public bool ResetPassword(string passwordResetToken, string newPassword)
{
if (string.IsNullOrEmpty(newPassword))
{
return(false);
}
var user = GetById(GetUserIdFromPasswordResetToken(passwordResetToken));
if (user == null)
{
return(false);
}
if (!Token.IsTokenValid(passwordResetToken))
{
throw new Exception("Token inválido");
}
if (user.PasswordVerificationToken != passwordResetToken)
{
return(false);
}
var newHashedPassword = PasswordAssertionConcern.ComputeHash(newPassword, "SHA512", null);
user.Password = newHashedPassword;
user.LastPasswordChangedDate = DateTime.UtcNow;
BeginTransaction();
_userRepository.Update(user);
Commit();
return(true);
}
public string resetPassword()
{
string password = new Guid().ToString().Substring(0, 8);
this.Password = PasswordAssertionConcern.Encrypt(password);
return(password);
}
public void SetPassword(string password, string confirmPassword)
{
AssertionConcern.AssertArgumentNotNull(password, Errors.InvalidEmail);
AssertionConcern.AssertArgumentNotNull(confirmPassword, Errors.InvalidEmail);
AssertionConcern.AssertArgumentEquals(password, confirmPassword, Errors.PwNotMatch);
this.Password = PasswordAssertionConcern.Encrypt(password);
}
public void SetSenha(string senha, string confirmarSenha)
{
AssertionConcern.AssertArgumentNotNull(senha, Errors.InvalidUserPassword);
AssertionConcern.AssertArgumentNotNull(confirmarSenha, Errors.InvalidUserPassword);
AssertionConcern.AssertArgumentEquals(senha, confirmarSenha, Errors.PasswordDoesNotMatch);
Senha = PasswordAssertionConcern.Encrypt(senha);
}
public void Validar()
{
AssertionConcern.AssertArgumentLength(this.Nome, 3, 100, "Nome de Usuário Inválido");
EmailAssertionConcern.AssertIsValid(this.Email);
PasswordAssertionConcern.AssertIsValid(this.Senha);
}
public string redefinirSenha()
{
string senha = Guid.NewGuid().ToString().Substring(0, 8);
Senha = PasswordAssertionConcern.Encrypt(senha);
return(senha);
}
public string ResetarSenha()
{
string password = Guid.NewGuid().ToString().Substring(0, 8);
this.Senha = PasswordAssertionConcern.Encrypt(password);
return(password);
}
public string ResetPassword()
{
string senha = Guid.NewGuid().ToString().Substring(0, 8);
this.Senha = PasswordAssertionConcern.Encrypt(senha);
return(senha);
}
public string ResetPassword()
{
var password = Guid.NewGuid().ToString().Substring(0, 8);
Password = PasswordAssertionConcern.Encrypt(password);
return(password);
}
public void SetPassword(string password, string confirmPassword)
{
AssertionConcern.AssertArgumentNotNull(password, Errors.InvalidPassword);
AssertionConcern.AssertArgumentNotNull(confirmPassword, Errors.InvalidPasswordConfirmation);
AssertionConcern.AssertArgumentEquals(password, confirmPassword, Errors.PasswordNotMatch);
AssertionConcern.AssertArgumentLength(password, 6, 20, Errors.InvalidPassword);
this.Password = PasswordAssertionConcern.Encrypt(password);
}
public void SetSenha(string senha, string confirmaSenha)
{
AssertionConcern.AssertArgumentNotNull(senha, Errors.InvalidPassword);
AssertionConcern.AssertArgumentNotNull(confirmaSenha, Errors.InvalidPassword);
AssertionConcern.AssertArgumentLength(senha, 6, 20, Errors.InvalidPassword);
AssertionConcern.AssertArgumentEquals(senha, confirmaSenha, Errors.PasswordDoNotMatch);
this.Senha = PasswordAssertionConcern.Encrypt(senha);
}
public string Create(string email, string password, string confirmPassword, string firstName, string lastName, bool requireConfirmationToken = false)
