Esempio n. 1
0
        public PHSUser GenerateHashedUser(PHSUser user, out string message)
        {
            if (user == null)
            {
                message = Constants.ValueIsEmpty("User");
                return(null);
            }
            if (string.IsNullOrEmpty(user.Username))
            {
                message = Constants.ValueIsEmpty("User Id");
                return(null);
            }
            if (string.IsNullOrEmpty(user.Password))
            {
                message = Constants.ValueIsEmpty("Password");
                return(null);
            }

            try
            {
                user.PasswordSalt = PasswordManager.GenerateSalt();
                user.Password     = PasswordManager.SecureStringToString(PasswordManager.CreateHash(user.Password, user.PasswordSalt));
                message           = string.Empty;
                return(user);
            }
            catch (Exception ex)
            {
                ExceptionLog(ex);
                message = Constants.OperationFailedDuringAddingValue("User");
                return(null);
            }
        }
Esempio n. 2
0
        public bool ChangePassword(PHSUser user, string oldPass, string newPass, string newPassConfirm, out string message)
        {
            if (user == null || user.PHSUserID == 0 || string.IsNullOrEmpty(user.Username))
            {
                message = "Cannot find user";
                return(false);
            }
            if (string.IsNullOrEmpty(oldPass))
            {
                message = "Please Enter Old Password";
                return(false);
            }
            if (string.IsNullOrEmpty(newPass) || string.IsNullOrEmpty(newPass.Trim()))
            {
                message = "Please Enter New Password";
                return(false);
            }
            if (string.IsNullOrEmpty(newPassConfirm) || string.IsNullOrEmpty(newPassConfirm.Trim()))
            {
                message = "Please Enter Confirmed New Password";
                return(false);
            }
            if (!newPass.Trim().Equals(newPassConfirm, StringComparison.CurrentCultureIgnoreCase))
            {
                message = "Please confirm new password";
                return(false);
            }
            if (!PasswordManager.IsPasswordComplex(newPass))
            {
                message = "Password must be a combination of at least 1 digit, 1 upper case letter, 1 lower case letter, 1 symbol and length of at least 8";
                return(false);
            }
            var existingUser = IsAuthenticated(user.Username, oldPass, out message);

            if (existingUser == null)
            {
                message = "Invalid Password";
                return(false);
            }

            SecureString newPassHash = PasswordManager.CreateHash(newPass, user.PasswordSalt);

            using (var unitOfWork = CreateUnitOfWork())
            {
                try
                {
                    unitOfWork.Users.Get(user.PHSUserID).Password        = PasswordManager.SecureStringToString(newPassHash);
                    unitOfWork.Users.Get(user.PHSUserID).UsingTempPW     = false;
                    unitOfWork.Users.Get(user.PHSUserID).UpdatedDateTime = DateTime.Now;
                    unitOfWork.Complete();
                    return(true);
                }
                catch (Exception ex)
                {
                    ExceptionLog(ex);
                    message = "Operation failed during saving Password. Please contact system admin";
                    return(false);
                }
            }
        }
Esempio n. 3
0
 // radi remember me user kuki - stavlja username i HASH PWD-a
 private void AddRememberMeUserCookieIfChecked(string userName, string password)
 {
     if (cbRemeberMe.Checked)
     {
         HttpCookie kuki = new HttpCookie("RememberMeUser");
         kuki.Expires = DateTime.Now.AddYears(1);
         string kukiValue = $"{userName}{DELIMITER}{PasswordManager.CreateHash(password)}";
         kuki.Value = kukiValue;
         Response.Cookies.Add(kuki);
     }
 }
Esempio n. 4
0
        public void Post([FromBody] UserDto userDto)
        {
            if (userDto != null)
            {
                try
                {
                    var encryptedPassword = PasswordManager.CreateHash(userDto.Password);


