public async Task <ActionResult <int> > ChangePassword(int id, [FromBody] UserChangePasswordRequest request)
{
var user = await _context
.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.UserId == id);
if (user != null)
{
var hash = await HashService.HashPassword(request.OldPassword, user.Salt);
if (hash == user.Password)
{
var salt = SaltGenerator.MakeSalty();
var newHash = await HashService.HashPassword(request.Password, salt);
var newUser = user with {
Password = newHash, Salt = salt
};
_context.Users.Update(newUser);
await _context.SaveChangesAsync();
return(new OkResult());
}
return(new ForbidResult());
}
return(new BadRequestResult());
}
public Contribuitor PreparaContribuitor(ContribuitorModelView contribuitorModelView, Contribuitor contribuitor)
{
var contribuitor1 = new Contribuitor();
ContribuitorDao contribuitorDao = new ContribuitorDao();
var contribuitorExistente = contribuitorDao.ObterPorCpf(contribuitorModelView.Cpf);
if (contribuitorExistente != null)
{
throw new Exception("Contribuidor já cadastrado");
}
var cpf = new ValidarCPF();
if (contribuitorModelView.Nome.Trim().Length == 0)
{
throw new Exception("Informe o NOME.");
}
else if (contribuitorModelView.Usuario.Trim().Length == 0)
{
throw new Exception("Informe o USUÁRIO.");
}
else if (contribuitorModelView.Senha.Trim().Length == 0)
{
throw new Exception("Informe a SENHA.");
}
else if (contribuitorModelView.DataNascimento == null)
{
throw new Exception("Informe a DATA DE NASCIMENTO.");
}
else if (contribuitorModelView.Cpf.Trim().Length == 0)
{
throw new Exception("Informe o CPF.");
}
else if (contribuitorModelView.IdSector == 0)
{
throw new Exception("Iforme o SETOR.");
}
else if (contribuitorModelView.DataCadastro == null)
{
throw new Exception("Iforme a DATA DE CADASTRO.");
}
else if (cpf.IsCpf(contribuitorModelView.Cpf) == false)
{
throw new Exception("CPF INVÁLIDO.");
}
else
{
contribuitor1.Nome = contribuitorModelView.Nome;
contribuitor1.Usuario = contribuitorModelView.Usuario;
contribuitor1.Senha = HashService.HashPassword(contribuitorModelView.Senha);
contribuitor1.Cpf = contribuitorModelView.Cpf;
contribuitor1.DataNascimento = contribuitorModelView.DataNascimento;
contribuitor1.DataCadastro = contribuitorModelView.DataCadastro;
contribuitor1.IdSector = contribuitorModelView.IdSector;
}
return(contribuitor1);
}
public void Add(User user)
{
using (DiplomaDBContext db = new DiplomaDBContext())
{
user.Password = HashService.HashPassword(user.Password);
db.ListOfUsers.Add(user);
db.SaveChanges();
}
}
public void Configure(EntityTypeBuilder <UserEntity> builder)
{
var hashService = new HashService();
builder.HasData(new List <UserEntity>()
{
new UserEntity()
{
Id = 1,
Name = "Vasiliy",
Password = hashService.HashPassword("123"),
LastName = "Pupkin",
Phone = "1234567891",
Role = UserRole.Client,
},
new UserEntity()
{
Id = 2,
Name = "Mariya",
Password = hashService.HashPassword("123"),
LastName = "Ivanova",
Phone = "1234567892",
Role = UserRole.Client,
},
new UserEntity()
{
Id = 3,
Name = "Petr",
Password = hashService.HashPassword("123"),
LastName = "Levin",
Phone = "1234567893",
Role = UserRole.Client
},
new UserEntity()
{
Id = 4,
Name = "Ivan",
Password = hashService.HashPassword("123"),
LastName = "Bikov",
Phone = "1234567894",
Role = UserRole.Client
}
});
}
public void ChangePassword(string userEmail, string newPassword)
{
using (DiplomaDBContext db = new DiplomaDBContext())
{
User user = db.ListOfUsers.Where(x => x.Email == userEmail).FirstOrDefault();
user.Password = HashService.HashPassword(newPassword);
db.SaveChanges();
}
}
public AuthResult Login([FromBody] AuthDto authDto)
{
var passwordHash = _hasher.HashPassword(authDto.Password, "qwe123qwe123");
var validatedUser = _appContext.Users.FirstOrDefault(
user => user.Username == authDto.Username && user.Password == passwordHash
);
return(new AuthResult {
