? this.CommonPaymentUniqueId
: "");
var paymentTransactionReponseMessage = (!string.IsNullOrEmpty(this.PaymentTransactionReponseMessage)
? this.PaymentTransactionReponseMessage
: "");
var text = secretKey +
transactionId + transactionTime + (this.Amount.HasValue ? this.Amount.Value.ToString() : "") + currency + installment + commonPaymentUniqueId +
paymentTransactionReponseMessage;
string signature;
if (hashVersion == "1.1")
{
signature = CryptographyHelper.HMacSha512(text, secretKey);
}
else
{
signature = CryptographyHelper.HashSha256(text);
}
if (signature != this.Signature)
{
throw new DpayClientException(Constants.SignatureVerificationError,
Constants.SignatureVerificationError.ReturnErrorMessage(),
Constants.SignatureVerificationError.ReturnUserErrorMessage());
}
}
public static byte[] FromMessageWithEncrypted(MessageModel message)
{
if (message == null)
{
return(null);
}
using (MemoryStream stream = new MemoryStream())
{
using (DataWriter writer = new DataWriter(stream.AsOutputStream()))
{
writer.WriteByte(FromMessageType(message.Type));
writer.WriteUInt32(message.RemotePort);
if (!string.IsNullOrEmpty(message.Token))
{
writer.WriteUInt32(writer.MeasureString(message.Token));
writer.UnicodeEncoding = Windows.Storage.Streams.UnicodeEncoding.Utf8;
writer.WriteString(message.Token);
}
writer.WriteUInt32(message.ContentLength);
if (message.Content != null)
{
writer.WriteBuffer(message.Content);
}
var ignore = writer.StoreAsync();
return(CryptographyHelper.Encrypt(stream.ToArray(), CryptographyHelper.SECURITY_KEY));
}
}
}
public bool Alterar()
{
int codigo = Convert.ToInt32(Id);
Usuario usuario = new Usuario().Selecionar(codigo);
Perfil perfil = new Perfil();
usuario.Perfil = perfil.Selecionar(Convert.ToInt32(ddlPerfil.SelectedValue));
usuario.Pessoa.Nome = txtNome.Text;
usuario.Login = txtLogin.Text;
usuario.Pessoa.Email = txtEmail.Text;
usuario.Senha = CryptographyHelper.ToBase64(txtSenha.Text);
usuario.Motivo = txtMotivo.Text;
usuario.Situacao = rdlSituacao.SelectedValue;
bool retorno = false;
try
{
retorno = usuario.Confirmar();
}
catch (Model.Base.GepexException.EBancoDados ex)
{
Mensagem.Aviso(Comum.TraduzirMensagem(ex));
}
catch (Model.Base.GepexException.ERegraNegocio ex)
{
Mensagem.Aviso(ex.Message);
}
catch (Exception ex)
{
throw ex;
}
txtSenha.Attributes.Add("value", CryptographyHelper.FromBase64(usuario.Senha));
txtConfirma.Attributes.Add("value", CryptographyHelper.FromBase64(usuario.Senha));
return(retorno);
}
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
try
{
if (!RafyPrincipal.Login(txtUserName.Text, CryptographyHelper.MD5(txtPassword.Password)))
{
MessageBox.Show("用户或密码错误,请重新输入!", "登录失败");
}
else
{
this.DialogResult = true;
}
//var controller = DomainControllerFactory.Create<AccountController>();
//var res = controller.LoginByUserName(txtUserName.Text, txtPassword.Password, out User user);
//if (!res)
//{
// MessageBox.Show(res.Message, "登录失败");
//}
//else
//{
// this.DialogResult = true;
//}
}
catch (Exception ex)
{
ex.Alert();
}
}
public void FindCertificate()
{
var cryptographyHelper = new CryptographyHelper();
X509Certificate2 certificate = cryptographyHelper.GetX509Certificate("CN=WebAPI-Token");
Assert.IsNotNull(certificate);
}
public TestManagerTests()
{
var dataDomainProfile = new DataDomainProfile();
var configuration = new MapperConfiguration(cfg => cfg.AddProfile(dataDomainProfile));
_mapper = new Mapper(configuration);
