Esempio n. 1
0
        public void ChangeUserPassword(ChangePasswordDto infos)
        {
            Logger.LogInformation($"Change password from user {infos.UserName}");

            Validate(infos);

            using (var context = RepositoriesFactory.CreateContext())
            {
                var local    = this.GetErrorStringLocalizer();
                var userRepo = RepositoriesFactory.GetUserRepository(context);

                var user = userRepo.GetByUserName(infos.UserName);

                if (user == null || !user.IsValid)
                {
                    throw new DaOAuthServiceException(local["ChangeUserPasswordUserInvalid"]);
                }

                if (!EncryptionService.AreEqualsSha256(
                        String.Concat(Configuration.PasswordSalt, infos.OldPassword), user.Password))
                {
                    throw new DaOAuthServiceException(local["ChangeUserPasswordPasswordInvalid"]);
                }

                if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal))
                {
                    throw new DaOAuthServiceException(local["ChangeUserPasswordDifferentsNewPasswords"]);
                }

                if (!infos.NewPassword.IsMatchPasswordPolicy())
                {
                    throw new DaOAuthServiceException(local["ChangeUserPasswordNewPasswordDontMatchPolicy"]);
                }

                user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword));

                userRepo.Update(user);

                context.Commit();
            }
        }
Esempio n. 2
0
        public UserDto GetUser(LoginUserDto credentials)
        {
            Logger.LogInformation($"Try to log user {credentials.UserName}");

            Validate(credentials);

            UserDto result = null;

            using (var c = RepositoriesFactory.CreateContext())
            {
                var repo = RepositoriesFactory.GetUserRepository(c);
                var user = repo.GetByUserName(credentials.UserName);

                if (user != null && user.IsValid && EncryptionService.AreEqualsSha256(
                        String.Concat(Configuration.PasswordSalt, credentials.Password), user.Password))
                {
                    result = user.ToDto();
                    Logger.LogInformation($"Log successfull for user {credentials.UserName}");
                }
            }

            return(result);
        }
Esempio n. 3
0
        public void SetNewUserPassword(NewPasswordDto infos)
        {
            Logger.LogInformation($"Define a new password using JWT token {infos.Token}");

            Validate(infos);

            var local = this.GetErrorStringLocalizer();

            var tokenInfos = JwtService.ExtractMailToken(infos.Token);

            if (!tokenInfos.IsValid)
            {
                throw new DaOAuthServiceException(local["SetNewUserPasswordInvalidToken"]);
            }

            if (!infos.NewPassword.IsMatchPasswordPolicy())
            {
                throw new DaOAuthServiceException(local["SetNewUserPasswordNewPasswordDontMatchPolicy"]);
            }

            if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal))
            {
                throw new DaOAuthServiceException(local["SetNewUserPasswordDifferentsNewPasswords"]);
            }

            using (var context = RepositoriesFactory.CreateContext())
            {
                var userRepo = RepositoriesFactory.GetUserRepository(context);
                var user     = userRepo.GetByUserName(tokenInfos.UserName);

                user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword));

                userRepo.Update(user);

                context.Commit();
            }
        }
Esempio n. 4
0
        public int CreateUser(CreateUserDto toCreate)
        {
            Logger.LogInformation($"Try creating a new user {toCreate.UserName}");

            IList <ValidationResult> ExtendValidation(CreateUserDto toValidate)
            {
                var errorResource = this.GetErrorStringLocalizer();
                IList <ValidationResult> result = new List <ValidationResult>();

                if (!String.IsNullOrEmpty(toCreate.Password) &&
                    !String.IsNullOrEmpty(toCreate.RepeatPassword) &&
                    !toCreate.Password.Equals(toCreate.RepeatPassword, StringComparison.Ordinal))
                {
                    result.Add(new ValidationResult(errorResource["CreateUserPasswordDontMatch"]));
                }

                if (!toValidate.Password.IsMatchPasswordPolicy())
                {
                    result.Add(new ValidationResult(errorResource["CreateUserPasswordPolicyFailed"]));
                }

                using (var c = RepositoriesFactory.CreateContext())
                {
                    var repo = RepositoriesFactory.GetUserRepository(c);

                    if (repo.GetByUserName(toCreate.UserName) != null)
                    {
                        result.Add(new ValidationResult(String.Format(errorResource["CreateUserUserNameExists"], toCreate.UserName)));
                    }

                    if (repo.GetByEmail(toCreate.EMail) != null)
                    {
                        result.Add(new ValidationResult(String.Format(errorResource["CreateUserEmailExists"], toCreate.EMail)));
                    }
                }

                return(result);
            }

            Logger.LogInformation(String.Format("Try to create user {0}", toCreate != null ? toCreate.UserName : String.Empty));

            Validate(toCreate, ExtendValidation);

            var idCreated    = 0;
            var mailResource = this.GetMailStringLocalizer();

            var u = new User()
            {
                BirthDate       = toCreate.BirthDate,
                CreationDate    = DateTime.Now,
                EMail           = toCreate.EMail,
                FullName        = toCreate.FullName,
                IsValid         = false,
                ValidationToken = RandomService.GenerateRandomString(32),
                Password        = EncryptionService.Sha256Hash(string.Concat(Configuration.PasswordSalt, toCreate.Password)),
                UserName        = toCreate.UserName
            };

            using (var c = RepositoriesFactory.CreateContext())
            {
                var repo = RepositoriesFactory.GetUserRepository(c);
                repo.Add(u);

                var userRoleRepo = RepositoriesFactory.GetUserRoleRepository(c);
                var roleRepo     = RepositoriesFactory.GetRoleRepository(c);

                var myRole = roleRepo.GetById((int)ERole.USER);
                if (myRole != null)
                {
                    userRoleRepo.Add(new UserRole()
                    {
                        RoleId = myRole.Id,
                        UserId = u.Id
                    });
                }

                var link = new Uri(String.Format(Configuration.ValidateAccountPageUrl, u.UserName, u.ValidationToken));

                MailService.SendEmail(new SendEmailDto()
                {
                    Body      = String.Format(mailResource["MailValidateAccountBody"], u.UserName, link.AbsoluteUri),
                    IsHtml    = true,
                    Receviers = new Dictionary <string, string>()
                    {
                        { u.EMail, u.EMail }
                    },
                    Sender  = new KeyValuePair <string, string>("*****@*****.**", "no reply"),
                    Subject = mailResource["MailValidateAccountSubject"]
                });

                c.Commit();
                idCreated = u.Id;
            }

            return(idCreated);
        }