public static void Load()
{
Users.Clear();
Directory.CreateDirectory("OMCLC\\Users");
foreach (string file in Directory.GetFiles("OMCLC\\Users"))
{
if (file.EndsWith(".auth"))
{
try
{
JObject obj = JObject.Parse(DESCode.Decrypt(File.ReadAllText(file)));
// System.Windows.Forms.MessageBox.Show(obj.ToString());
string type = obj["type"].ToString();
JObject value = obj["value"] as JObject;
User user = Parsers[type];
User u = user.ParseFromJObject(value);
// System.Windows.Forms.MessageBox.Show(u.SaveToObject().ToString());
Users.Add(u);
}
catch (Exception ex)
{
Logger.LogError("Failed to Load Auth File " + file + ", Exceptions:\n" + ex.Message + "\n" + ex.StackTrace);
}
}
}
// System.Windows.Forms.MessageBox.Show("AAA");
}
public IHttpActionResult ForgetPassword(string UserName, string Email)
{
DESCode lDESCode = new DESCode();
string en = lDESCode.EncryptDES("jason.wang");
string de = lDESCode.DecryptDES(en);
//SendEmail.SendSupportEmail("*****@*****.**", "Password recovery", "<strong>Recovering the password</strong>");
return Ok();
}
public ActionResult ChangePwd(ChangePwdModel passwordToChange)
{
if (!ModelState.IsValid)
{
return(View());
}
string superAdmin = Session["waveAccount"].ToString();
var account = (from m in _db.SuperAdmin
where m.supname == superAdmin
select m).First();
string key = account.supname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.spasswd, key) != passwordToChange.original)
{
TempData["ErrorMessage"] = "Your original passwords do not match, please retype it and try again. ";
return(View());
}
else if (passwordToChange.password != passwordToChange.confirmPwd)
{
TempData["ErrorMessage"] = "Your new passwords do not match, please retype them and try again. ";
return(View());
}
else
{
account.spasswd = DESCode.EncryptDES(passwordToChange.password, key);
try
{
_db.ApplyCurrentValues <SuperAdmin>(account.EntityKey.EntitySetName, account);
_db.SaveChanges();
TempData["SuccessMessage"] = "Your password has been sucessfully changed.";
return(RedirectToAction("Index"));
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Password change has failed because: " + exception.Message;
return(View());
}
}
}
public ActionResult CreateOrg(Org orgToCreate)
{
if (!ModelState.IsValid)
{
return(View());
}
try
{
var org = (from m in _db.Org
where m.orgname == orgToCreate.orgname
select m);
if (org.Count() != 0)
{
TempData["ErrorMessage"] = "Org name exists! ";
return(View());
}
if (orgToCreate.opasswd != Request.Form["ConfirmPassword"])
{
TempData["ErrorMessage"] = "Org creation failed! Passwords must match, please re-enter and try again.";
return(View());
}
string key = orgToCreate.orgname;
while (key.Length < 8)
{
key = key + key;
}
orgToCreate.opasswd = DESCode.EncryptDES(orgToCreate.opasswd, key);
orgToCreate.oscore = 0;
_db.AddToOrg(orgToCreate);
_db.SaveChanges();
TempData["SuccessMessage"] = "Org creation succeeds!";
return(RedirectToAction("Orgs"));
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Org creation has failed because: " + exception.Message;
return(View());
}
}
public ActionResult Create(Admin adminToCreate)
{
if (!ModelState.IsValid)
{
return(View());
}
try
{
var admin = (from m in _db.Admin
where m.adminname == adminToCreate.adminname
select m);
if (admin.Count() != 0)
{
TempData["ErrorMessage"] = "Administrator name exists, please retype it and try again! ";
return(View());
}
if (adminToCreate.apasswd != Request.Form["ConfirmPassword"])
{
TempData["ErrorMessage"] = "Administrator creation failed! Passwords must match, please re-enter and try again.";
return(View());
}
string key = adminToCreate.adminname;
while (key.Length < 8)
{
key = key + key;
}
adminToCreate.apasswd = DESCode.EncryptDES(adminToCreate.apasswd, key);
_db.AddToAdmin(adminToCreate);
_db.SaveChanges();
return(RedirectToAction("Index"));
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Administrator creation has failed because: " + exception.Message;
return(View());
}
}
public static void SaveALL()
{
foreach (User user in Users)
{
try
{
JObject obj = new JObject();
obj["type"] = user.ParserName;
obj["value"] = new JObject();
obj["value"] = user.SaveToObject();
File.WriteAllText("OMCLC\\Users\\" + user.UserName + ".auth", DESCode.Encrypt(obj.ToString()));
}
catch (Exception ex)
{
Logger.LogError("Failed to Save User " + user.UserName + ", Exceptions:\n" + ex.Message + "\n" + ex.StackTrace);
}
}
JObject sel = new JObject();
sel["select"] = SelectUser.UserName;
File.WriteAllText("OMCLC\\Users\\select.json", sel.ToString());
}
public ActionResult Login(LoginModel toCheck)
{
if (!ModelState.IsValid)
{
return(RedirectToAction("Main"));
}
try
{
switch (toCheck.type)
{
case 0:
{
var account = (from m in _db.SuperAdmin