_dataTests = new Faker <DataTest>()
.RuleFor(x => x.Name, y => y.Internet.Random.AlphaNumeric(_generateTestNameLength))
.RuleFor(x => x.Minutes, y => y.Random.Number(_generateTestMinMinutes, _generateTestMaxMinutes))
.RuleFor(x => x.IsDeleted, y => y.Random.Bool());
_dataUsers = new Faker <DataUser>()
.RuleFor(x => x.Email, y => y.Internet.Email())
.RuleFor(x => x.PasswordHash, y => CryptographyHelper.GetSha256Hash(y.Internet.Password()))
.RuleFor(x => x.Role, y => y.PickRandom <UserRoles>())
.RuleFor(x => x.IsDeleted, y => y.Random.Bool())
.RuleFor(x => x.ConfirmationToken, y => Guid.NewGuid())
.RuleFor(x => x.IsConfirmed, y => y.Random.Bool());
_dataUserTests = new Faker <DataUserTest>()
.RuleFor(x => x.IsDeleted, y => y.Random.Bool())
.RuleFor(x => x.StartTime, y => new DateTime())
.RuleFor(x => x.Points, y => y.Random.Number(1, 20))
.RuleFor(x => x.Status, y => y.PickRandom <TestStatus>());
}
public void LinearDictionaryCoder()
{
var testPath = "linearDictionaryUnitTest";
if (File.Exists(testPath))
{
File.Delete(testPath);
}
var linearDictionaryCoder = new LinearDictionaryEncoder(testPath, 32, 32);
var expectedDictionary = new Dictionary <byte[], byte[]>();
LargeInteger value = 0;
for (int i = 0; i < 1500; i++)
{
var valueBytes = ByteManipulator.BigEndianTruncate(value.GetBytes(), 32);
var key = CryptographyHelper.Sha3256(valueBytes);
linearDictionaryCoder.Add(key, valueBytes);
expectedDictionary.Add(key, valueBytes);
value = value + 1;
}
foreach (var kvp in expectedDictionary)
{
var entryValue = linearDictionaryCoder.Get(kvp.Key);
Assert.IsTrue(ArrayManipulator.Compare(kvp.Value, entryValue));
}
}
public Guid PutImage(HttpPostedFileBase image, Guid?id)
{
var result = Guid.Empty;
if (image == null || image.ContentLength < 1)
{
return(result);
}
using (var cn = new SqlConnection(DatabaseConnection.ConnectionStringToDb))
using (var cmd = new SqlCommand("[dbo].[AddBlob]", cn))
{
var guid = id ?? Guid.NewGuid();
var buffer = image.InputStream.ReadToEnd();
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@UID", SqlDbType.UniqueIdentifier).Value = guid;
cmd.Parameters.Add("@MIMETYPE", SqlDbType.Char, 20).Value = image.ContentType;
cmd.Parameters.Add("@BLOB", SqlDbType.VarBinary, image.ContentLength).Value = buffer;
cmd.Parameters.Add("@SHA1HASH", SqlDbType.Char, 40).Value =
CryptographyHelper.GetSHA1Hash(buffer);
try
{
cn.Open();
return(Guid.TryParse(cmd.ExecuteScalar().ToString(), out result) ? result : Guid.Empty);
}
catch (SqlException)
{
return(result);
}
}
}
public void Points_LoginAfter5Days_Administrator_BAPointsAreNotChanged()
{
profiles[0].Licence.BAPoints = 10;
profiles[0].Licence.AccountType = Model.AccountType.Administrator;
profiles[0].Licence.LastPointOperationDate = DateTime.UtcNow;
insertToDatabase(profiles[0]);
RunServiceMethod(delegate(InternalBodyArchitectService service)
{
((MockTimerService)service.Configuration.TimerService).UtcNow = DateTime.UtcNow.Date.AddDays(5);
service.Configuration.CurrentApiKey = key;
ClientInformation info = new ClientInformation();
info.ApplicationVersion = Constants.Version;
info.ApplicationLanguage = "pl";
info.Version = Const.ServiceVersion;
info.ClientInstanceId = Guid.NewGuid();
string password = CryptographyHelper.ToSHA1Hash("Profile1");
var session = service.Login(info, "Profile1", password);
var securityInfo = SecurityManager.EnsureAuthentication(session.Token);
