public void Configure(EntityTypeBuilder <User> builder)
{
builder.ToTable("User");
builder.HasKey(u => u.ID);
builder.Property(u => u.ID).UseIdentityAlwaysColumn();
builder.Property(u => u.UserName).HasMaxLength(25).IsRequired();
builder.Property(a => a.Email).HasMaxLength(100).IsRequired();
builder.Property(a => a.FirstName).HasMaxLength(100).IsRequired();
builder.Property(a => a.LastName).HasMaxLength(100).IsRequired();
builder.Property(a => a.PhoneNumber).HasMaxLength(18);
builder.Property(a => a.Address).HasMaxLength(200).IsRequired();
builder.HasIndex(a => a.Email).IsUnique();
#region AdminEkleme
byte[] _hash;
byte[] _salt;
PasswordHelper.CreatePasswordHash("123", out _hash, out _salt);
builder.HasData(new User
{
ID = 1,
UserName = "******",
FirstName = "Ahmet Fehmi",
LastName = "Yavuz",
Address = "Rize",
Email = "*****@*****.**",
Role = UserRole.Admin,
IsActive = true,
PasswordHash = _hash,
PasswordSalt = _salt
});
#endregion
}
public Users Authenticate(string username, string password)
{
byte[] passwordHash, passwordSalt;
PasswordHelper.CreatePasswordHash(password, out passwordHash, out passwordSalt);
var user = _usersRepository.FindByUserName(username);
if (user == null || user.PasswordHash != passwordHash)
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_settings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString()),
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token).ToString();
_usersRepository.Update(user);
return(user);
}
public ActionResult Register(RegisterViewModel model)
{
llenarCBRegistro();
if (ModelState.IsValid)
{
if (db.Users.Any(x => x.RutUser == model.RutUser))
{
ViewData["ErrorMessage"] = "El Rut ya se encuentra registrado.";
return(View(model));
}
var user = new User();
user.RutUser = model.RutUser;
user.NombreUser = model.NombreUser;
user.ApellidoUser = model.ApellidoUser;
user.SexoUser = model.SexoUser;
user.TelefonoUser = model.TelefonoUser;
user.DireccionUser = model.DireccionUser;
byte[] psHash, psSalt;
PasswordHelper.CreatePasswordHash(model.Password, out psHash, out psSalt);
user.PasswordUserHash = psHash;
user.PasswordUserSalt = psSalt;
user.AliasUser = model.AliasUser;
user.FenacUser = model.FenacUser;
user.CargoId = model.CargoId;
user.EmailUser = model.EmailUser;
user.EstadoUser = model.EstadoUser;
db.Users.Add(user);
db.SaveChanges();
TempData["SuccessMessage"] = "Usuario Creado Correctamente";
return(RedirectToAction("Usuario", "Auth"));
}
return(View(model));
}
public void User_Create(User UserDomain, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
byte[] passwordHash, passwordSalt;
PasswordHelper.CreatePasswordHash(password, out passwordHash, out passwordSalt);
SQLParameters.UserID.Value = UserDomain.UserID;
SQLParameters.UserRole.Value = UserDomain.UserRole;
SQLParameters.FirstName.Value = UserDomain.FirstName;
SQLParameters.LastName.Value = UserDomain.LastName;
SQLParameters.Username.Value = UserDomain.Username;
SQLParameters.PasswordHash.Value = passwordHash;
SQLParameters.PasswordSalt.Value = passwordSalt;
_context.Database.ExecuteSqlCommand(
SQLCommands.User_Create,
SQLParameters.UserID,
SQLParameters.UserRole,
SQLParameters.FirstName,
SQLParameters.LastName,
SQLParameters.Username,
SQLParameters.PasswordHash,
SQLParameters.PasswordSalt);
}
public ActionResult Update(RegisterViewModel vm)