{
if (string.IsNullOrEmpty(email))
{
throw new Exception("Login inválido");
}
if (string.IsNullOrEmpty(password))
{
throw new Exception("Senha inválida");
}
if (!string.IsNullOrEmpty(password) && password.Length < User.MinRequiredPasswordLength)
{
throw new Exception($"A senha deve ter no mínimo {User.MinRequiredPasswordLength} caracteres");
}
if (password != confirmPassword)
{
throw new Exception("Senhas não conferem");
}
if (User.RequiresUniqueEmail && EmailExists(email))
{
throw new Exception("Email duplicado");
}
var hashedPassword = PasswordAssertionConcern.ComputeHash(password, "SHA512", null);
var token = string.Empty;
var privateKey = string.Empty;
if (requireConfirmationToken)
{
var time = DateTime.UtcNow.AddMinutes(Token._expirationMinutes);
privateKey = Token.GenerateToken($"{email}{Token._TestCedro_PRIVATE_KEY}", time.Ticks);
token = Token.GenerateToken(email, time.Ticks);
}
var user = new User
{
UserId = Guid.NewGuid(),
FirstName = firstName,
LastName = lastName,
Password = hashedPassword,
IsApproved = !requireConfirmationToken,
Email = email,
CreationDate = DateTime.UtcNow,
LastPasswordChangedDate = DateTime.UtcNow,
PasswordFailuresSinceLastSuccess = 0,
LastLoginDate = DateTime.UtcNow,
LastActivityDate = DateTime.UtcNow,
LastLockoutDate = DateTime.UtcNow,
IsLockedOut = false,
LastPasswordFailureDate = DateTime.UtcNow,
ConfirmationToken = token,
PrivateKey = privateKey
};
BeginTransaction();
_userRepository.Add(user);
Commit();
return(user.ConfirmationToken);
}
public void AlterarSenha(Usuario usuario)
{
AssertionConcern.AssertArgumentNotEmpty(usuario.UsuarioNome, Erros.InvalidUserName);
var usuarioAtual = _usuarioRepository.ObterComPermissoesPorUsuarioNome(usuario.UsuarioNome);
usuarioAtual.Senha = PasswordAssertionConcern.Encrypt(usuario.Senha);
usuarioAtual.Validar();
_usuarioRepository.Atualizar(usuarioAtual);
}
public User Authenticate(string email, string password)
{
User user = GetByEmail(email);
AssertionConcern.AssertArgumentNotNull(user, ErrorMessages.UserNotFound);
PasswordAssertionConcern.AssertIsValid(password);
PasswordAssertionConcern.AssertPasswordIsSame(user.Password, password);
return(user);
}
/// <summary>
/// Validar o Contato
/// </summary>
public void Validate()
{
AssertionConcern.AssertArgumentLength(this.Name, 3, 60, "Errors.InvalidContactName");
AssertionConcern.AssertArgumentNotNull(this.Name, "");
AssertionConcern.AssertArgumentLength(this.Telefone, 8, 12, "Errors.InvalidContactTelefone");
AssertionConcern.AssertArgumentNotNull(this.Telefone, "");
EmailAssertionConcern.AssertIsValid(this.Email);
PasswordAssertionConcern.AssertIsValid(this.Password);
}
public void InsertPassword(string password, string confirmPassword)
{
AssertionConcern.AssertArgumentNotNullOrEmpty(password, "Senha vazia");
AssertionConcern.AssertArgumentNotNullOrEmpty(confirmPassword, "Confirmação de senha vazia");
AssertionConcern.AssertArgumentEquals(password, confirmPassword, "Senhas são diferentes");
AssertionConcern.AssertArgumentLength(password, 6, 20, "Tamanho da senha inválida");
this.Password = PasswordAssertionConcern.Encrypt(password);;
}
public void SetarSenha(string senha, string confirmarSenha)
{
AssertionConcern.AssertArgumentNotNull(senha, "Senha Inválida");
AssertionConcern.AssertArgumentNotNull(confirmarSenha, "Senha de confirmação inválida");
AssertionConcern.AssertArgumentEquals(senha, confirmarSenha, "Senhas não coincidem");