Assert.AreEqual(AccountType.Administrator, securityInfo.Licence.CurrentAccountType);
Assert.AreEqual(10, securityInfo.Licence.BAPoints);
});
var dbProfile = Session.Get <Profile>(profiles[0].GlobalId);
Assert.AreEqual(Model.AccountType.Administrator, dbProfile.Licence.AccountType);
Assert.AreEqual(10, dbProfile.Licence.BAPoints);
Assert.AreEqual(DateTime.UtcNow.Date.AddDays(5), dbProfile.Licence.LastPointOperationDate);
}
internal static void PassthroughSend(uint targetId, uint sourceId, ushort messageType, int channelId, BitReader reader, uint?networkId = null, ushort?orderId = null)
{
if (netManager.isHost && targetId == netManager.NetworkConfig.NetworkTransport.HostDummyId)
{
//Host trying to send data to it's own client
return;
}
using (BitWriter writer = BitWriter.Get())
{
writer.WriteGenericMessageHeader(messageType, networkId != null, networkId.GetValueOrDefault(), orderId.GetValueOrDefault(), true, null, sourceId);
#if !DISABLE_CRYPTOGRAPHY
if (netManager.NetworkConfig.EncryptedChannelsHashSet.Contains(MessageManager.reverseChannels[channelId]))
{
writer.WriteByteArray(CryptographyHelper.Encrypt(reader.ReadByteArray(), netManager.ConnectedClients[targetId].AesKey));
}
else
#endif
writer.WriteByteArray(reader.ReadByteArray());
writer.Finalize(ref FinalMessageBuffer);
netManager.NetworkConfig.NetworkTransport.QueueMessageForSending(targetId, ref FinalMessageBuffer, (int)writer.GetFinalizeSize(), channelId, false, out byte error);
}
}
public async Task Store_should_create_new_record_if_key_does_not_exist()
{
var storeHolder = GetOperationalDocumentStoreHolder();
var persistedGrant = CreateTestObject();
var hashedTokenKey = CryptographyHelper.CreateHash(persistedGrant.Key);
using (var session = storeHolder.OpenAsyncSession())
{
var foundGrant = await session.Query <PersistedGrant>().FirstOrDefaultAsync(x => x.Key == hashedTokenKey);
Assert.Null(foundGrant);
}
var store = new PersistedGrantStore(storeHolder, FakeLogger <PersistedGrantStore> .Create());
await store.StoreAsync(persistedGrant);
WaitForIndexing(storeHolder.IntegrationTest_GetDocumentStore());
WaitForUserToContinueTheTest(storeHolder.IntegrationTest_GetDocumentStore());
using (var session = storeHolder.OpenAsyncSession())
{
var foundGrant = await session.Query <PersistedGrant>()
.FirstOrDefaultAsync(x => x.Key == hashedTokenKey);
Assert.NotNull(foundGrant);
}
}
public override void BuildDatabase()
{
profiles.Clear();
using (var tx = Session.BeginTransaction())
{
var profile = CreateProfile(Session, "Profile1");
profile.Password = CryptographyHelper.ToSHA1Hash(profile.UserName);
Session.Update(profile);
profiles.Add(profile);
profile = CreateProfile(Session, "Profile2");
profile.IsDeleted = true;
profile.Password = CryptographyHelper.ToSHA1Hash(profile.UserName);
Session.Update(profile);
profiles.Add(profile);
profile = CreateProfile(Session, "Profile3");
profile.Password = CryptographyHelper.ToSHA1Hash(profile.UserName);
Session.Update(profile);
profiles.Add(profile);
APIKey apiKey = new APIKey();
apiKey.ApiKey = key;
apiKey.ApplicationName = "UnitTest";
apiKey.EMail = "*****@*****.**";
apiKey.RegisterDateTime = DateTime.UtcNow;
insertToDatabase(apiKey);
tx.Commit();
}
}
private ResponseModel CreateUser(EmployeeRegistrationModel model)
{
var userModel = _userCredential.GetByLoginID(model.PhoneNumber, UserType.ResourceTrackerAdmin);
if (userModel != null)
{
return new ResponseModel {
Message = "This mobile number already exists."