Token = validatedUser != null
? _jwtService.CreateJwt(validatedUser.Id)
: null,
Error = validatedUser != null ? null : "Неверный логин или пароль.",
User = validatedUser
});
}
private static User CreateRandomUser(int index)
{
var salt = _hashServices.GetSalt();
const string password = "******";
return(new User
{
FirstName = _data[index][0],
LastName = _data[index][1],
Username = _data[index][2],
Email = _data[index][3],
ProfileImageUrl = ImageGenerator.GetProfileImage(_data[index][2]),
CoverImageUrl = ImageGenerator.GetCoverImage(index),
HashedPassword = _hashServices.HashPassword(salt, password),
Salt = salt
});
}
public ActionResult CreateUser([FromBody] UserDto userDto)
{
if (_context.Users.Any(u => u.Username == userDto.Username))
{
return(UnprocessableEntity("User already exists"));
}
var user = new User {
Email = userDto.Email,
Password = _passwordHasher.HashPassword(userDto.Password, "qwe123qwe123"),
Username = userDto.Username,
Name = userDto.Name
};
_context.Users.Add(user);
_context.SaveChanges();
return(Ok(user));
}
public async Task <ActionResult <AuthResponse> > Login([FromBody] LoginRequest request)
{
var user = await _context
.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.Username.ToLower() == request.Username.ToLower());
if (user != null)
{
var hash = await HashService.HashPassword(request.Password, user.Salt);
if (hash == user.Password)
{
return(new AuthResponse
{
Token = await GenerateJSONWebTokenAsync(user),
});
}
}
return(new ForbidResult());
}
public async Task <ActionResult <int> > Post([FromBody] UserRequest request)
{
var user = await _context
.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.Username.ToLower() == request.Username.ToLower());
if (user != null)
{
return(new BadRequestResult());
}
var salt = SaltGenerator.MakeSalty();
var hash = await HashService.HashPassword(request.Password, salt);
var result = _context.Users.Add(new User
{
Username = request.Username,
Firstname = request.Firstname,
Lastname = request.Lastname,
Password = hash,
Salt = salt,
Created = DateTime.UtcNow,
});
await _context.SaveChangesAsync();
var roles = await _context.Roles.Where(role => request.Roles.Contains(role.Name)).ToListAsync();
var userRoles = _context.UserRoles.AddRangeAsync(roles.Select(role => new UserRole
{
UserId = result.Entity.UserId,
RoleId = role.RoleId,
}).ToArray());
await _context.SaveChangesAsync();
return(result.Entity.UserId);
}
public ActionResult CreateUser([Bind(Include = "IdEmployee,LoginUser,PasswordUser")] Employee employee)
{
Employee emp = db.Employee.Find(employee.IdEmployee);
int idUser = (int)Session["idUser"];
int idCompany = (int)Session["idCompany"];
using (var trans = db.Database.BeginTransaction())
{
try
{
Log log = new Log
{
Who = idUser,
EmployeeId = employee.IdEmployee,
New = "[CL]", //CREATE LOGIN,
CompanyId = emp.CompanyId
};
emp.LoginUser = employee.LoginUser;
emp.PasswordUser = HashService.HashPassword(employee.PasswordUser);
db.SaveChanges();
db.Log.Add(log);
db.SaveChanges();
trans.Commit();
TempData["confirm"] = "USER CREATED SUCCESSFU";
return(RedirectToAction("Index"));
}
catch
{
trans.Rollback();
ViewBag.error = "ERROR 500, TRAY AGAIN, IF THE ERROR PERSIST CONTACT THE SYSTEM SUPPLIER";
return(View(employee));
}
}
}
public ActionResult Create([Bind(Include = "NameEmployee, Birth, Admission, Salary, OfficeId, CompanyId, HaveLogin, Permission, LoginUser, PasswordUser")] Employee employee,
[Bind(Include = "Cep, Logradouro, Numero, Bairro, Cidade, Uf")] Address address)
{
int idCompany = (int)Session["idCompany"];
int idUser = (int)Session["idUser"]; //who is login
#region CATCHING ALL PHONES IN REQUEST
List <Phone> phones = new List <Phone>();
List <string> request = Request.Form.ToString().Split('&').Where(p => p.Contains("DDD") || p.Contains("TypePhone") || p.Contains("Number")).ToList();
