public virtual async Task <OAuthUser> Authenticate(string login, string password, CancellationToken token)
{
var user = await _oauthUserRepository.FindOAuthUserByLogin(login, token);
if (user == null)
{
throw new BaseUIException(Exceptions.ErrorCodes.UNKNOWN_USER);
}
var credential = user.Credentials.FirstOrDefault(c => c.CredentialType == Constants.AMR);
var hash = PasswordHelper.ComputeHash(password);
if (credential == null || credential.Value != PasswordHelper.ComputeHash(password))
{
throw new BaseUIException(Exceptions.ErrorCodes.INVALID_CREDENTIALS);
}
return(user);
}
public async Task <User> Authenticate(string login, string password, CancellationToken token)
{
var user = await _userRepository.FindOAuthUserByLogin(login, token);
if (user == null)
{
throw new BaseUIException("UnknownUser");
}
var credential = user.Credentials.FirstOrDefault(c => c.CredentialType == Constants.AMR);
var hash = PasswordHelper.ComputeHash(password);
if (credential == null || credential.Value != PasswordHelper.ComputeHash(password))
{
throw new BaseUIException("InvalidCredentials");
}
return(user);
}
public HttpResponseMessage EditEmployee(Employee employee)
{
try
{
// checks for password updates
if (!string.IsNullOrWhiteSpace(employee.Password))
{
// Generates Salt
employee.Salt = PasswordHelper.GenerateSalt();
// Hashing the password + salt
employee.PasswordHash = PasswordHelper.ComputeHash(employee.Password, employee.Salt);
}
string sql = "UPDATE hfo_Employee SET FirstName = @FirstName, LastName = @LastName, Email = @Email, PhoneNo = @PhoneNo, Experience = @Experience, Gender = @Gender, Biography = @Biography, PasswordHash = @PasswordHash, Salt = @Salt, RoleId = @RoleId WHERE EmployeeId = @EmployeeId";
using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString))
{
int EmployeeId = connection.Execute(sql, new
{
employee.EmployeeId,
employee.FirstName,
employee.LastName,
employee.Email,
employee.PhoneNo,
employee.Experience,
employee.Gender,
employee.Biography,
employee.PasswordHash,
employee.Salt,
employee.RoleId
});
return(Request.CreateResponse(HttpStatusCode.OK, EmployeeId));
}
}
catch (SqlException)
{
return(new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
ReasonPhrase = "Medarbejderen kan ikke redigeres. Prøv igen senere"
});
}
}
public async Task <bool> Execute(string subject, string newPassword)
{
if (string.IsNullOrWhiteSpace(subject))
{
throw new ArgumentNullException(nameof(subject));
}
if (string.IsNullOrWhiteSpace(newPassword))
{
throw new ArgumentNullException(nameof(newPassword));
}
var resourceOwner = await _resourceOwnerRepository.GetAsync(subject);
if (resourceOwner == null)
{
throw new IdentityServerException(Errors.ErrorCodes.InternalError, Errors.ErrorDescriptions.TheRoDoesntExist);
}
resourceOwner.Password = PasswordHelper.ComputeHash(newPassword);
return(await _resourceOwnerRepository.UpdateAsync(resourceOwner));
}
public ActionResult TaoMoi(ThanhVien tv)
{
var tv1 = db.ThanhViens.FirstOrDefault(n => n.TaiKhoan == tv.TaiKhoan);
if (tv1 == null)
{
tv.MaLoaiTV = 3;
tv.DaXoa = false;
// Mã hóa password
tv.MatKhau = PasswordHelper.ComputeHash(tv.MatKhau, "MD5", GetBytes("Website"));
// Thêm khách hàng vào csdl
db.ThanhViens.Add(tv);
db.SaveChanges();
ViewBag.ThongBao = "Thêm thành công";
}
else
{
ViewBag.ThongBao = "Tên tài khoản đã tồn tại";
}
return(View());
}
public HttpResponseMessage EditUser(User user)
{
try
{
// checks for password updates
if (!string.IsNullOrWhiteSpace(user.Password))
{
// Generates Salt
user.Salt = PasswordHelper.GenerateSalt();
// Hashing the password + salt
user.Password = PasswordHelper.ComputeHash(user.Password, user.Salt);
}
string sql = "UPDATE hfo_User SET FirstName = @FirstName, LastName = @LastName, Email = @Email, PhoneNo = @PhoneNo, PasswordHash = @PasswordHash, Salt = @Salt WHERE UserId = @UserId";
using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString))
{
int UserId = connection.Execute(sql, new
{
user.UserId,
user.FirstName,
user.LastName,
user.Email,
user.PhoneNo,
user.PasswordHash,
user.Salt
});
return(Request.CreateResponse(HttpStatusCode.OK, UserId));
}
}
catch (SqlException)
{