where m.supname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().supname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().spasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "SuperAdmin"));
}
}
}
break;
case 1:
{
var account = (from m in _db.Admin
where m.adminname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().adminname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().apasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "Admin"));
}
}
}
break;
case 2:
{
var account = (from m in _db.Org
where m.orgname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().orgname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().opasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
if (account.First().ostate == -1)
{
account.First().ostate = 0;
_db.ApplyCurrentValues <Org>(account.First().EntityKey.EntitySetName, account.First());
_db.SaveChanges();
}
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "Org"));
}
}
}
break;
case 3:
{
var account = (from m in _db.Users
where m.username == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().username;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().upasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else if (account.First().ustate == 0)
{
TempData["WarningMessage"] = "Your need to active your account.";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
if (account.First().ustate == -1)
{
account.First().ustate = 1;
_db.ApplyCurrentValues <Users>(account.First().EntityKey.EntitySetName, account.First());
_db.SaveChanges();
}
return(Redirect(Request.UrlReferrer.ToString()));
}
}
}
break;
default:
return(View());
break;
}
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Login has failed because: " + exception.Message;
return(RedirectToAction("Main"));
}
}
public ActionResult Register(Users userToCreate)
{
if (!ModelState.IsValid)
{
return(View());
}
try
{
var users = (from m in _db.Users
where m.username == userToCreate.username
select m);
if (users.Count() != 0)
{
TempData["ErrorMessage"] = "User name exists! ";
return(View());
}
if (userToCreate.upasswd != Request.Form["ConfirmPassword"])
{
TempData["ErrorMessage"] = "Registration failed! Your passwords must match, please re-enter and try again.";
return(View());
}
try
{
string content = System.IO.File.ReadAllText(Server.MapPath("~/NewMemberEmail.txt"));
content = content.Replace("[Name]", userToCreate.username);
content = content.Replace("[LINK]", "<a href='http://" + Request.Url.Host + ":" + Request.Url.Port + "/User/Activation-" + Server.UrlEncode(userToCreate.username) + "-" + MD5Code.getMd5Hash(userToCreate.username) + "'>^_^Active^_^</a>");
content = content.Replace("[UserName]", userToCreate.username);
content = content.Replace("[Pwd]", userToCreate.upasswd);
if (!SendMail.send(userToCreate.uemail, content, Server, "Active"))
{
TempData["ErrorMessage"] = "Sorry. The format of your email address can't be recognized.";
return(View());
}
;
}
catch (Exception ex)
{
TempData["ErrorMessage"] = "Registration failed! Check your email again please." + ex.Message;
return(View());
}
try
{
string key = userToCreate.username;
while (key.Length < 8)
{
key = key + key;
}
userToCreate.upasswd = DESCode.EncryptDES(userToCreate.upasswd, key);
_db.AddToUsers(userToCreate);
_db.SaveChanges();
TempData["SuccessMessage"] = "Registration succeeds! Your can log in using the new username and password.";
}
catch (Exception ex)
{
TempData["ErrorMessage"] = "The databse is unreachable. Try again later." + ex.Message;
return(View());
}
return(RedirectToAction("Main"));
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Registration has failed because: " + exception.Message;
return(View());
}
}
public IActionResult Post()
{
var files = Request.Form.Files;
long size = files.Sum(f => f.Length);
int flag = 0;
//size > 100MB refuse upload !
if (size > 104857600)
{
flag = 1;
//return Json("pdf total size > 100MB , server refused !");
}
List <string> filePathResultList = new List <string>();
foreach (var file in files)
{
var fileName = ContentDispositionHeaderValue.Parse(file.ContentDisposition).FileName.ToString().Trim('"');
System.IO.File.Delete("licence.txt");
string filePath = hostingEnv.WebRootPath + $@"/Files/Files/";
if (!Directory.Exists(filePath))
{
Directory.CreateDirectory(filePath);
}
string suffix = fileName.Split('.')[1];
if (!fileFormatArray.Contains(suffix))
{
flag = 1;
//return Json("the file format not support ! you must upload files that suffix like 'pdf'.");
}
//fileName = Guid.NewGuid() + "." + suffix;//对上传的文件名加密
string fileFullName = filePath + "licence.txt";
using (FileStream fs = System.IO.File.Create(fileFullName))
{
file.CopyTo(fs);
fs.Flush();
}
filePathResultList.Add($"/src/Files/{fileName}");
}
if (flag == 1)
{
return(Json("Fail"));
}
else
{
string data = DESCode.Read(hostingEnv.WebRootPath + $@"/Files/Files/licence.txt");
