public void ChangePassword(string token, string oldPassword, string newPassword)
{
if (oldPassword == newPassword)
{
throw new InvalidOperationException("Nelze použít původní heslo.");
}
using (var repository = new SnizPrestizRepository(true))
{
var tokenData = repository.Users.FindValidSessionByTokenWithUser(token);
if (tokenData == null)
{
throw new InvalidOperationException("Nelze změnit heslo. Nebyl nalezen platný token přihlášeného uživatele.");
}
if (tokenData.User.LocalAccount == null)
{
throw new InvalidOperationException("Nelze změnit heslo, protože nebyl nalezen lokální účet přihlášeného uživatele.");
}
tokenData.User.LocalAccount.Password = BCrypt.HashPassword(newPassword, BCrypt.GenerateSalt());
repository.SaveChanges();
}
}
public void CreateUser(string username, string password)
{
using (var repository = new SnizPrestizRepository(true))
{
var localAccount = new LocalAccount()
{
Password = BCrypt.HashPassword(password, BCrypt.GenerateSalt()),
Username = username
};
var account = new Account()
{
LocalAccount = localAccount,
Flags = (int)AccountFlags.None
};
repository.Add(account);
repository.SaveChanges();
}
}
public IActionResult CreatePost([FromBody] CreatePostRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var loggedUser = GetLoggedAccount();
using (var repository = new SnizPrestizRepository(true))
{
var entity = request.ToEntity(loggedUser);
repository.Add(entity);
repository.SaveChanges();
entity.Author = loggedUser;
return(Ok(new Post(entity)));
}
}
public Session Authenticate(string username, string password)
{
using (var repository = new SnizPrestizRepository(true))
{
var user = repository.Users.FindLocalAccountByUsername(username);
if (user == null || !BCrypt.CheckPassword(password, user.Password))
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(JwtConfig["Secret"]);
var tokenDescriptor = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, user.ID.ToString())
}),
Expires = DateTime.UtcNow.AddDays(Convert.ToInt32(JwtConfig["ExpirationDateDays"])),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenData = tokenHandler.WriteToken(token);
var sessionData = new Session()
{
Token = tokenData,
User = user.Account,
Valid = 1
};
repository.Add(sessionData);
repository.SaveChanges();
return(sessionData);
}
}
public void RevokeToken(string token, Account loggedUser)
{
if (string.IsNullOrEmpty(token))
{
return;
}
using (var repository = new SnizPrestizRepository(true))
{
var tokenData = repository.Users.FindValidSessionByToken(token);
if (tokenData == null)
{
return;
}
if (tokenData.UserID != loggedUser.ID && !loggedUser.IsAdmin())
{
throw new InvalidOperationException("Tento token může smazat pouze uživatel, který jej založil, nebo administrátor.");
}
tokenData.Valid = 0;
repository.SaveChanges();
}
}