return(new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
ReasonPhrase = "Brugeren kan ikke opdateres. Prøv igen senere"
});
}
}
public async Task CreateAsync([Required] CreateParams parameters)
{
// Create new Player object
var player = new Player
{
Name = parameters.Name,
Username = parameters.Username,
PasswordSalt = PasswordHelper.CreateRandomSalt(),
Email = parameters.Email,
Gender = parameters.Gender,
Birthdate = parameters.Birthdate,
Created = DateTime.UtcNow
};
// Create random salt and hash for the password (we are not storing it in plain text)
player.PasswordHash = PasswordHelper.ComputeHash(parameters.Password, player.PasswordSalt);
// Check for username duplication
var duplicate = await _repository.Players.FirstOrDefaultAsync(x => x.Username == parameters.Username);
if (duplicate != null)
{
throw new SystemException("The provided username already exists.");
}
// Check for email duplication
duplicate = await _repository.Players.FirstOrDefaultAsync(x => x.Email == parameters.Email);
if (duplicate != null)
{
throw new SystemException("The provided email already exists.");
}
// Populates the Players table in the database
_repository.Players.Add(player);
await _repository.SaveChangesAsync();
}
public HttpResponseMessage CreateNewEmployee([FromBody] Employee employee)
{
// Generates Salt
string salt = PasswordHelper.GenerateSalt();
// Hashing the password + salt
employee.PasswordHash = PasswordHelper.ComputeHash(employee.Password, salt);
try
{
string sql = "INSERT INTO hfo_Employee (FirstName, LastName, Email, PhoneNo, Experience, Gender, Biography, PasswordHash, Salt, RoleId)" +
"VALUES (@FirstName, @LastName, @Email, @PhoneNo, @Experience, @Gender, @Biography, @PasswordHash, @Salt, @RoleId)";
using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString))
{
int EmployeeId = connection.Execute(sql, new
{
employee.FirstName,
employee.LastName,
employee.Email,
employee.PhoneNo,
employee.Experience,
employee.Gender,
employee.Biography,
employee.PasswordHash,
salt,
employee.RoleId
});
return(Request.CreateResponse(HttpStatusCode.Accepted, EmployeeId));
}
}
catch (SqlException)
{
return(new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
ReasonPhrase = "Medarbejderen kan ikke oprettes. Prøv igen senere"
});
}
}
public BaseResponse <Token> Login(AuthDto authDto)
{
var user = Include(u => u.UserRoles).ThenInclude(ur => ur.Role)
.FirstOrDefault(u =>
u.IsActivated() && u.Email.Equals(authDto.Email, StringComparison.InvariantCultureIgnoreCase)
);
if (user == null)
{
throw new DataNotFoundException("Tài khoản không tồn tại");
}
var hash = PasswordHelper.ComputeHash(authDto.Password, user.PasswordSalt);
if (!user.PasswordHash.SequenceEqual(hash))
{
throw new BadRequestException("Mật khẩu không chính xác.");
}
var token = JwtHelper.CreateToken(Mapper.Map <UserOutputDto>(user));
return(new BaseResponse <Token>(HttpStatusCode.OK, data: token));
}
public async Task <bool> Execute(UpdateResourceOwnerPasswordParameter request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var resourceOwner = await _resourceOwnerRepository.GetAsync(request.Login);
if (resourceOwner == null)
{
throw new IdentityServerManagerException(ErrorCodes.InvalidParameterCode, string.Format(ErrorDescriptions.TheResourceOwnerDoesntExist, request.Login));
}
resourceOwner.Password = PasswordHelper.ComputeHash(request.Password);
var result = await _resourceOwnerRepository.UpdateAsync(resourceOwner);
if (!result)
{
throw new IdentityServerManagerException(ErrorCodes.InternalErrorCode, ErrorDescriptions.ThePasswordCannotBeUpdated);
}
return(true);
}
public override async Task <IActionResult> Handle(HandlerContext context, CancellationToken cancellationToken)
{
try
{
_passwordGrantTypeValidator.Validate(context);
var oauthClient = await AuthenticateClient(context, cancellationToken);
context.SetClient(oauthClient);
var scopes = ScopeHelper.Validate(context.Request.RequestData.GetStr(TokenRequestParameters.Scope), oauthClient.AllowedScopes.Select(s => s.Name));
var userName = context.Request.RequestData.GetStr(TokenRequestParameters.Username);
var password = context.Request.RequestData.GetStr(TokenRequestParameters.Password);