string licencePostUrl = url + "api/v1/configuration/public/licence";
string licencePostData = "{{" +
"\"licence\":\"{0}\"" +
"}}";
////对于群组来说,upper_id和area_node_id均固定
licencePostData = string.Format(licencePostData, data);
string licencePostResult = PostUrl(licencePostUrl, licencePostData);
JObject joLicencePost = (JObject)JsonConvert.DeserializeObject(licencePostResult);
if (Convert.ToInt32(joLicencePost["code"]) == 200)
{
return(Json("Success"));
}
else
{
return(Json("Error"));
}
//return Json(filePathResultList[0].Remove(0, 10));
}
}
public IHttpActionResult ForgetPassword(string UserName, string Email, string Language)
{
BOC.Entities.Company lCompany = _BOCWebDBContext.Companys.Where(e => e.LoginUserName == UserName && e.CompanyEmail == Email).FirstOrDefault();
if(lCompany != null)
{
DateTime lNow = DateTime.Now;
var request = HttpContext.Current.Request;
DESCode lDESCode = new DESCode();
string lEncodeStrong = UserName + '|' + lNow.ToShortDateString();
string Url = "http://" + request.Url.Authority + "/index.html#ResetPassword?UserName="******"&language=" + HttpContext.Current.Server.UrlEncode(Language);
StringBuilder lEmailBody = new StringBuilder();
if (Language == "zh-CN")
{
lEmailBody.Append("<center>");
lEmailBody.Append("<table width=\"780\" style=\"border:1px solid #d64635;\">");
lEmailBody.Append("<thead>");
lEmailBody.Append("<tr style=\"background-color:#d64635;color:#FFF;height:34px;\">");
lEmailBody.Append("<th>Beef to China</th>");
lEmailBody.Append("</tr>");
lEmailBody.Append("</thead>");
lEmailBody.Append("<tbody>");
lEmailBody.Append("<tr>");
lEmailBody.Append("<th style=\"text-align:left;margin:20px;padding:20px;\">");
lEmailBody.Append("<p>尊敬的 <strong>").Append(UserName).Append("</strong>:</p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>请点击以下链接重置您的密码。(链接7天内有效)</p>");
lEmailBody.Append("<a href='").Append(Url).Append("'>").Append(Url).Append("</a>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>本邮件为系统邮件,请勿直接回复,谢谢!</p>");
lEmailBody.Append("<p>若有任何疑问,请联系 [email protected]</p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>Beef to China</p>");
lEmailBody.Append("</th>");
lEmailBody.Append("</tr>");
lEmailBody.Append("</tbody>");
lEmailBody.Append("</table>");
lEmailBody.Append("</center>");
SendEmail.SendSupportEmail(Email, "Beef to china 重置密码", lEmailBody.ToString());
}
else
{
lEmailBody.Append("<center>");
lEmailBody.Append("<table width=\"780\" style=\"border:1px solid #d64635;\">");
lEmailBody.Append("<thead>");
lEmailBody.Append("<tr style=\"background-color:#d64635;color:#FFF;height:34px;\">");
lEmailBody.Append("<th>Beef to China</th>");
lEmailBody.Append("</tr>");
lEmailBody.Append("</thead>");
lEmailBody.Append("<tbody>");
lEmailBody.Append("<tr>");
lEmailBody.Append("<th style=\"text-align:left;margin:20px;padding:20px;\">");
lEmailBody.Append("<p>Dear <strong>").Append(UserName).Append("</strong>:</p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>Please follow the link to reset your password. (The link is valid for 7 days.)</p>");
lEmailBody.Append("<a href='").Append(Url).Append("'>").Append(Url).Append("</a>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>This email is automatically generated by the system, please do not reply. Thanks! </p>");
lEmailBody.Append("<p>If you have any questions, please contact [email protected].</p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p></p>");
lEmailBody.Append("<p>Beef to China</p>");
lEmailBody.Append("</th>");
lEmailBody.Append("</tr>");
lEmailBody.Append("</tbody>");
lEmailBody.Append("</table>");
lEmailBody.Append("</center>");
SendEmail.SendSupportEmail(Email, "Beef to china reset password", lEmailBody.ToString());
}
return Ok();
}
else
{
return BadRequest("_usernameoremailnotcorrect");
}
}
public IHttpActionResult ResetPassword(ResetPassowrdParams aResetPassowrdParams)
{
try
{
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
string lNewPassword = lBOCPasswordHasher.HashPassword(aResetPassowrdParams.Password);
DESCode lDESCode = new DESCode();
string lUserName = lDESCode.DecryptDES(aResetPassowrdParams.UserName);
string[] lStringArray = lUserName.Split('|');
string lUserTrueName = lStringArray[0];
string lDateTime = lStringArray[1];
DateTime lNow = DateTime.Now;
DateTime lEmailDateTime = DateTime.Parse(lDateTime);
if ((lNow - lEmailDateTime).Days > 7)
{
return BadRequest("_resetpasswordexpired");
}
BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == lUserTrueName).FirstOrDefault();
if (lUser != null)
{
lUser.Password = lNewPassword;
_BOCWebDBContext.Users.Attach(lUser);
_BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified;
_BOCWebDBContext.SaveChanges();
return Ok();
}
else
{
return BadRequest("_reseterror");
}
}
catch (Exception e)
{
return BadRequest(e.ToString());
}
}