                    IUserBo userBo = new UserBo();
                    if (userBo.Save(userDto.Username, encryptedPassword, userDto.Email, userDto.DomainId, userDto.RoleId))
                    {
                        var verCode = AccountVerification.GenerateVerificationCode();
                        if (userBo.SaveVerificationCode(verCode, userDto.Username))
                        {
                            try
                            {
                                EmailManager.SendEmail(userDto.Email, AccountVerification.SignUpConfirmationSubject, AccountVerification.GetVerificationMessage(verCode));
                            }
                            catch (Exception exception)
                            {
                                var message = new HttpResponseMessage(HttpStatusCode.ServiceUnavailable)
                                {
                                    Content = new StringContent("Error Sending Verification Email")
                                };
                                Logger.Error("API LAYER: ERROR IN CLASS: UserController, METHOD: POST =>> EXCEPTION MESSAGE: " + exception.Message);
                                throw new HttpResponseException(message);
                            }
                        }
                    }
                }
                catch (Exception exception)
                {
                    var message = new HttpResponseMessage(HttpStatusCode.ServiceUnavailable)
                    {
                        Content = new StringContent(exception.Message)
                    };
                    Logger.Error("API LAYER: ERROR IN CLASS: UserController, METHOD: POST =>> EXCEPTION MESSAGE: " + exception.Message);
                    throw new HttpResponseException(message);
                }
            }
            else
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }
        }
Esempio n. 5
0
        // --- LOGIN FORMA - postoji li user s tim podacima
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            string userName = txtEmail.Text;
            string password = txtPassword.Text;

            // provjeri je li ALFA MATER user ADMIN :)
            if (LoginIsApplicationAdmin(userName, PasswordManager.CreateHash(password)))
            {
                AddRememberMeUserCookieIfChecked(userName, password);
                RedirectSuccessfulLogin(Application["ApplicationAdmin"] as User);
            }
            // traži iz DataManagera tog usera
            else if (LoginIsRegisteredUser(userName, PasswordManager.CreateHash(password)))
            {
                AddRememberMeUserCookieIfChecked(userName, password);
                RedirectSuccessfulLogin(DataManager.GetUserByEmail(userName));
            }
            // ak nije našao iz DataManagera
            else
            {
                lblNoUser.Visible = true;
                txtEmail.Focus();
            }
        }
Esempio n. 6
0
        public bool ResetPassword(PHSUser loginUser, String[] selectedusers, string tempPW, out string message)
        {
            message = string.Empty;

            if (selectedusers == null || selectedusers.Length == 0)
            {
                message = "No Selection made!";
                return(false);
            }

            //try
            {
                //using (var unitOfWork = CreateUnitOfWork())
                {
                    //using (TransactionScope scope = new TransactionScope())
                    {
                        foreach (var username in selectedusers)
                        {
                            var userToUpdate = GetUserByUserName(username.ToString(), out message);
                            if (userToUpdate == null)
                            {
                                return(false);
                            }
                            if (userToUpdate.PasswordSalt == "")
                            {
                                userToUpdate.PasswordSalt = PasswordManager.GenerateSalt();
                            }
                            SecureString newPassHash = PasswordManager.CreateHash(tempPW, userToUpdate.PasswordSalt);
                            userToUpdate.Password        = PasswordManager.SecureStringToString(newPassHash);
                            userToUpdate.UsingTempPW     = true;
                            userToUpdate.UpdatedDateTime = DateTime.Now;
                            userToUpdate.UpdatedBy       = loginUser.Username;
                            if (!UpdateUser(loginUser, userToUpdate, out message))
                            {
                                return(false);
                            }


                            //var user = GetUserByUserName(username.ToString(), out message);
                            //var userToUpdate = unitOfWork.Users.Get(user.PHSUserID);
                            //Util.CopyNonNullProperty(user, userToUpdate);
                            //if (userToUpdate.PasswordSalt == "")
                            //    userToUpdate.PasswordSalt = PasswordManager.GenerateSalt();
                            //SecureString newPassHash = PasswordManager.CreateHash(tempPW, userToUpdate.PasswordSalt);
                            //userToUpdate.Password = PasswordManager.SecureStringToString(newPassHash);
                            //userToUpdate.UsingTempPW = true;
                            //userToUpdate.UpdatedDateTime = DateTime.Now;
                            //userToUpdate.UpdatedBy = loginUser.Username;
                        }

                        //unitOfWork.Complete();
                        //scope.Complete();
                    }
                }

                return(true);
            }
            //catch(Exception ex)
            //{
            //    ExceptionLog(ex);
            //    message = "Operation failed during reset Password.";
            //    return false;
            //}
        }
Esempio n. 7
0
        static void Main(string[] args)
        {
            var rand = new Random();