var user = await _oauthUserRepository.FindOAuthUserByLoginAndCredential(userName, "pwd", PasswordHelper.ComputeHash(password), cancellationToken);
if (user == null)
{
return(BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_GRANT, ErrorMessages.BAD_USER_CREDENTIAL));
}
context.SetUser(user);
var result = BuildResult(context, scopes);
foreach (var tokenBuilder in _tokenBuilders)
{
await tokenBuilder.Build(scopes, context, cancellationToken);
}
_tokenProfiles.First(t => t.Profile == context.Client.PreferredTokenProfile).Enrich(context);
foreach (var kvp in context.Response.Parameters)
{
result.Add(kvp.Key, kvp.Value);
}
return(new OkObjectResult(result));
}
catch (OAuthUnauthorizedException ex)
{
return(BuildError(HttpStatusCode.Unauthorized, ex.Code, ex.Message));
}
catch (OAuthException ex)
{
return(BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message));
}
}
public static List <ResourceOwner> Users()
{
return(new List <ResourceOwner>
{
new ResourceOwner
{
Id = "administrator",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "administrator"),
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Role, "administrator"),
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.PhoneNumber, "phone"),
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Address, "{ country : 'france' }")
},
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Value = PasswordHelper.ComputeHash("password"),
Type = "pwd"
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
},
new ResourceOwner
{
Id = "user",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "user")
},
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Value = PasswordHelper.ComputeHash("password"),
Type = "pwd"
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
},
new ResourceOwner
{
Id = "superuser",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "superuser"),
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Role, "[ 'administrator', 'role' ]")
},
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Value = PasswordHelper.ComputeHash("password"),
Type = "pwd"
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
},
new ResourceOwner
{
Id = "blockeduser",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "blockeduser")
},
IsBlocked = true,
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
Value = PasswordHelper.ComputeHash("password"),
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "pwd",
IsBlocked = true
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
},
new ResourceOwner
{
Id = "toomanyattemps",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "toomanyattemps")
},
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
NumberOfAttempts = 10,
FirstAuthenticationFailureDateTime = DateTime.UtcNow.AddSeconds(-1),
Value = PasswordHelper.ComputeHash("password"),
Type = "pwd"
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
},
new ResourceOwner
{
Id = "expired",
Claims = new List <Claim>
{
new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "expired")
},
Credentials = new List <ResourceOwnerCredential>
{
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(-2),
Value = PasswordHelper.ComputeHash("password"),
Type = "pwd"
},
new ResourceOwnerCredential
{
ExpirationDateTime = DateTime.UtcNow.AddDays(2),
Type = "sms"
}
}
}
});
}
public async Task <string> Execute(AddUserParameter addUserParameter, string issuer = null)
{
if (addUserParameter == null)
{
throw new ArgumentNullException(nameof(addUserParameter));
}
if (string.IsNullOrWhiteSpace(addUserParameter.Password))
{
throw new ArgumentNullException(nameof(addUserParameter.Password));
}
var subject = await _subjectBuilder.BuildSubject().ConfigureAwait(false);
// 1. Check the resource owner already exists.
if (await _resourceOwnerRepository.GetAsync(subject) != null)
{
throw new IdentityServerException(Errors.ErrorCodes.UnhandledExceptionCode, Errors.ErrorDescriptions.TheRoWithCredentialsAlreadyExists);
}
var newClaims = new List <Claim>
{
new Claim(Jwt.Constants.StandardResourceOwnerClaimNames.UpdatedAt, DateTime.UtcNow.ToString()),
new Claim(Jwt.Constants.StandardResourceOwnerClaimNames.Subject, subject)
};
// 2. Populate the claims.