{
var users = db.Users.OrderBy(x => x.UserId).ToList();
var user = users.FirstOrDefault(x => x.UserId == vm.UserId);
if (user == null)
{
TempData["ErrorMessage"] = "El identificador no fue encontrado";
return(RedirectToAction("Index"));
}
user.RutUser = vm.RutUser;
user.NombreUser = vm.NombreUser;
user.ApellidoUser = vm.ApellidoUser;
user.SexoUser = vm.SexoUser;
user.TelefonoUser = vm.TelefonoUser;
user.DireccionUser = vm.DireccionUser;
byte[] psHash, psSalt;
PasswordHelper.CreatePasswordHash(vm.Password, out psHash, out psSalt);
user.PasswordUserHash = psHash;
user.PasswordUserSalt = psSalt;
user.AliasUser = vm.AliasUser;
user.FenacUser = vm.FenacUser;
user.CargoId = vm.CargoId;
user.EmailUser = vm.EmailUser;
user.EstadoUser = vm.EstadoUser;
db.Entry(user).State = System.Data.Entity.EntityState.Modified;
db.SaveChanges();
TempData["SuccessMessage"] = "Usuario actualizado correctamente";
return(RedirectToAction("Usuario", "auth"));
}
public bool UpdateUserPassword(string email, string oldPassword, string newPassword)
{
var user = this.GetUserByEmail(email);
if (user != null)
{
var hashedOldPassword = PasswordHelper.CreatePasswordHash(oldPassword, user.Salt);
if (user.HashedPassword != hashedOldPassword)
{
return(false);
}
}
var salt = PasswordHelper.CreateSalt(10);
var hashedNewPassword = PasswordHelper.CreatePasswordHash(newPassword, salt);
user.Salt = salt;
user.HashedPassword = hashedNewPassword;
this.data.UsersRepository.Update(user);
this.data.SaveChanges();
return(true);
}
public async Task <bool> InsertUserAsync(User user)
{
user.Password = PasswordHelper.CreatePasswordHash(user.Password, _hashKey);
int count = await _userRepo.InsertAsync(user);
return(count > 0);
}
protected override async Task Handle(UpdateStoreUser request, CancellationToken cancellationToken)
{
if (await context.StoreUsers.AnyAsync(x => x.Username == request.NewUsername))
{
throw new UsernameExistsException(nameof(StoreUser), request.NewUsername);
}
var storeUser = await context.StoreUsers.FindAsync(request.Id)
?? throw new NotFoundException(nameof(StoreUser), request.Id);
if (!PasswordHelper.VerifyPassword(request.Password, storeUser.PasswordHash, storeUser.PasswordSalt))
{
throw new PasswordInvalidException(nameof(StoreUser), request.Id);
}
if (!string.IsNullOrWhiteSpace(request.NewUsername))
{
storeUser.Username = request.NewUsername;
}
if (!string.IsNullOrWhiteSpace(request.NewPassword))
{
PasswordHelper.CreatePasswordHash(
request.NewPassword,
out string hash,
out string salt);
storeUser.PasswordHash = hash;
storeUser.PasswordSalt = salt;
}
await context.SaveChangesAsync(cancellationToken);
}
public UserModel Add(UserModel userModel)
{
var user = _mapper.Map <User>(userModel);
var userExist = _userService.GetByEmail(user.Email);
if (userExist != null)
{
throw new Exception("User is already taken!");
}
byte[] passwordHash, passwordSalt;
PasswordHelper.CreatePasswordHash(userModel.Password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Created = DateTime.Now;
user.IsActive = true;
_userService.Add(user);
Commit();
return(_mapper.Map <UserModel>(user));
}
/// <summary>
/// Will use the provided user and password to fill the hash and salt. The id will be filled
/// using the <see cref="GenerateId"/> Will return true if the method succeeded.