AssertionConcern.AssertArgumentLength(senha, 3, 12, "Senha inválida");
this.Senha = PasswordAssertionConcern.Encrypt(senha);
}
public void setPassword(string password, string confirmPassword)
{
AssertionConcern.AssertArgumentNotNull(password, Errors.InvalidUserPassword);
AssertionConcern.AssertArgumentNotNull(confirmPassword, Errors.InvalidUserPassword);
AssertionConcern.AssertArgumentEquals(password, confirmPassword, Errors.InvalidUserPassword);
AssertionConcern.AssertArgumentLength(password, 6, 10, Errors.InvalidUserPassword);
this.Password = PasswordAssertionConcern.Encrypt(password);
}
public Usuario AutenticarUsuario(string usuarioNome, string senha)
{
var usuario = _usuarioRepository.ObterPorUsuarioNome(usuarioNome);
if (usuario == null || !PasswordAssertionConcern.Encrypt(senha).Equals(usuario.Senha))
{
return(null);
}
return(usuario);
}
public User Authenticate(string email, string password)
{
var user = GetByEmail(email);
if (user.Password != PasswordAssertionConcern.Encrypt(password))
{
throw new Exception(Errors.InvalidCredentials);
}
return(user);
}
public bool ChangePassword(string email, string currentPassword, string newPassword)
{
if (string.IsNullOrEmpty(email))
{
return(false);
}
if (string.IsNullOrEmpty(currentPassword))
{
return(false);
}
if (string.IsNullOrEmpty(newPassword))
{
return(false);
}
var user = GetByUserEmail(email);
if (user == null)
{
return(false);
}
var hashedPassword = user.Password;
var verificationSucceeded = hashedPassword != null && PasswordAssertionConcern.VerifyHash(currentPassword, hashedPassword);
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
}
else
{
var failures = user.PasswordFailuresSinceLastSuccess;
if (failures < User.MaxInvalidPasswordAttempts)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
}
else if (failures >= User.MaxInvalidPasswordAttempts)
{
user.LastPasswordFailureDate = DateTime.UtcNow;
user.LastLockoutDate = DateTime.UtcNow;
user.IsLockedOut = true;
}
BeginTransaction();
_userRepository.Update(user);
Commit();
return(false);
}
var newHashedPassword = PasswordAssertionConcern.ComputeHash(newPassword, "SHA512", null);
user.Password = newHashedPassword;
user.LastPasswordChangedDate = DateTime.UtcNow;
BeginTransaction();
_userRepository.Update(user);
Commit();
return(true);
}
public async Task <UserModel> LoginAsync(string email, string password)
{
var user = await GetSingleAsync(x => x.Email.Equals(email));
if (user == null || user.Password != PasswordAssertionConcern.Encrypt(password))
{
throw new Exception(string.Format(Language.InvalidF, Language.Credentials));
}
return(user);
}
public Contact Authenticate(string email, string password)
{
var contact = GetByEmail(email);
if (contact.Password != PasswordAssertionConcern.Encrypt(password))
{
throw new Exception("Errors.InvalidCredentials");
}
return(contact);
}
public Usuario Autenticar(string email, string senha)
{
var user = this.Obter(email);
if (user.Senha != PasswordAssertionConcern.Encrypt(senha))
{
throw new Exception("Senha inválida");
}
return(user);
}
public Player Authenticate(string email, string password)
{
var player = _repository.Get(email);
if (player.Password != PasswordAssertionConcern.Encrypt(password))
{
throw new Exception(ErrorMessages.InvalidCredentials);
}
return(player);
}
public Task <bool> CheckPasswordAsync(User user, string password)
{
//message = string.Empty;
