public void ChangePassword(string token, string oldPassword, string newPassword) { if (oldPassword == newPassword) { throw new InvalidOperationException("Nelze použít původní heslo."); } using (var repository = new SnizPrestizRepository(true)) { var tokenData = repository.Users.FindValidSessionByTokenWithUser(token); if (tokenData == null) { throw new InvalidOperationException("Nelze změnit heslo. Nebyl nalezen platný token přihlášeného uživatele."); } if (tokenData.User.LocalAccount == null) { throw new InvalidOperationException("Nelze změnit heslo, protože nebyl nalezen lokální účet přihlášeného uživatele."); } tokenData.User.LocalAccount.Password = BCrypt.HashPassword(newPassword, BCrypt.GenerateSalt()); repository.SaveChanges(); } }
protected override ValidationResult IsValid(object value, ValidationContext validationContext) { if (value == null) { return(new ValidationResult("Login uživatele nemůže být null")); } if (!(value is string username)) { return(new ValidationResult("Login uživatele není řetězec.")); } if (username.Trim() == "") { return(new ValidationResult("Nebyl zadán login uživatele.")); } using (var repository = new SnizPrestizRepository()) { if (repository.Users.FindLocalAccountByUsername(username) != null) { return(new ValidationResult("Byl nalezen uživatel se stejným přihlašovacím jménem.")); } } return(ValidationResult.Success); }
protected override ValidationResult IsValid(object value, ValidationContext validationContext) { if (value == null) { return(new ValidationResult("ID kurzu nemůže být null")); } if (!(value is string course)) { return(new ValidationResult("ID kurzu není řetězec.")); } if (course.Trim() == "") { return(new ValidationResult("Nebylo zadáno ID Kurzu.")); } using (var repository = new SnizPrestizRepository()) { var exists = repository.Courses.ExistsCourse(course); if (!exists) { return(new ValidationResult("Hledaný kurz neexistuje.")); } } return(ValidationResult.Success); }
public bool IsAuthenticated(string token, HttpContext context) { using (var repository = new SnizPrestizRepository(false)) { var session = repository.Users.FindValidSessionByToken(token); return(session != null); } }
public Account GetLoggedAccount() { var token = GetAuthorizationToken(); using (var repository = new SnizPrestizRepository()) { return(repository.Users.FindValidSessionByTokenWithUser(token).User); } }
public IActionResult GetPostLabels() { using (var repository = new SnizPrestizRepository(false)) { var data = repository.Consts.GetLabels() .AsEnumerable() .Select(o => new Label(o)) .ToList(); return(Ok(data)); } }
public IActionResult GetPost([PostExists] long postID) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } using (var repository = new SnizPrestizRepository()) { var post = repository.Posts.FindPostById(postID); return(Ok(new Post(post))); } }
public IActionResult GetCoursesList(bool openOnly, bool favouriteOnly) { var loggedUser = GetLoggedAccount(); using (var repository = new SnizPrestizRepository()) { var data = repository.Courses.GetCoursesList(openOnly, favouriteOnly, loggedUser.ID) .AsEnumerable() .Select(o => new Course(o, loggedUser.ID)) .ToList(); return(Ok(data)); } }
public IActionResult GetCourse([CourseExists] string code) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var loggedUser = GetLoggedAccount(); using (var repository = new SnizPrestizRepository()) { var course = repository.Courses.FindCourseByCode(code); return(Ok(new Course(course, loggedUser.ID))); } }
protected override ValidationResult IsValid(object value, ValidationContext validationContext) { if (!(value is long id)) { return(new ValidationResult("Příspěvek se zadaným ID neexistuje.")); } using (var repository = new SnizPrestizRepository()) { if (!repository.Posts.ExistsPost(id)) { return(new ValidationResult("Příspěvek se zadaným ID neexistuje.")); } } return(ValidationResult.Success); }
public IActionResult GetPostsOfCourse([CourseExists] string code, int[] label, int?from, int?to) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } using (var repository = new SnizPrestizRepository()) { var posts = repository.Posts.GetPostsByCourse(code, label, from, to) .AsEnumerable() .Select(o => new SimplePost(o)) .ToList(); return(Ok(posts)); } }
public IActionResult GetOpenYearsOfCourse([CourseExists] string code) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } using (var repository = new SnizPrestizRepository()) { var course = repository.Courses.FindCourseByCode(code); var data = course.OpenedCourses .Select(o => new OpenedCourse(o)) .ToList(); return(Ok(data)); } }
public void CreateUser(string username, string password) { using (var repository = new SnizPrestizRepository(true)) { var localAccount = new LocalAccount() { Password = BCrypt.HashPassword(password, BCrypt.GenerateSalt()), Username = username }; var account = new Account() { LocalAccount = localAccount, Flags = (int)AccountFlags.None }; repository.Add(account); repository.SaveChanges(); } }
public IActionResult CreatePost([FromBody] CreatePostRequest request) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var loggedUser = GetLoggedAccount(); using (var repository = new SnizPrestizRepository(true)) { var entity = request.ToEntity(loggedUser); repository.Add(entity); repository.SaveChanges(); entity.Author = loggedUser; return(Ok(new Post(entity))); } }
public Session Authenticate(string username, string password) { using (var repository = new SnizPrestizRepository(true)) { var user = repository.Users.FindLocalAccountByUsername(username); if (user == null || !BCrypt.CheckPassword(password, user.Password)) { return(null); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(JwtConfig["Secret"]); var tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, user.ID.ToString()) }), Expires = DateTime.UtcNow.AddDays(Convert.ToInt32(JwtConfig["ExpirationDateDays"])), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenData = tokenHandler.WriteToken(token); var sessionData = new Session() { Token = tokenData, User = user.Account, Valid = 1 }; repository.Add(sessionData); repository.SaveChanges(); return(sessionData); } }
public void RevokeToken(string token, Account loggedUser) { if (string.IsNullOrEmpty(token)) { return; } using (var repository = new SnizPrestizRepository(true)) { var tokenData = repository.Users.FindValidSessionByToken(token); if (tokenData == null) { return; } if (tokenData.UserID != loggedUser.ID && !loggedUser.IsAdmin()) { throw new InvalidOperationException("Tento token může smazat pouze uživatel, který jej založil, nebo administrátor."); } tokenData.Valid = 0; repository.SaveChanges(); } }