}
}
;
var p = GeneratePassword();
var password = CryptographyHelper.CreateMD5Hash(p);
var response = _userCredential.Save(new UserCredentialModel
{
FullName = model.UserFullName,
UserTypeId = (int)UserType.ResourceTrackerUser,
Email = model.Email,
ContactNo = model.PhoneNumber,
LoginID = model.PhoneNumber,
IsActive = true,
Password = password
});
if (response.Success)
{
Task.Run(() => SendMailToUser(model.Email, model.PhoneNumber, p));
}
return(new ResponseModel {
Success = response.Success, Message = response.Success?p:string.Empty, ReturnCode = response.ReturnCode
});
}
private void ReadyButton_Clicked(object sender, EventArgs e)
{
if (String.IsNullOrWhiteSpace(FirstNameTextBox.Text) ||
String.IsNullOrWhiteSpace(LastNameTextBox.Text) ||
String.IsNullOrWhiteSpace(PasswordTextBox.Text) ||
String.IsNullOrWhiteSpace(Password2TextBox.Text) ||
GenderComboBox.SelectedItem == null)
{
ErrorLabel.Text = "Uzupełnij wszystkie dane!";
return;
}
if (PasswordTextBox.Text != Password2TextBox.Text)
{
ErrorLabel.Text = "Podane hasła nie są takie same";
return;
}
if (_parent.Client.CheckLoginExists(CryptographyHelper.HashString(LoginTextBox.Text, 0)))
{
ErrorLabel.Text = "Podany login już istnieje";
return;
}
ReadyButtonClicked?.Invoke(this, EventArgs.Empty);
}
private void btnAdd_Click(object sender, RoutedEventArgs e)
{
if (IsFormInputValid())
{
try
{
string generatedSalt = new CryptographyHelper().GetGeneratedSalt();
string password = new CryptographyHelper().GetHashedString(pwbPassword.Password + generatedSalt);
Model.User user = new Model.User()
{
Username = tbxUsername.Text,
Firstname = tbxFirstname.Text,
Lastname = tbxLastname.Text,
Password = password,
Salt = generatedSalt
};
new UsersLogic().AddUser(user);
MessageBox.Show("การเพิ่มข้อมูลสำเร็จเรียบร้อย", "สำเร็จ", MessageBoxButton.OK, MessageBoxImage.Information);
ClearForm();
this.DialogResult = true;
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "เกิดข้อผิดพลาด", MessageBoxButton.OK, MessageBoxImage.Error);
}
}
}
internal void ControlSignature(string secretKey)
{
var transactionId = (!string.IsNullOrEmpty(this.TransactionId) ? this.TransactionId : "");
var transactionTime = (!string.IsNullOrEmpty(this.TransactionTime) ? this.TransactionTime : "");
var currency = (!string.IsNullOrEmpty(this.Currency) ? this.Currency : "");
var messageCode = (!string.IsNullOrEmpty(this.MessageCode) ? this.MessageCode : "");
var installmentCount = !string.IsNullOrEmpty(this.Installment) ? this.Installment : "";
var text = secretKey + transactionId + transactionTime + this.Amount + currency +
installmentCount
+ messageCode;
var signature = "";
if (HashVersion == "1.1")
{
signature = CryptographyHelper.HMacSha512(text, secretKey);
}
else
{
signature = CryptographyHelper.HashSha256(text);
}
if (signature != this.Signature)
{
throw new DpayClientException(Constants.SignatureVerificationError, Constants.SignatureVerificationError.ReturnErrorMessage(), Constants.SignatureVerificationError.ReturnUserErrorMessage());
}
}
/// <summary>
/// Encrypt password and create new User
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public ResponseData Create(LoginData data)
{
//If user exist
if (_userRepository.FindByCondition(x => x.Email == data.Email.Trim() && x.IsActive).Any())
{
return(new ResponseData
{
Result = false,
Message = "Ya existe un usuario con ese mismo nombre"
});
}
_userRepository.Create(data.MapToEntity(CryptographyHelper.Encrypt(data.Password.Trim())));
if (_userRepository.Save())
{
return(new ResponseData
{
Result = true,
Message = string.Format(ResponseMessages.MsgSaveSuccess, _entity)
});
}
else
{
return(new ResponseData
{
Result = false,
Message = string.Format(ResponseMessages.MsgSaveError, _entity)
});
}
}
public PartialViewResult AddOrEditUser(UserModel userModel)
{
var user = new User();
user.Login = userModel.Login;
user.RoleId = userModel.RoleId;
user.PasswordHash = CryptographyHelper.GetSha256Hash(userModel.Password);
user.Name = userModel.Name;
user.DivisionId = userModel.DivisionId;