/// </summary>
/// <param name="user">
/// A user to be saved with all necessary parameters filled except the id. this will be
/// filled from <see cref="GenerateId"/>
/// </param>
/// <param name="password">The password to hash.</param>
/// <returns>True if the user was stored false otherwise.</returns>
/// <exception cref="NoPasswordException">No password was provided.</exception>
/// <exception cref="EmailTakenException">Email already exists.</exception>
public virtual string Create(string username, string email, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new NoPasswordException();
}
if (context.Users.Any(x => x.Email == email))
{
throw new EmailTakenException(email);
}
PasswordHelper.CreatePasswordHash(password,
out string passwordHash,
out string passwordSalt);
var user = new FoodOnlineUser
{
Username = username,
Email = email,
Id = IdGenerator.Generate(),
PasswordHash = passwordHash,
PasswordSalt = passwordSalt
};
context.Users.Add(user);
context.SaveChanges();
context.Entry(user).State = EntityState.Detached;
return(user.Id);
}
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.CreateTable(
name: "Users",
columns: table => new
{
Id = table.Column <int>(nullable: false)
.Annotation("SqlServer:Identity", "1, 1"),
FirstName = table.Column <string>(maxLength: 50, nullable: false),
LastName = table.Column <string>(maxLength: 50, nullable: false),
Email = table.Column <string>(maxLength: 50, nullable: false),
PasswordHash = table.Column <byte[]>(nullable: false),
PasswordSalt = table.Column <byte[]>(nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_Users", x => x.Id);
});
var(passwordSaltForIvanov, passwordHashForIvanov) = PasswordHelper.CreatePasswordHash("qwerty");
var(passwordSaltForPetrov, passwordHashForPetrov) = PasswordHelper.CreatePasswordHash("qwerty");
var(passwordSaltForSidorov, passwordHashForSidorov) = PasswordHelper.CreatePasswordHash("qwerty");
var users = new List <User>
{
new User
{
FirstName = "Ivan",
LastName = "Ivanov",
Email = "*****@*****.**",
PasswordHash = passwordHashForIvanov,
PasswordSalt = passwordSaltForIvanov
},
new User
{
FirstName = "Petr",
LastName = "Petrov",
Email = "*****@*****.**",
PasswordHash = passwordHashForPetrov,
PasswordSalt = passwordSaltForPetrov
},
new User
{
FirstName = "Sidor",
LastName = "Sidorov",
Email = "*****@*****.**",
PasswordHash = passwordHashForSidorov,
PasswordSalt = passwordSaltForSidorov
}
};
foreach (var user in users)
{
migrationBuilder.InsertData(
table: "Users",
columns: new[] { "FirstName", "LastName", "Email", "PasswordHash", "PasswordSalt" },
values: new object[] { user.FirstName, user.LastName, user.Email, user.PasswordHash, user.PasswordSalt });
}
}
public HttpResponseMessage CreateUser(UsersCreateModel model)
{
bool existingUser = false;
bool isCreated = false;
string salt;
string hashedPassword;
IEnumerable <User> users = ((IManager)this.usersManager).GetItems() as IEnumerable <User>;
if (users.Any(u => u.Email == model.Email))
{
existingUser = true;
}
if (!existingUser)
{
User user = this.usersFactory.Create(Guid.NewGuid(), model.Email, model.FirstName, model.LastName, model.IsExternal);
if (model.IsExternal)
{
user.Image = imageExtractor.GetImageAsBase64Url(model.AccessToken).Result;
salt = string.Empty;
hashedPassword = string.Empty;
}
else
{
salt = PasswordHelper.CreateSalt(10);
hashedPassword = PasswordHelper.CreatePasswordHash(model.Password, salt);
}
user.Salt = salt;
user.HashedPassword = hashedPassword;
user.UserExternalId = model.UserExternalId;
user.Age = model.Age;
user.PhoneNumber = model.PhoneNumber;
user.BloodType = (BloodType)model.BloodType;
if (model.PreferredLanguage == "en")
{
user.PreferredLanguage = PreferredLanguage.English;
}
else if (model.PreferredLanguage == "bg")
{
user.PreferredLanguage = PreferredLanguage.Bulgarian;
}
this.usersManager.CreateItem(user);
this.usersManager.SaveChanges();
isCreated = true;
}
HttpResponseMessage resp = new HttpResponseMessage();
resp.Content = new StringContent(JsonConvert.SerializeObject(isCreated));
resp.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
return(resp);
}
public async Task UpdateUserPasswordAsync(UserEntity dbUser, string password)
{
PasswordHelper.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
dbUser.PasswordHash = passwordHash;
dbUser.PasswordSalt = passwordSalt;
Update(dbUser);
await SaveAsync();
}
public async Task <string> Handle(RegisterStoreUser request, CancellationToken cancellationToken)
{
if (await context.StoreUsers.AnyAsync(x => x.Username == request.Username))
