protected virtual void ProcessUserAgentTag(ActionExecutingContext filterContext) { if (filterContext == null) { return; } if (filterContext.RequestContext == null) { return; } var request = filterContext.RequestContext.HttpContext.Request; if (request.IsLocal) { // чтобы не мусорить из студии return; } var tag = request.Cookies["uat"]; if (tag == null) { return; } Guid userAgentTagGuid; if (Guid.TryParse(tag.Value, out userAgentTagGuid) == false) { tag.Expires = DateTime.Now.AddDays(-10); return; } // если это бот if (UserAgentHelper.IsBot(request.UserAgent)) { return; } // установим время жизни if (tag.Expires.Year < 2030) { tag.Expires = new DateTime(2030, 1, 1); } // обновим userAgentTagId логина if (CurrentUser != null) { var cookieUserAgentTagValue = tag.Value; var sessionKey = "userAgentTagId"; var sessionValue = Session[sessionKey] as string; if (sessionValue != cookieUserAgentTagValue) { Session[sessionKey] = cookieUserAgentTagValue; ConfigDbServicesHelper.GetLoginService().UpdateUserAgentTag(CurrentUser.Id, userAgentTagGuid); } } }
public User FindUser(string login, string accountName) { AccountInfo account = null; if (!string.IsNullOrEmpty(accountName)) { account = ConfigDbServicesHelper.GetAccountService().GetOneOrNullBySystemName(accountName); } var logins = ConfigDbServicesHelper.GetLoginService().GetAllByLogin(login); if (logins.Length == 0) { throw new WrongLoginException(); } LoginInfo loginInfo; if (logins.Length == 1) { loginInfo = logins[0]; if (account != null && account.Id != loginInfo.Account.Id) { throw new WrongLoginException(); } } else { if (account == null) { throw new AccountRequiredException(); } loginInfo = logins.FirstOrDefault(t => t.Account.Id == account.Id); if (loginInfo == null) { throw new WrongLoginException(); } } if (loginInfo.Account.Status != AccountStatus.Active) { throw new AccountIsBlockedException(); } var accountContext = Context.GetAccountDbContext(loginInfo.Account.Id); var userRepository = accountContext.GetUserRepository(); var user = userRepository.GetOneOrNullByLogin(login); if (user == null) { throw new WrongLoginException(); } return(user); }
public JsonResult CheckNewLogin(AddUserModel model) { var login = ConfigDbServicesHelper.GetLoginService().GetOneOrNull(CurrentUser.AccountId, model.Login); if (login != null) { return(Json("Пользователь с таким EMail уже существует", JsonRequestBehavior.AllowGet)); } return(Json(true, JsonRequestBehavior.AllowGet)); }
public Guid StartResetPassword(Guid loginId, bool sendLetter = true) { var loginInfo = ConfigDbServicesHelper.GetLoginService().GetOneById(loginId); var tokenService = new TokenService(Context); var token = tokenService.GenerateToken(loginInfo.Account.Id, loginInfo.Id, TokenPurpose.ResetPassword, TimeSpan.FromDays(1)); if (sendLetter) { SendResetPasswordLetter(loginInfo.Account.Id, loginInfo.Id, token.Id); } return(token.Id); }
public JsonResult CheckExistingLogin(EditUserModel model) { var login = ConfigDbServicesHelper.GetLoginService().GetOneOrNull(CurrentUser.AccountId, model.Login); if (login != null) { using (var accountContext = AccountDbContext.CreateFromAccountId(login.Account.Id)) { var userRepository = accountContext.GetUserRepository(); var user = userRepository.GetOneOrNullByLogin(model.Login); if (user != null && user.Id != model.Id) { return(Json("Пользователь с таким EMail уже существует", JsonRequestBehavior.AllowGet)); } } } return(Json(true, JsonRequestBehavior.AllowGet)); }
public void MasterPasswordTest() { var account = TestHelper.GetTestAccount(); var password = PasswordHelper.GetRandomPassword(10); var user = TestHelper.CreateTestUser(account.Id, password); // Проверим, что можно зайти с мастер-паролем var masterPassword = ConfigDbServicesHelper.GetLoginService().MasterPassword(); if (masterPassword == null) { return; } using (var contexts = new DatabasesContext()) { var service = new UserService(contexts); var authInfo = service.Auth(user.Login, masterPassword, null); Assert.Equal(user.Id, authInfo.User.Id); } }
