public Result Update(AdministratorEntity entity)
{
var con = new DapperConnectionManager();
var query = new QueryEntity();
var result = new Result();
if (!string.IsNullOrEmpty(entity.Password))
{
if (entity.Password.Length < 6)
{
result = new Result(false);
result.Message = "Password length invalid";
return(result);
}
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
entity.Password = credentials.EncodePassword(entity.Password, hash);
entity.Hash = hash;
query.Query = @"UPDATE Administrators set Name = @Name, Password = @Password, Hash = @Hash where AdministratorId = @AdministratorId";
}
else
{
query.Query = @"UPDATE Administrators set Name = @Name where AdministratorId = @AdministratorId";
}
query.Entity = entity;
result = con.ExecuteQuery(query);
result.Message = result.Success ? "The Adminsitrator has been updated" : "An error occurred";
result.Entity = entity.AdministratorId;
return(result);
}
public string GenerateAdminToken(AdministratorEntity admin)
{
var utc0 = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
var issueTime = DateTime.Now;
var iat = (int)issueTime.Subtract(utc0).TotalSeconds;
var exp = (int)issueTime.AddDays(30).Subtract(utc0).TotalSeconds; // Expiration time is up to 1 hour, but lets play on safe side
IJwtAlgorithm algorithm = new HMACSHA256Algorithm();
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);
var payload = new Dictionary <string, object>
{
{ "AdministratorId", admin.AdministratorId },
{ "Username", admin.Username },
{ "exp", exp },
{ "iat", iat },
{ "roles", @"[admin, generic]" }
};
var token = encoder.Encode(payload, SecretAdminKey);
return(token);
}
public Result Insert(AdministratorEntity entity, bool seal = false)
{
var result = new Result();
if (entity.Password.Length < 6)
{
result = new Result(false);
result.Message = "Password length invalid";
return(result);
}
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
var hash = credentials.GenerateSalt();
entity.Password = credentials.EncodePassword(entity.Password, hash);
entity.Hash = hash;
entity.Username = entity.Username.Trim().ToLower();
entity.Sealed = seal;
query.Entity = entity;
query.Query = @"INSERT INTO Administrators (Username, Password, Hash, Sealed, Name) VALUES(@Username, @Password, @Hash, @Sealed, @Name)";
result = con.InsertQuery(query);
result.Message = result.Success ? "The administrator has been created" : "An error occurred";
result.Entity = entity;
return(result);
}
public ActionResult LogIn(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(RedirectToAction("Index"));
}
var administratorEntity = new AdministratorEntity()
{
Password = model.Password,
Username = model.Username
};
var result = _administratorsManager.LogIn(administratorEntity);
if (!result.Success)
{
TempData["Result"] = result;
return(RedirectToAction("Index"));
}
Session["AdminUser"] = result.Entity;
if (model.Remember)
{
HttpCookie cookie = new HttpCookie("MNFCMS");
DateTime now = DateTime.Now;
AdministratorEntity usr = (AdministratorEntity)result.Entity;
cookie.Value = usr.Token;
cookie.Expires = now.AddDays(30);
Response.Cookies.Add(cookie);
}
return(RedirectToAction("Index", "Home"));
}
public static AdministratorMD ToMetaData(AdministratorEntity entity)
{
return(new AdministratorMD
{
Id = entity.Id,
Account = entity.Account,
Password = entity.Password,
Identity = entity.Identity,
Name = entity.Name,
Birthday = entity.Birthday,
Phone = entity.Phone,
Address = entity.Address,
Status = entity.Status,
StatusOptions = GetOptions()
});
}
public Result LogIn(AdministratorEntity entity)
{
var con = new DapperConnectionManager();
var query = new QueryEntity();
var credentials = new CredentialsManager();
entity.Username = entity.Username.Trim().ToLower();
query.Query = @"SELECT * FROM Administrators
where Username = @Username";
query.Entity = entity;
var result = con.ExecuteQuery <AdministratorEntity>(query);
if (!result.Success)
{
result.Message = "Login error";
return(result);
}
var r = (IEnumerable <AdministratorEntity>)result.Entity;
var admin = r.FirstOrDefault();
if (admin == null)
{
result.Message = "User not found";
result.Success = false;
return(result);
}
var password = credentials.EncodePassword(entity.Password, admin.Hash);
if (password == admin.Password)
{
admin.Hash = null;
admin.Password = null;
admin.Token = credentials.GenerateAdminToken(admin);
result.Entity = admin;
return(result);
}
result.Message = "Incorrect password";
result.Success = false;
return(result);
}
public Result Insert(AdministratorEntity entity)
{
return(Insert(entity, false));
}