for (int i = 0; i < request.Count; i++)
{
Phone phoneRequest = new Phone();
if (request[i].Contains("TypePhone"))
{
phoneRequest.TypePhone = request[i].Replace("TypePhone=", "").ToString().Equals("Mobile") ? (TypePhone)1 : (TypePhone)2; //1 => Mobile | 2 => Landline
int index = request.IndexOf(request.Where(p => p.ToString().Contains("DDD=")).FirstOrDefault());
phoneRequest.DDD = request[index].Replace("DDD=", "");
request[index] = request[index].Replace("DDD=", "");
index = request.IndexOf(request.Where(p => p.ToString().Contains("Number=")).FirstOrDefault());
phoneRequest.Number = request[index].Replace("Number=", "");
request[index] = request[index].Replace("Number=", "");
phones.Add(phoneRequest);
}
}
#endregion
if (ModelState.IsValid)
{
if (employee.HaveLogin)
{
var currentUser = db.Employee.SingleOrDefault(u => u.LoginUser.Equals(employee.LoginUser));
if (currentUser == null)
{
employee.PasswordUser = HashService.HashPassword(employee.PasswordUser);
}
else
{
ViewBag.error = "PLEASE CHOOSE ANATHER LOGIN USER";
goto ReturnIfError;
}
}
using (var trans = db.Database.BeginTransaction())
{
try
{
#region SAVE NEW EMPLOYEE
#region Insert new Address
//Using (System.Data.Entity) Add -> Adds the given entity to the context that it will be inserted into the database when SaveChanges is called.
db.Address.Add(address);
db.SaveChanges();
#endregion
#region Insert New Employee
employee.AddressId = address.IdAddress;
db.Employee.Add(employee);
db.SaveChanges();
#endregion
Employee em = db.Employee.Where(e => e.NameEmployee.Equals(employee.NameEmployee)).FirstOrDefault();
#region Insert news Phones with AddRange
foreach (Phone p in phones)
{
p.EmployeeId = em.IdEmployee;
}
//Using (System.Data.Entity) AddRange -> Adds a collection of entities into context that it will be inserted into the database when SaveChanges is called.
db.Phone.AddRange(phones);
db.SaveChanges();
#endregion
#region Register Log
Log log = new Log
{
New = employee.NameEmployee + "-BD " + employee.Birth.ToString("dd/MM/yy") + "-AD " + employee.Admission.ToString("dd/MM/yy") + "-" + employee.Salary
+ "-O " + employee.OfficeId + "-A " + address.Cep + "/" + address.Numero,
Who = idUser,
EmployeeId = em.IdEmployee,
CompanyId = em.CompanyId
};
db.Log.Add(log);
db.SaveChanges();
#endregion
trans.Commit();
TempData["confirm"] = "NEW EMPLOYEE CREATED";
return(RedirectToAction("Index"));
#endregion
}
catch
{
trans.Rollback();
ViewBag.error = "ERROR 500, TRAY AGAIN, IF THE ERROR PERSIST CONTACT THE SYSTEM SUPPLIER";
goto ReturnIfError;
}
}
}
ReturnIfError:
#region ReturnIfError
try
{
int permission = (int)Session["permission"];
if (Check.IsSuperAdmin(permission))
{
ViewBag.CompanyId = new SelectList(db.Company, "IdCompany", "NameCompany", employee.CompanyId);
ViewBag.OfficeId = new SelectList(db.Office.OrderBy(c => c.CompanyId), "IdOffice", "NameOffice", employee.OfficeId);
IEnumerable <SelectListItem> typePermission = new SelectList(Enum.GetValues(typeof(Permission)));
ViewBag.Permission = typePermission;
}
else if (Check.IsAdmin(permission))
{
Company company = db.Company.Where(c => c.IdCompany == idCompany).FirstOrDefault();
List <Company> companies = new List <Company>();
companies.Add(company);
ViewBag.CompanyId = new SelectList(companies, "IdCompany", "NameCompany", employee.CompanyId);
ViewBag.OfficeId = new SelectList(db.Office.Where(o => o.CompanyId == idCompany), "IdOffice", "NameOffice", employee.OfficeId);
IEnumerable <SelectListItem> typePermission = new SelectList(Enum.GetValues(typeof(Permission))).Where(e => !e.Text.Equals("SuperAdmin"));
ViewBag.Permission = typePermission;
}
IEnumerable <SelectListItem> phone = new SelectList(Enum.GetValues(typeof(TypePhone)));
ViewBag.TypePhone = phone;
return(View(employee));
}
catch
{
TempData["error"] = "YOU ARE NOT LOGGED IN";
return(RedirectToAction("LogIn", "Employees"));
}
#endregion
}