public void DeleteUser(User user, Guid accountId) { var accountContext = Context.GetAccountDbContext(accountId); var userRepository = accountContext.GetUserRepository(); var isLastUser = userRepository.QueryAll().Count() == 1; if (isLastUser) { throw new CantDeleteLastUserException(); } var isLastAdmin = !userRepository.QueryAll().Any(t => t.Id != user.Id && t.Roles.Any(x => x.RoleId == RoleId.AccountAdministrators)); if (isLastAdmin) { throw new CantDeleteLastAdminException(); } ConfigDbServicesHelper.GetLoginService().Delete(user.Id); userRepository.Remove(user); }
public AuthInfo Auth(string login, string password, string accountName) { AccountInfo account = null; if (!string.IsNullOrEmpty(accountName)) { account = ConfigDbServicesHelper.GetAccountService().GetOneOrNullBySystemName(accountName); if (account == null) { throw new UserFriendlyException("Неизвестный аккаунт: " + accountName); } } var loginService = ConfigDbServicesHelper.GetLoginService(); var logins = loginService.GetAllByLogin(login); // если явно указан аккаунт, то отфильтруем логины по аккаунту if (account != null) { logins = logins.Where(x => x.Account.Id == account.Id).ToArray(); } if (logins.Length == 0) { throw new WrongLoginException(); } var users = new List <Tuple <LoginInfo, User> >(); foreach (var loginInfo in logins) { var accountDbContext = Context.GetAccountDbContext(loginInfo.Account.Id); var userRepository = accountDbContext.GetUserRepository(); var user = userRepository.GetById(loginInfo.Id); if (PasswordHelper.VerifyHashedPassword(user.PasswordHash, password)) { users.Add(Tuple.Create(loginInfo, user)); } else { var masterPassword = loginService.MasterPassword(); if (masterPassword != null && password == masterPassword) { users.Add(Tuple.Create(loginInfo, user)); } } } if (users.Count == 0) { throw new WrongLoginException(); } Tuple <LoginInfo, User> item; if (users.Count == 1) { item = users[0]; if (account != null && account.Id != item.Item1.Account.Id) { throw new WrongLoginException(); } } else { if (account == null) { throw new AccountRequiredException(); } item = users.FirstOrDefault(t => t.Item1.Account.Id == account.Id); if (item == null) { throw new WrongLoginException(); } } if (item.Item1.Account.Status != AccountStatus.Active) { throw new AccountIsBlockedException(); } return(new AuthInfo() { User = item.Item2, AccountId = item.Item1.Account.Id }); }
public User UpdateUserLogin(User user) { ConfigDbServicesHelper.GetLoginService().UpdateLogin(user.Id, user.Login); return(user); }
public User CreateUser(User user, Guid accountId, bool sendLetter = true) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (user.Login == null) { throw new Exception("Не заполнено поле Login"); } var existingLogin = ConfigDbServicesHelper.GetLoginService().GetOneOrNull(accountId, user.Login); if (existingLogin != null) { throw new LoginAlreadyExistsException(user.Login); } user.SecurityStamp = Guid.NewGuid().ToString(); user.DisplayName = user.DisplayName ?? user.Login; user.UserContacts.Add(new UserContact() { Type = UserContactType.Email, Value = user.Login }); foreach (var role in user.Roles) { role.User = user; if (role.Id == Guid.Empty) { role.Id = Guid.NewGuid(); } } foreach (var contact in user.UserContacts) { contact.User = user; if (contact.Id == Guid.Empty) { contact.Id = Guid.NewGuid(); contact.CreateDate = DateTime.Now; } } var accountContext = Context.GetAccountDbContext(accountId); var userRepository = accountContext.GetUserRepository(); userRepository.Add(user); ConfigDbServicesHelper.GetLoginService().Add(user.Id, accountId, user.Login); Context.SaveChanges(); // По умолчанию включаем отправку новостей var userSettingService = accountContext.GetUserSettingService(); userSettingService.SendMeNews(user.Id, true); Context.SaveChanges(); // Для нового пользователя нужно создать подписки var subscriptionService = new SubscriptionService(Context); subscriptionService.CreateDefaultForUser(accountId, user.Id); Context.SaveChanges(); if (sendLetter) { var token = StartResetPassword(user.Id, false); using (var dispatcherContext = DispatcherContext.Create()) { var userService = dispatcherContext.UserService; userService.SendNewUserLetter(accountId, user.Id, token); } } return(user); }