{
throw new UsernameExistsException(nameof(StoreUser), request.Username);
}
if (request.IsOwner)
{
PasswordHelper.CreatePasswordHash(
request.Password,
out string hash,
out string salt);
var owner = new StoreUser
{
Id = IdGenerator.Generate(),
Username = request.Username,
PasswordHash = hash,
PasswordSalt = salt,
Role = Role.StoreOwner
};
context.StoreUsers.Add(owner);
await context.SaveChangesAsync(cancellationToken);
return(owner.Id);
}
else
{
if (!context.Stores.Any(x => x.Id == request.StoreId))
{
throw new NotFoundException(nameof(Store), request.StoreId);
}
PasswordHelper.CreatePasswordHash(
request.Password,
out string hash,
out string salt);
var employee = new StoreUser
{
Id = IdGenerator.Generate(),
Username = request.Username,
PasswordHash = hash,
PasswordSalt = salt,
Role = Role.StoreEmployee,
StoreId = request.StoreId
};
context.StoreUsers.Add(employee);
await context.SaveChangesAsync(cancellationToken);
return(employee.Id);
}
}
public void Register(User user, string password)
{
var salt = PasswordHelper.CreateSalt(10);
var hashedPassword = PasswordHelper.CreatePasswordHash(password, salt);
user.Salt = salt;
user.HashedPassword = hashedPassword;
this.data.UsersRepository.Add(user);
this.data.SaveChanges();
}
public void InsertUser(User entity, string password)
{
byte[] _hash;
byte[] _salt;
PasswordHelper.CreatePasswordHash(password, out _hash, out _salt);
entity.PasswordHash = _hash;
entity.PasswordSalt = _salt;
CheckUser(entity);
entity.ActivationCode = Guid.NewGuid();
userDAL.Add(entity);
}
public async Task CreateUserAsync(UserEntity user, string password)
{
PasswordHelper.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Created = DateTime.Now;
user.LastActive = DateTime.Now;
Create(user);
await SaveAsync();
}
public HttpResponseMessage ChangeEmail(ChangeEmailModel model)
{
HttpResponseMessage resp = new HttpResponseMessage();
IEnumerable <User> users = this.usersManager.GetItems() as IEnumerable <User>;
IEnumerable <Claim> claims = (HttpContext.Current.User as ClaimsPrincipal).Claims;
string userEmail = claims.Where(c => c.Type == ClaimTypes.Email).Select(c => c.Value).FirstOrDefault();
if (!string.IsNullOrEmpty(userEmail))
{
User user = users.Where(u => u.Email == userEmail).FirstOrDefault();
string hashedPassword = PasswordHelper.CreatePasswordHash(model.Password, user.Salt);
if (user.HashedPassword == hashedPassword)
{
if (users.Where(u => u.Email == model.Email).FirstOrDefault() == null)
{
user.Email = model.Email;
this.usersManager.UpdateItem(user);
this.usersManager.SaveChanges();
resp.Content = new StringContent(JsonConvert.SerializeObject(new ChangeGeneralResponseViewModel()
{
IsSuccessful = true
}));
resp.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
}
else
{
resp.Content = new StringContent(JsonConvert.SerializeObject(new ChangeGeneralResponseViewModel()
{
IsSuccessful = false, State = "existing_mail"
}));
resp.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
}
}
else
{
resp.Content = new StringContent(JsonConvert.SerializeObject(new ChangeGeneralResponseViewModel()
{
IsSuccessful = false, State = "incorrect_password"
}));
resp.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
}
}
return(resp);
}
public async Task <CreateUserResponse> Create(string firstName, string lastName, string email, string userName,
string password)
{
var user = new User(firstName, lastName, userName, email);
PasswordHelper.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
user.PasswordSalt = passwordSalt;
user.PasswordHash = passwordHash;
AppDbContext.Users.Add(user);
await AppDbContext.SaveChangesAsync();
return(new CreateUserResponse(user.Id.ToString(), true));
}
public async Task <AppUser> Register(AppUser user, string password)
{
byte[] passwordHash, passwordSalt;
PasswordHelper.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
await context.AddAsync(user);
await context.SaveChangesAsync();
return(user);
}
public async Task <User> Handle(RegisterUserQuery request, CancellationToken cancellationToken)
{
var user = request.User;
PasswordHelper.CreatePasswordHash(request.Password, out byte[] passwordHash, out byte[] passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
await _context.Users.AddAsync(user, cancellationToken);
await _context.SaveChangesAsync(cancellationToken);
return(user);
}
public BaseUser Register(UserDto userDto)
{
if (GetUser(userDto) != null)
{
throw new FaceAppException("User with this email already registered");
}