var existedClaims = await _claimRepository.GetAllAsync().ConfigureAwait(false);
if (addUserParameter.Claims != null)
{
foreach (var claim in addUserParameter.Claims)
{
if (!newClaims.Any(nc => nc.Type == claim.Type) && existedClaims.Any(c => c.Code == claim.Type))
{
newClaims.Add(claim);
}
}
}
var isFilterValid = true;
var userFilterResult = await _accountFilter.Check(newClaims).ConfigureAwait(false);
if (!userFilterResult.IsValid)
{
isFilterValid = false;
foreach (var ruleResult in userFilterResult.AccountFilterRules)
{
if (!ruleResult.IsValid)
{
_openidEventSource.Failure($"the filter rule '{ruleResult.RuleName}' failed");
foreach (var errorMessage in ruleResult.ErrorMessages)
{
_openidEventSource.Failure(errorMessage);
}
}
}
}
if (!isFilterValid)
{
throw new IdentityServerException(Errors.ErrorCodes.InternalError, Errors.ErrorDescriptions.TheUserIsNotAuthorized);
}
// 3. Add the scim resource.
if (_userClaimsEnricherLst != null)
{
foreach (var userClaimsEnricher in _userClaimsEnricherLst)
{
await userClaimsEnricher.Enrich(newClaims).ConfigureAwait(false);
}
}
// 4. Add the resource owner.
var newResourceOwner = new ResourceOwner
{
Id = subject,
Claims = newClaims,
TwoFactorAuthentication = string.Empty,
IsLocalAccount = true,
Password = PasswordHelper.ComputeHash(addUserParameter.Password)
};
if (!await _resourceOwnerRepository.InsertAsync(newResourceOwner))
{
throw new IdentityServerException(Errors.ErrorCodes.UnhandledExceptionCode, Errors.ErrorDescriptions.TheResourceOwnerCannotBeAdded);
}
// 5. Link to a profile.
if (!string.IsNullOrWhiteSpace(issuer))
{
await _linkProfileAction.Execute(subject, addUserParameter.ExternalLogin, issuer).ConfigureAwait(false);
}
_openidEventSource.AddResourceOwner(newResourceOwner.Id);
return(subject);
}
/// <summary>
/// This method sets password of UserModel from parameter to username form parameter.
/// </summary>
/// <param name="user">UserModel that should have the password set.</param>
/// <param name="password">New password to be set.</param>
/// <returns>Number of rows affected.</returns>
public int SetPassword(UserModel user, string password)
{
user.PasswordSalt = PasswordHelper.GetSalt();
user.PasswordHash = PasswordHelper.ComputeHash(user.PasswordSalt + password);
return(databaseContext.SaveChanges());
}
public IActionResult PasswordChange([FromBody] PasswordChangeStructure passwords)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization - none, because every logged user is authorized to change an own password.
#region VALIDATIONS
// All passwords must not be null or empty strings
if (String.IsNullOrEmpty(passwords.OldPassword) ||
String.IsNullOrEmpty(passwords.NewPassword) ||
String.IsNullOrEmpty(passwords.NewPasswordCopy))
{
messages.Add(new Message(MessageTypeEnum.Error,
5001,
new List <string>()));
return(BadRequest(messages));
}
// Both new passwords must be equal
if (passwords.NewPassword != passwords.NewPasswordCopy)
{
messages.Add(new Message(MessageTypeEnum.Error,
5002,
new List <string>()));
return(BadRequest(messages));
}
// Old password must be correct
if (authUserModel.PasswordHash != PasswordHelper.ComputeHash(authUserModel.PasswordSalt + passwords.OldPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5003,
new List <string>()));
return(BadRequest(messages));
}
// If passwords are required to be safer by application descriptor
if (authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Safer == true)
{
var sharedValidationHelper = new SharedValidationHelper();
if (!sharedValidationHelper.IsPasswordSafer(passwords.NewPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5004,
new List <string>()));
return(BadRequest(messages));
}
}
// If minimal password length is set
var minPasswordLength = authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min;
if (minPasswordLength != null)
{
if (passwords.NewPassword.Length < minPasswordLength)
{
messages.Add(new Message(MessageTypeEnum.Error,
5006,
new List <string>()
{
minPasswordLength.ToString(),
passwords.NewPassword.Length.ToString()
}));
return(BadRequest(messages));
