public async Task <string> PostAsync([FromBody] UserDto userDto) { var userData = new Dictionary <string, object>() { { "profile_pic", userDto.ProfilePictureUrl } }; try { // Add user to the Stream API await _streamApi.StreamClient.Users.Add(userDto.Username, userData); PasswordHasher ph = new PasswordHasher(); // Add user to the DB _database.GetInstance.Execute("INSERT INTO users (username, pass, pic_url) VALUES(@user, @pass, @pic)", new { user = userDto.Username, pass = ph.Hash(userDto.Password), pic = userDto.ProfilePictureUrl }); // Register user timeline to his profile (the user timeline will show his own posts) IStreamFeed userTimeline = _streamApi.StreamClient.Feed("timeline", userDto.Username); await userTimeline.FollowFeed("user", userDto.Username); // Follow the admin account with the welcome message (if the user registering is already RecYou ignore it) if (userDto.Username != "RecYou") { await userTimeline.FollowFeed("user", "RecYou"); } } catch (Exception e) { return(e.Message); } return(JWT.GenerateToken(userDto.Username)); }
public string Post([FromBody] UserDto userDto) { PasswordHasher ph = new PasswordHasher(); UserDto user = _database.GetInstance.QuerySingleOrDefault <UserDto>("SELECT username, pass FROM users WHERE username = @user", new { user = userDto.Username }); if (user == null) { HttpContext.Response.StatusCode = 401; return(null); } (bool Verified, bool NeedsUpgrade)checkResult = ph.Check(user.Pass, userDto.Password); if (checkResult.Verified) { return(JWT.GenerateToken(userDto.Username)); } else { HttpContext.Response.StatusCode = 401; return(null); } }
public async Task <LoginResponse> AuthenticateUser(string login, string password) { User user = null; using (var connection = new SqlConnection(_connectionString)) { connection.Open(); user = connection .Query <User>( "EXEC [Support-API].[dbo].[SP_Get_User] @Login = @Login", new { Login = login } ).FirstOrDefault(); } LoginResponse response = new LoginResponse { Success = false, Errors = new List <string>(), JWT = string.Empty, }; if (user == null) { response.Errors.Add("Invalid Username or Password"); } else { Hash currentHash = new Hash(user.Hash); string hash = Hashing.GenerateHash(password, currentHash.iterations, currentHash.salt); if (hash == user.Hash) { string JwtSecret = _configuration.GetValue <string>("JwtSecret"); var token = JWT.GenerateToken(user.UUID, user.Login, JwtSecret); int code = Generator.RandomNum(111111, 999999); string hashedCode = Hashing.GenerateHash(code.ToString()); string emailPlainTemplate = "Hello {0} {1} {2}! Your Verification Code is: {3}"; string emailHtmlTemplate = "<html>" + "<body>" + "<div>" + "<h2>Support App</h3>" + "<div>Hello {0} {1} {2}!</div>" + "<div>Your Verification Code is: {3}</div>" + "</div>" + "</body>" + "</html>"; string emailApiKey = _configuration.GetValue <string>("MailApiKey"); SingleEmailPost email = new SingleEmailPost { From_Email = "*****@*****.**", From_Name = "Support App", To_Email = user.Email, To_Name = $"{user.First_Name} {user.Middle_Name} {user.Last_Name}", Subject = "Verification Email", Content_Html = string.Format(emailHtmlTemplate, user.First_Name, user.Middle_Name, user.Last_Name, code), Content_Plain = string.Format(emailPlainTemplate, user.First_Name, user.Middle_Name, user.Last_Name, code), }; await Email.SingleEmail(email, emailApiKey); Session session = _sessionManager.CreateSession(user, token, hashedCode); if (token == null || session == null) { response.Errors.Add("Authentication Error, please contact Administrator."); } else { response.Success = true; response.JWT = token; } } else { response.Errors.Add("Invalid Username or Password"); } } return(response); }
public async Task <ResultContract <LoginResultContract> > Login([FromBody] LoginParamContract loginParam) { try { if (string.IsNullOrWhiteSpace(loginParam.Account)) { return(new ResultContract <LoginResultContract> { Code = -1, Msg = "请输入账号" }); } if (string.IsNullOrWhiteSpace(loginParam.Password)) { return(new ResultContract <LoginResultContract> { Code = -1, Msg = "请输入密码" }); } //用户验证 var user = userService.CheckUser(loginParam.Account, loginParam.Password); if (user == null) { return(new ResultContract <LoginResultContract> { Code = -1, Msg = "账号或密码不正确" }); } //平台验证 var application = applicationService.GetApplicationByID(loginParam.AppId); if (application == null) { return(new ResultContract <LoginResultContract> { Code = -1, Msg = "平台未注册" }); } //更改用户登录状态 var userEntity = userService.GetUser(user.UserId); userEntity.IsLogin = true; userService.Update(userEntity); //生成token var model = new TokenDataModel { UserId = user.UserId, Account = user.UserAccount, AppName = application.AppName, FromSystem = "" }; var token = JWT.GenerateToken(model, application.AppSecret); var result = new LoginResultContract() { Token = token, User = new Contracts.DB.UserContract() { UserId = user.UserId, UserName = user.UserName, OrganizationId = user.OrganizationId } }; return(new Contracts.ResultContract <LoginResultContract>() { Code = 0, Msg = "", Data = result }); } catch (Exception) { return(new Contracts.ResultContract <LoginResultContract>() { Code = -1, Msg = "服务异常" });; } }