Esempio n. 1
0
        public BaseMessage GetProfile(UserAuthen user)
        {
            if (user == null)
                throw new HttpResponseException(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent("Please provide the credentials.") });

            var userDb = IoTUserMrg.GetUserCache(user.UserName);
            if (userDb != null)
            {
                //Get data attach (List<int> storesId) - List store by User
                var lst = new List<int>() { 1 };

                Profile p = new Profile();
                p.Stores = lst;

                string profile = p.SerializeJson();
                //Update profile
                IoTUserMrg.UpdateProfile(user.UserName, profile);

                BaseMessage msg = new BaseMessage("","",Framework.Exceptions.ErrorCode.IsSuccess,"");
                msg.SetData(profile);
                return msg;
            }
            else
            {
                throw new HttpResponseException(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent("Invalid user name or password.") });
            }
        }
Esempio n. 2
0
        public LoginResult Authenticate(UserAuthen user)
        {
            if (user == null)
                throw new HttpResponseException(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent("Please provide the credentials.") });

            if (IoTUserMrg.IsValidUser(user,false))
            {
                UGToken token = new UGToken(user);
                var status = new LoginResult() { Successeded = true, UGToken = token.Encrypt(), Message = "Successfully signed in." };

                //Get data attach (List<int> storesId) - List store by User
                var lst = new List<int>() { 1 };

                Profile p = new Profile();
                p.Stores = lst;

                string profile = p.SerializeJson();
                //Update profile
                IoTUserMrg.UpdateProfile(user.UserName, profile);

                //status attach data
                status.ProfileJson = profile;
                return status;
            }
            else
            {
                throw new HttpResponseException(new HttpResponseMessage() { StatusCode = HttpStatusCode.Unauthorized, Content = new StringContent("Invalid user name or password.") });
            }
        }
Esempio n. 3
0
 public string ClearCache(UserAuthen user)
 {
     if (IoTUserMrg.IsValidUser(user))
     {
         IoTUserMrg.CleanCache();
     }
     return "Clear Successfull.";
 }
Esempio n. 4
0
 public BaseToken(UserAuthen user)
 {
     UID = user.UserName;
     PWD = user.Password;
     Hash = user.PasswordHash;
     Exp = user.ExpireTimeSpanHours;
     CRT = DateTime.Now.Ticks;
 }
Esempio n. 5
0
 public string ClearCacheUser(UserAuthen user)
 {
     if (IoTUserMrg.IsValidUser(user))
     {
         IoTUserMrg.ClearCacheUser(user.UserName);
         return "Clear Successfull.";
     }
     return "Not Permission.";
 }
Esempio n. 6
0
 public BaseToken(UserAuthen user, string profileJson)
 {
     UID = user.UserName;
     PWD = user.Password;
     Hash = user.PasswordHash;
     Exp = user.ExpireTimeSpanHours;
     PRF = profileJson;
     CRT = DateTime.Now.Ticks;
 }
Esempio n. 7
0
        protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            if (request.Headers.Contains(UGConstants.HTTPHeaders.TOKEN_NAME))
            {
                string encryptedToken = request.Headers.GetValues(UGConstants.HTTPHeaders.TOKEN_NAME).First();
                try
                {
                    //Giam thieu toi da viec giai ma neu truyen token sai => performance
                    UGToken token = UGToken.Decrypt(encryptedToken);
                    request.Properties.Add(UGConstants.HTTPHeaders.TOKEN_NAME, token);
                    bool requestExpire = new DateTime(token.CRT).AddHours(token.Exp) <= DateTime.Now; //token.ClientIP.Equals(Utility.GetClientIpAddress(request));
                    if (requestExpire)
                    {
                        HttpResponseMessage reply = request.CreateErrorResponse(HttpStatusCode.Created, "Request Expire UGToken.");
                        return Task.FromResult(reply);
                    }
                    var iotMrg = HttpContext.Current.GetOwinContext().Get<IoTUserManager>();
                    UserAuthen user = new UserAuthen(token.UID, token.PWD, "", token.Exp, token.Hash);
                    bool isValidUser = iotMrg.IsValidUser(user);

                    if (!isValidUser)
                    {
                        HttpResponseMessage reply = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid indentity or client machine.");
                        return Task.FromResult(reply);
                    }
                }
                catch
                {
                    HttpResponseMessage reply = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid token.");
                    return Task.FromResult(reply);
                }
            }
            else
            {
                HttpResponseMessage reply = request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Request is missing authorization token.");
                return Task.FromResult(reply);
            }
            return base.SendAsync(request, cancellationToken);
        }
Esempio n. 8
0
        //Login lan dau
        public bool IsValidUser(UserAuthen user, bool isLogined)
        {
            //Check User
            bool isValid = false;
            string cacheKey = GetCacheKey(user.UserName);
            if (CacheUser.Contain(cacheKey))
            {
                var uc = CacheUser.Get<User>(cacheKey);

                if (isLogined)
                {
                    //Fast check
                    isValid = uc.PasswordHash == user.PasswordHash;
                }
                else
                {
                    //Very slow
                    var passHash = new CustomPasswordHasher();
                    isValid = passHash.VerifyHashedPassword(uc.PasswordHash, user.Password) == PasswordVerificationResult.Success;
                    if (isValid)
                        user.PasswordHash = uc.PasswordHash;
                }
            }
            else
            {
                //Check User
                var userDB = UserManager.Find(user.UserName, user.Password);
                //Check User
                if (userDB != null)
                {
                    SetUserToCache(userDB, cacheKey);
                    user.PasswordHash = userDB.PasswordHash;
                    isValid = true;
                }
            }
            return isValid;
        }
Esempio n. 9
0
        public TokenResponse RequestToken(UserAuthen user)
        {
            string urlToken = UGConstants.SSO.TokenEndpoint;
            var client = new OAuth2Client(new Uri(urlToken)
                , UGConstants.SSOClient.ClientId
                , UGConstants.SSOClient.ClientSecret);

            return client.RequestResourceOwnerPasswordAsync(user.UserName, user.Password, "openid profile email").Result;//write
        }
Esempio n. 10
0
 public string GetAccessToken(UserAuthen user)
 {
     var result = RequestToken(user);
     return result.AccessToken;
 }
Esempio n. 11
0
 public override bool IsValidUser(UserAuthen user)
 {
     return !string.IsNullOrWhiteSpace(GetAccessToken(user));
 }
Esempio n. 12
0
 //Kiem tra cac lan tiep theo
 public override bool IsValidUser(UserAuthen user)
 {
     return IsValidUser(user, true);
 }
Esempio n. 13
0
 public abstract bool IsValidUser(UserAuthen user);
Esempio n. 14
0
 public User GetUser(UserAuthen user)
 {
     string cacheKey = GetCacheKey(user.UserName);
     if (CacheUser.Contain(cacheKey))
     {
         return CacheUser.Get<User>(cacheKey);
     }
     else
     {
         var userDB = UserManager.FindByName(user.UserName);
         //Check User
         if (userDB != null)
         {
             return SetUserToCache(userDB, cacheKey);
         }
     }
     return null;
 }
Esempio n. 15
0
 public UGToken(UserAuthen user, string profileJson):base(user,profileJson)
 {
 }