}
}
#endregion
// Setting new password
var userRepository = new UserRepository(context);
userRepository.SetPassword(authUserModel, passwords.NewPassword);
messages.Add(new Message(MessageTypeEnum.Info,
5005,
new List <string>()));
return(Ok(messages));
}
/// <summary>
/// 添加种子数据方便测试
/// </summary>
/// <param name="context"></param>
public static void SeedData()
{
using (var context = new FocusDbContext())
{
if (!context.Users.Any())//添加用户种子数据
{
var salt = PasswordHelper.GenerateSalt();
var users = new List <User>
{
new User
{
Id = "ede7cad9-692c-4563-9adb-7eb2a37048a9",
Account = "admin",
Salt = salt,
Password = PasswordHelper.ComputeHash("123456", salt),
RoleId = "938858c1-e722-4360-a645-7ace8b1cf683",
CreatedTime = DateTime.Now,
Enabled = true,
IsDeleted = false,
CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1",
},
new User
{
Id = "962fa3fe-d29a-4bc6-b137-62aa90d713e2",
Account = "system",
Salt = salt,
Password = PasswordHelper.ComputeHash("123456", salt),
RoleId = "d3390e64-0ea4-47dc-9159-07c16ca905aa",
CreatedTime = DateTime.Now,
Enabled = true,
IsDeleted = false,
CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1"
},
};
context.Users.AddRange(users);
}
if (!context.Roles.Any())//添加角色种子数据
{
var roles = new List <Role>()
{
new Role
{
Id = "938858c1-e722-4360-a645-7ace8b1cf683",
Code = "system",
Name = "系统管理员",
CreatedTime = DateTime.Now,
Enabled = true,
CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9",
IsDeleted = false,
CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1"
},
new Role
{
Id = "d3390e64-0ea4-47dc-9159-07c16ca905aa",
Code = "administrator",
Name = "超级管理员",
CreatedTime = DateTime.Now,
Enabled = true,
CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9",
IsDeleted = false,
CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1"
}
};
context.Roles.AddRange(roles);
}
if (!context.Modules.Any())//添加模块菜单种子数据
{
var modules = new List <Module>()
{
new Module
{
Id = "1e8b7c2d-a72f-4a1b-b3fc-30edef4fda76",
ParentId = string.Empty,
Name = "基础配置",
Url = string.Empty,
Category = Domain.Enums.ModuleCategory.Catelog,
Icon = "fa fa-gears",
Rank = 1,
SortNumber = 1,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a",
ParentId = string.Empty,
Name = "系统管理",
Url = string.Empty,
Category = Domain.Enums.ModuleCategory.Catelog,
Icon = "fa fa-desktop",
Rank = 1,
SortNumber = 2,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "1c863c82-5937-452c-b3e3-71710ac829ee",
ParentId = "1e8b7c2d-a72f-4a1b-b3fc-30edef4fda76",
Name = "数据字典",
Url = "/Dictionary/Index",
Category = Domain.Enums.ModuleCategory.Page,
Rank = 2,
SortNumber = 1,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "82cf950d-8d1c-40ec-a1cd-8b58a4818da0",
ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a",
Name = "用户管理",
Url = "/User/Index",
Category = Domain.Enums.ModuleCategory.Page,
Rank = 2,
SortNumber = 1,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "530da57d-43a2-42f2-9cff-e21f766c334a",
ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a",
Name = "角色管理",
Url = "/Role/Index",
Category = Domain.Enums.ModuleCategory.Page,
Rank = 2,
SortNumber = 2,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "ad368108-4777-4672-b56d-104b6d227168",
ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a",
Name = "公司管理",
Url = "/Company/Index",
Category = Domain.Enums.ModuleCategory.Page,
Rank = 2,
SortNumber = 3,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
},
new Module
{
Id = "0d5c486f-4ee1-4c7c-90e5-73f01173bbe0",
ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a",
Name = "模块管理",
Url = "/Module/Index",
Category = Domain.Enums.ModuleCategory.Page,
Rank = 2,
SortNumber = 4,
IsExpanded = false,
IsDeleted = false,
CreatedTime = DateTime.Now,
Enabled = true
}
};
context.Modules.AddRange(modules);
}
if (!context.DictionaryTypes.Any())
{
var dictionaryTypes = new List <DictionaryType>
{
new DictionaryType
{
Id = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee",
ParentId = string.Empty,
Name = "通用数据字典",
SortNumber = 1,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryType
{
Id = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
ParentId = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee",
Name = "婚姻",
SortNumber = 2,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryType
{
Id = "8f54f12f-3154-4312-8595-4e5f341c0387",
ParentId = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee",
Name = "学历",
SortNumber = 3,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
}
};
context.DictionaryTypes.AddRange(dictionaryTypes);
}
if (!context.DictionaryDetails.Any())
{
var dictionaryDetails = new List <DictionaryDetail>()
{
new DictionaryDetail
{
TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
Id = "2d861175-8632-410a-80f2-a8f634ced7a7",
Name = "未婚",
SortNumber = 1,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryDetail
{
TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
Id = "def9ecc7-d7cd-4a84-be40-efcfdd44cba4",
Name = "已婚",
SortNumber = 2,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryDetail
{
TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
Id = "672a39d8-954b-499c-8b37-d8d03ad966c0",
Name = "离异",
SortNumber = 3,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryDetail
{
TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
Id = "e9776b4e-ac6e-4c2a-a3e6-9b56cbce7f6d",
Name = "丧偶",
SortNumber = 4,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
},
new DictionaryDetail
{
TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca",
Id = "82bccc1a-2f50-40c9-9f14-945d148e1e16",
Name = "其他",
SortNumber = 5,
Enabled = true,
CreatedTime = DateTime.Now,
IsDeleted = false
}
};
context.DictionaryDetails.AddRange(dictionaryDetails);
}
if (!context.Companies.Any())
{
var company = new Company
{
Id = "b735380d-e292-4bf4-b735-1286b165d5e1",
FullName = "Focus集团",
ShortName = "Focus Group",
Nature = string.Empty,
Website = "https://cn.bing.com/",
Email = "*****@*****.**",
Creator = "focus",
Contact = "focus",
Phone = "123456789",
Address = "中国广东深圳",
Enabled = true,
CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9",
CreatedTime = DateTime.Now,
IsDeleted = false
};
context.Companies.Add(company);
}
context.SaveChanges();
}
}
public ActionResult Edit(USERTABLEVIEW2 uSERTABLE)
{
//cek role user, apabila bukan user maka tidak diperbolehkan
if (Session["userRole"].ToString() != "admin")
{
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
//cek ketersediaan username
if (db.USERTABLEs.Where(m => m.USERNAME == uSERTABLE.userName && m.USERID != uSERTABLE.userId).FirstOrDefault() != null)
{
ViewBag.USERNAMENOT = "Username exists";
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
uSERTABLE.userPassword = null;
return(View(uSERTABLE));
}
if (ModelState.IsValid)
{
//cek row lama di database
var myUser = db.USERTABLEs.Find(uSERTABLE.userId);
myUser.USERNAME = uSERTABLE.userName;
//hashing
myUser.USERPASSWORD = PasswordHelper.ComputeHash(uSERTABLE.userPassword, "SHA512", GetBytes("my_secret"));
//opsional, user ber-ID 1 akan selalu berstatus aktif
if (myUser.USERID == 1)
{
myUser.STATUSID = 1;
}
else
{
//user ber-ID selain 1 akan mengikuti status yang telah dipilih di form sebelumnya
myUser.STATUSID = uSERTABLE.STATUSID.Value;
}
//hapus role user di database
foreach (var item in db.USERROLEs)
{
if (item.USERID == uSERTABLE.userId)
{
db.Entry(item).State = EntityState.Deleted;
}
}
//masukkan role user yang baru
foreach (var item in uSERTABLE.userRole)
{
if (item.Checked)
{
db.USERROLEs.Add(new USERROLE()
{
USERID = uSERTABLE.userId, ROLEID = item.Id
});
}
}
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
return(View(uSERTABLE));
}
public bool VerifyPassword(string password)
{
return(!string.IsNullOrEmpty(password) &&
PasswordHelper.ComputeHash(password, PasswordSalt) == PasswordHash);
}
public void AddSharedSecret(string secret)
{
Secrets.Add(new ClientSecret(ClientSecretTypes.SharedSecret, PasswordHelper.ComputeHash(secret)));
}
public IActionResult Create(string email, IFormFile file)
{
// List of messages to return to the client
var messages = new List <Message>();