            Console.WriteLine("Check DB exists...");
            if (Database.Exists("BookStoreDb"))
            {
                Console.WriteLine("DB exists. Deleting...");
                Database.Delete("BookStoreDb");
            }
            else
            {
                Console.WriteLine("DB does not exist. Skip deleting.");
            }

            using (var db = new Db())
            {
                Console.WriteLine("Creating DB..");
                object tmp = db.Users.ToArray();

                Console.WriteLine("Branches..");
                var br1 = new Branch()
                {
                    Address = "Mira prospect, 11 - 21",
                    Name    = "Booko na Mira"
                };

                var br2 = new Branch()
                {
                    Address = "Ulica Vzletnaya, 22",
                    Name    = "Booko na Vzletke"
                };

                db.Branches.Add(br1);
                db.Branches.Add(br2);
                db.SaveChanges();

                Console.WriteLine("Creating employees and users..");
                var admin = new Employee
                {
                    Branch     = br1,
                    FirstName  = "Admin",
                    MiddleName = "Admin",
                    LastName   = "Admin",
                    User       = new User()
                    {
                        LastLoginTime = DateTime.Now,
                        Login         = "******",
                        Password      = PasswordManager.CreateHash("admin"),
                        Role          = Role.Admin
                    }
                };

                var ivanov = new Employee
                {
                    Branch     = br1,
                    FirstName  = "Ivan",
                    MiddleName = "Ivanovich",
                    LastName   = "Ivanov",
                    User       = new User()
                    {
                        LastLoginTime = DateTime.Now,
                        Login         = "******",
                        Password      = PasswordManager.CreateHash("iii"),
                        Role          = Role.User
                    }
                };

                var petrov = new Employee
                {
                    Branch     = br2,
                    FirstName  = "Petr",
                    MiddleName = "Petrovich",
                    LastName   = "Petrov",
                    User       = new User()
                    {
                        LastLoginTime = DateTime.Now,
                        Login         = "******",
                        Password      = PasswordManager.CreateHash("ppp"),
                        Role          = Role.User
                    }
                };

                var sidorov = new Employee
                {
                    Branch     = br2,
                    FirstName  = "Sidor",
                    MiddleName = "Sidorovich",
                    LastName   = "Sidorov",
                    User       = null
                };

                db.Employees.Add(admin);
                db.Employees.Add(ivanov);
                db.Employees.Add(petrov);
                db.Employees.Add(sidorov);
                db.SaveChanges();

                Console.WriteLine("Customers..");

                var customers = JsonConvert.DeserializeObject <List <Customer> >(File.ReadAllText("Customers.json"));
                customers.ForEach(c => db.Customers.Add(c));
                db.SaveChanges();

                Console.WriteLine("Book categories..");
                var fantasy = new BookCategory {
                    Name = "Fantasy"
                };
                var detective = new BookCategory {
                    Name = "Detective"
                };
                var scienceFiction = new BookCategory {
                    Name = "Science Fiction"
                };
                var novel = new BookCategory {
                    Name = "Novel"
                };

                db.BookCategories.Add(fantasy);
                db.BookCategories.Add(detective);
                db.BookCategories.Add(scienceFiction);
                db.BookCategories.Add(novel);
                db.SaveChanges();

                Console.WriteLine("Writers..");
                var writers = JsonConvert.DeserializeObject <List <Writer> >(File.ReadAllText("Writers.json"));
                writers.ForEach(w => db.Writers.Add(w));
                db.SaveChanges();

                Console.WriteLine("Books..");
                int k = 0;
                foreach (BookCategory bookCategory in db.BookCategories)
                {
                    for (int i = 0; i < 10; i++)
                    {
                        var book = new Book
                        {
                            Category    = bookCategory,
                            ISBN        = (100 + k) + "-1477827" + (100 + k),
                            Price       = rand.Next(10000, 100000) / 100.0M,
                            PublishYear = rand.Next(1990, 2015),
                            Title       = Titles.List[k],
                            Writers     = Enumerable.Range(1, k % 3 + 1)
                                          .Select(@int => writers[k + @int])
                                          .ToList(),
                            Amounts = new List <BookAmount>
                            {
                                new BookAmount
                                {
                                    Branch = br1,
                                    Amount = 10,
                                },
                                new BookAmount
                                {
                                    Branch = br2,
                                    Amount = 10,
                                }
                            }
                        };
                        db.Books.Add(book);
                        k++;
                    }
                }

                db.SaveChanges();
                Console.WriteLine("Done");
            }
        }