user.Description = userModel.Description;
var repository = DalContainer.WcfDataManager.ServiceOperationClient;
if (userModel.Id != 0)
{
repository.EditUser(user);
}
else
{
repository.AddUser(user);
}
var userList = DalContainer.WcfDataManager.UserList;
var userModelList = userList.Select(userItem => new UserModel(userItem)).OrderBy(userItem => userItem.IsAdmin).ThenBy(userItem => userItem.Name).ToList();
return(PartialView("List", userModelList));
}
public IHttpActionResult Register([FromBody] ResourceTrackerRegisterModel model)
{
if (ModelState.IsValid)
{
var userModel = _userCredential.GetByLoginID(model.PhoneNumber, UserType.ResourceTrackerAdmin);
if (userModel != null)
{
return(BadRequest("This mobile number already exists."));
}
var password = CryptographyHelper.CreateMD5Hash(model.Password);
var response = _userCredential.Save(new Common.Models.UserCredentialModel
{
FullName = model.UserFullName,
UserTypeId = (int)UserType.ResourceTrackerAdmin,
Email = model.Email,
ContactNo = model.PhoneNumber,
LoginID = model.PhoneNumber,
IsActive = true,
Password = password
});
return(Ok(response));
}
return(BadRequest("Invalid model."));
}
public int AddEmployee(Employee employee)
{
try
{
byte[] passwordHash, passwordSalt;
CryptographyHelper.createPasswordHash(employee.Password, out passwordHash, out passwordSalt);
using (SqlConnection con = new SqlConnection(connectionString))
{
SqlCommand cmd = new SqlCommand("spAddEmployee", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Name", employee.Name);
cmd.Parameters.AddWithValue("@Gender", employee.Gender);
cmd.Parameters.AddWithValue("@Department", employee.Department);
cmd.Parameters.AddWithValue("@City", employee.City);
cmd.Parameters.AddWithValue("@Dob", employee.Dob);
cmd.Parameters.AddWithValue("@Username", employee.Username);
cmd.Parameters.AddWithValue("@PasswordHash", passwordHash);
cmd.Parameters.AddWithValue("@PasswordSalt", passwordSalt);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
return(1);
}
catch
{
throw;
}
}
public IHttpActionResult Login([FromBody] ResourceTrackerLoginModel model)
{
if (ModelState.IsValid)
{
var password = CryptographyHelper.CreateMD5Hash(model.Password);
var user = _userCredential.Get(model.UserName, password);
if (user == null)
{
return(Ok(new { Success = false, message = "Invalid userid/password" }));
}
int companyId = 0;
if (user.UserTypeId == (int)UserType.ResourceTrackerUser)
{
var userProfileModel = _emplpoyeeRepository.GetByPortalUserId(user.Id);
companyId = userProfileModel == null ? 0 : userProfileModel.CompanyId;
}
return(Ok(new
{
Success = true,
Token = TokenManager.GenerateToken(model.UserName),
UserKey = user.Id,
UserName = user.FullName,
IsAdmin = user.UserTypeId == (int)UserType.ResourceTrackerAdmin,
IsEmployee = user.UserTypeId == (int)UserType.ResourceTrackerUser,
CompanyId = companyId
}));
}
return(BadRequest());
}
private static void AddUser(string preferredName, string surname, string email, string password, DateTime birthday, string gender, bool isActive, MembershipDB context)
{
var chyptographyHelper = new CryptographyHelper();
var passhwordHash = chyptographyHelper.SHA256Hasher(password);
context.Users.Add(new User
{
UserType = context.UserTypes.First(x => x.Name == "Client"),
Gender = context.Genders.First(x => x.Name == gender.Trim()),
Email = email.Trim(),
PasswordHash = passhwordHash,
Names = string.Format("{0} {1}", preferredName, surname),
LastName = surname.Trim(),
PreferredName = preferredName.Trim(),
IsActive = isActive,
Birthday = birthday,
Comment = string.Empty,
UpdatedOn = DateTime.Now,
CreatedOn = DateTime.Now,
LastUpdatedBy = 1
});
}
public bool AuthUser(string userName, string password)
{
var auth = false;
if (DoesUserEmailExists(userName))
{
var chyptographyHelper = new CryptographyHelper();
var passhwordHash = chyptographyHelper.SHA256Hasher(password);
_lockUserLoginDictionary.EnterReadLock();
auth = UserLoginDictionary[userName] == passhwordHash;
_lockUserLoginDictionary.ExitReadLock();
}
return auth;
}