#region application descriptor validations
// File with JSON application descriptor is required
if (file == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
0001,
new List <string>()));
return(BadRequest(messages));
}
// Get JObject from input file
JObject applicationDescriptorJObject;
using (var reader = new StreamReader(file.OpenReadStream()))
{
// Try to parse file to JObject - only valid JSON files are parsed
try
{
applicationDescriptorJObject = JObject.Parse(reader.ReadToEnd());
}
// If parsing was unsuccessfull, return error message containing location of error
catch (JsonReaderException e)
{
messages.Add(new Message(MessageTypeEnum.Error,
0002,
new List <string>()
{
e.Message
}));
return(BadRequest(messages));
}
}
var sharedAppInitHelper = new SharedAppInitHelper();
// With successfully parsed JSON file, validate it against schema
var schemaValidationMessages = sharedAppInitHelper.ValidateJSONAgainstSchema(applicationDescriptorJObject);
// If validation JSON is not valid return errors
if (schemaValidationMessages.Count != 0)
{
return(BadRequest(schemaValidationMessages));
}
// Get ApplicationDescriptor class instance from JObject
var applicationDescriptor = applicationDescriptorJObject.ToObject <ApplicationDescriptor>();
// LoginApplicationName must be unique
var applicationRepository = new ApplicationRepository(context);
var applicationModel = applicationRepository.GetByLoginApplicationName(applicationDescriptor.LoginApplicationName);
if (applicationModel != null)
{
messages.Add(new Message(MessageTypeEnum.Error,
0003,
new List <string>()
{
applicationDescriptor.LoginApplicationName
}));
}
// Validate datasets and attributes
messages.AddRange(sharedAppInitHelper.ValidateDescriptor(applicationDescriptor));
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
// Set default values to the application descriptor
sharedAppInitHelper.SetDefaultDescriptorValues(applicationDescriptor);
#region create new application
using (var transaction = context.Database.BeginTransaction())
{
// Create new application and add it to the database
var serializedApplicationDescriptor = JsonConvert.SerializeObject(applicationDescriptor);
var newApplication = new ApplicationModel {
LoginApplicationName = applicationDescriptor.LoginApplicationName,
ApplicationDescriptorJSON = serializedApplicationDescriptor
};
applicationRepository.Add(newApplication);
// Create new admin account for the application
// Random password
string newPassword;
var minPasswordLength = applicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min;
if (minPasswordLength != null)
{
newPassword = PasswordHelper.GenerateRandomPassword((int)minPasswordLength);
}
else
{
newPassword = PasswordHelper.GenerateRandomPassword(Constants.MinSaferPasswordLength);
}
// Admin rights
var appInitHelper = new AppInitHelper();
var newRights = appInitHelper.GetAdminRights(newApplication, applicationDescriptor);
var rightsRepository = new RightsRepository(context);
rightsRepository.Add(newRights);
var salt = PasswordHelper.GetSalt();
var newUser = new UserModel
{
Application = newApplication,
PasswordHash = PasswordHelper.ComputeHash(salt + newPassword),
PasswordSalt = salt,
Data = appInitHelper.GetDefaultAdminDataDictionary(applicationDescriptor.SystemDatasets.UsersDatasetDescriptor),
Rights = newRights,
Language = applicationDescriptor.DefaultLanguage
};
var userRepository = new UserRepository(context);
userRepository.Add(newUser);
// Try to send login details to admin account to email from parametres
try
{
appInitHelper.SendEmailWithCredentials(email, applicationDescriptor.ApplicationName, newApplication.LoginApplicationName, newPassword);
}
catch
{
messages.Add(new Message(MessageTypeEnum.Error,
0025,
new List <string>()
{
email
}));
return(BadRequest(messages));
}
// Commit all
transaction.Commit();
}
// If everythong was ok, save changes to the database
context.SaveChangesAsync();
#endregion
messages.Add(new Message(MessageTypeEnum.Info,
0026,
new List <string>()
{
applicationDescriptor.ApplicationName, email
}));
return(Ok(messages));
}