if (!user.IsApproved) /*message = "Usuário desativado.";*/ return {
(Task.FromResult(false));
}
if (user.LastLockoutDate.HasValue)
{
var timeout = user.LastLockoutDate.Value.AddMinutes(User.PasswordAnswerAttemptLockoutDuration);
if (user.IsLockedOut && timeout >= DateTime.UtcNow) /*message = "Usuário bloqueado.";*/ return {
(Task.FromResult(false));
}
if (user.IsLockedOut && timeout < DateTime.UtcNow)
{
UnlockUser(user);
}
}
var verificationSucceeded = user.Password != null && PasswordAssertionConcern.VerifyHash(password, user.Password);
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
user.LastLoginDate = DateTime.UtcNow;
user.LastActivityDate = DateTime.UtcNow;
user.IsLockedOut = false;
}
else
{
var failures = user.PasswordFailuresSinceLastSuccess;
if (failures < User.MaxInvalidPasswordAttempts)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
//message = "O email ou senha está incorreta.";
}
else if (failures >= User.MaxInvalidPasswordAttempts)
{
user.LastPasswordFailureDate = DateTime.UtcNow;
user.LastLockoutDate = DateTime.UtcNow;
user.IsLockedOut = true;
//message = "Usuário bloqueado.";
}
}
BeginTransaction();
_userRepository.Update(user);
Commit();
return(Task.FromResult(verificationSucceeded));
}
public new async Task Update(Usuario obj)
{
obj.SetSenha(obj.Senha, obj.Senha);
await _usuarioService.Update(obj);
var senha = PasswordAssertionConcern.Decrypt(obj.Senha);
var corpo = new StringBuilder();
corpo.AppendFormat("Seu Usuario foi alterado Email é {0} Senha{1}", obj.Email, senha);
await new EmailManager().EnviarEmail("Usuario Sonic TI", corpo, new List <string>()
{
obj.Email
}, new List <Attachment>());
}
public async Task <Usuario> Authenticantion(string email, string senha)
{
using (var loja = new LojaContext())
{
loja.Configuration.AutoDetectChangesEnabled = false;
senha = PasswordAssertionConcern.Encrypt(senha);
return(await loja.Set <Usuario>()
.Where(
user =>
user.Ativo == true && user.Email == email &&
user.Senha == senha)
.Include(usuario => usuario.UsuarioPerfil)
.Include(usuario => usuario.Empresa).FirstOrDefaultAsync());
}
}
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var hashedTokenId = PasswordAssertionConcern.GetHash(context.Token);
var repo = new RepositoryRefreshToken(new MainContext());
var refreshToken = repo.Find(hashedTokenId);
if (refreshToken != null)
{
//Get protectedTicket from refreshToken class
context.DeserializeTicket(refreshToken.ProtectedTicket);
repo.Remove(refreshToken);
}
}
public static ClaimsIdentity ValidateLogin(User user, string password, string authenticationType)
{
if (user == null)
{
throw new Exception(Error.WrongUserNameOrPassword);
}
if (user.LockoutEnd.HasValue && DateTime.Now < user.LockoutEnd)
{
throw new Exception("Sua conta foi temporariamente bloqueada por exceder o número de tentativas inválidas, tente novamente mais tarde.");
}
if (!user.IsActive)
{
throw new Exception("O seu usuário foi desativado");
}
if (PasswordAssertionConcern.VerifyHash(password, user.Password))
{
user.AccessFailed = 0;
user.LastLogin = DateTime.Now;
user.LockoutEnd = null;
return(user.GetClaims(authenticationType));
}
if (user.AccessFailed == 5)
{
if (!user.LockoutEnd.HasValue)
{
user.LockoutEnd = DateTime.Now.AddMinutes(2);
}
}
else
{
user.AccessFailed = user.AccessFailed + 1;
}
if (user.AccessFailed > 0)
{
throw new Exception(Error.WrongUserNameOrPassword);
}
throw new Exception(Error.WrongUserNameOrPassword);
}