BaseUser user = ToModel(userDto);
user.Id = Guid.NewGuid();
user.PasswordSalt = PasswordHelper.CreateSalt();
user.PasswordHash = PasswordHelper.CreatePasswordHash(userDto.Password, user.PasswordSalt);
Repository.Create(user);
ApiResponse.UserResponseMessage = "User successfully registered!";
return(user);
}
public async Task <User> Register(User user, string password)
{
byte[] passwordHash, saltHash;
PasswordHelper.CreatePasswordHash(password, out passwordHash, out saltHash);
user.Password = passwordHash;
user.PasswordSalt = saltHash;
await _context.AddAsync(user);
await _context.SaveChangesAsync();
return(user);
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
PasswordHelper.CreatePasswordHash("admin", out var passwordHash, out var passwordSalt);
modelBuilder.Entity <User>().HasData(new User()
{
Id = 1,
Username = "******",
FirstName = "admin",
LastName = "admin",
Role = "Admin",
Token = string.Empty,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt
});
}
public User Login(string email, string password)
{
var user = this.GetUserByEmail(email);
if (user != null)
{
var hashedPassword = PasswordHelper.CreatePasswordHash(password, user.Salt);
if (user.HashedPassword != hashedPassword)
{
return(null);
}
}
return(user);
}
public bool Seed()
{
if (!Users.Any(a => a.EMail.Equals("*****@*****.**")))
{
PasswordHelper.CreatePasswordHash("P@ssw0rd", out var passwordHash, out var passwordSalt);
var user = new UserEntity
{
AppKey = Guid.NewGuid(),
EMail = "*****@*****.**",
PasswordHash = passwordHash,
PasswordSalt = passwordSalt
};
Users.Add(user);
base.SaveChanges();
}
return(true);
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
if (await db.Users.AnyAsync(x => x.Email == model.Email)) // select * from users where email = [email protected]
{
ViewData["ErrorMessage"] = "El mail ya se encuentra registrado";
return(View());
}
var user = new User();
user.FirstName = model.FirstName;
user.LastName = model.LastName;
user.Email = model.Email;
user.CreatedAt = DateTime.Now;
user.UpdatedAt = DateTime.Now;
byte[] psHash, psSalt;
PasswordHelper.CreatePasswordHash(model.Password, out psHash, out psSalt);
user.PasswordHash = psHash;
user.PasswordSalt = psSalt;
var role = await db.Roles.FirstOrDefaultAsync(x => x.RoleName == StringHelper.ROLE_CLIENT);
if (role == null)
{
TempData["ErrorMessage"] = "Imposible crear al usuario, el rol no existe";
return(View());
}
db.Users.Add(user);
await db.SaveChangesAsync(); // guarda los cambios
var userRole = new UserRole {
UserId = user.UserId,
RoleId = role.RoleId
};
db.UserRoles.Add(userRole);
await db.SaveChangesAsync();
TempData["SuccessMessage"] = "Usuario creado correctamente";
return(RedirectToAction("Index", "Home"));
}
return(View(model));
}
public void SeedUsers()
{
var userData = System.IO.File.ReadAllText("Models/UserSeedData.json");
var users = JsonConvert.DeserializeObject <List <User> >(userData);
foreach (var user in users)
{
byte[] passwordHash, passwordSalt;
PasswordHelper.CreatePasswordHash("password", out passwordHash, out passwordSalt);
user.Password = passwordHash;
user.PasswordSalt = passwordSalt;
user.Username = user.Username.ToLower();
_context.Users.Add(user);
}
_context.SaveChanges();
}
public async Task SeedUsers()
{
if (!await _context.Users.AnyAsync())
{
var usersData = System.IO.File.ReadAllText("SeedData/UserSeedData.json");
var users = JsonConvert.DeserializeObject <List <UserEntity> >(usersData);
foreach (var user in users)
{
PasswordHelper.CreatePasswordHash("password", out var passwordHash, out var passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Username = user.Username.ToLower();
await _context.Users.AddAsync(user);
}
await _context.SaveChangesAsync();
}
}
public async Task <UserInfo> Register(RegisterInfo registerInfo)
{
var user = await _context.Users.FirstOrDefaultAsync(x => x.UserSettingInfo.Login == registerInfo.Login);
if (user != null)
{
throw new UserAlreadyExistException();
}
PasswordHelper.CreatePasswordHash(registerInfo.Password, out var hash, out var salt);
var settingInfo = new UserSettingInfo()
{
Login = registerInfo.Login,
PasswordHash = hash,
PasswordSalt = salt,
};
var newUser = UserInfo.Create(
registerInfo.FirstName,
registerInfo.LastName,
Domain.Enums.Role.User,
settingInfo);
using var transaction = _context.BeginTransaction();
try
{
var entity = _context.Users.Add(newUser);
await _context.SaveChangesAsync();
await transaction.CommitAsync();
return(entity.Entity);
}
catch (Exception e)
{
await transaction.RollbackAsync();
throw e;
}
}
