public ActionResult DownloadImage(int imageId)
{
try
{
var username = Username;
var image = ImagesDomain.GetImage(imageId);
if (image == null)
{
return(RedirectToAction("ViewImages"));
}
if (image.UsernameFk != username)
{
return(RedirectToAction("ViewImages"));
}
string relativePath;
var decryptedBytes = DecryptImage(image, username, out relativePath);
if (decryptedBytes == null)
{
return(RedirectToAction("ViewImages"));
}
return(File(decryptedBytes, System.Net.Mime.MediaTypeNames.Application.Octet, Path.GetFileName(relativePath)));
}
catch (Exception e)
{
LogsDomain.LogLevel("Images Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public ActionResult Upload(HttpPostedFileBase file, string title)
{
try
{
if (string.IsNullOrEmpty(title))
{
return(View());
}
var fileBytes = ReadFile(file.InputStream);
var typeCheck = MimeSniffer.GetMime(fileBytes);
var fileType = typeCheck.Substring(typeCheck.LastIndexOf("/", StringComparison.Ordinal) + 1);
var checkFile = VerifyFileType(fileType);
if (checkFile)
{
file.InputStream.Position = 0;
var extension = Path.GetExtension(file.FileName);
var filename = Guid.NewGuid() + extension;
var absolutePath = Server.MapPath(@"\Images") + @"\" + filename;
var relativePath = @"\Images\" + filename;
var username = Username;
var user = UsersDomain.GetUser(username);
if (user == null)
{
return(View());
}
using (var memoryStrem = new MemoryStream())
{
file.InputStream.CopyTo(memoryStrem);
memoryStrem.Position = 0;
file.InputStream.Position = 0;
var image = memoryStrem.ToArray();
var encryption = new Encryption();
var signatureBytes = encryption.SignFile(image, user);
var result = ImagesDomain.Add(relativePath, Convert.ToBase64String(signatureBytes), username, title);
file.SaveAs(absolutePath);
var cipher = encryption.HybridEncrypt(file.InputStream, user);
System.IO.File.WriteAllBytes(absolutePath, cipher);
ViewBag.Message = result.MessageResult;
}
}
}
catch (Exception e)
{
LogsDomain.LogLevel("Images Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
return(View());
}
public ActionResult AdminImages()
{
try
{
var images = ImagesDomain.GetImages();
return(View(images));
}
catch (Exception e)
{
LogsDomain.LogLevel("Images Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public ActionResult ViewImages()
{
try
{
var username = Username;
var images = ImagesDomain.ImagesUser(username);
return(View(images));
}
catch (Exception e)
{
LogsDomain.LogLevel("Images Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public ActionResult ViewImage(int imageId)
{
try
{
var username = Username;
var image = ImagesDomain.GetImage(imageId);
var identity = (ClaimsIdentity)Thread.CurrentPrincipal.Identity;
var roleEnc = identity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Role);
if (roleEnc == null)
{
return(RedirectToAction("ViewImages"));
}
var roleDec = Encryption.DecClaim(roleEnc.Value);
if (image.UsernameFk != username && roleDec == "Default")
{
return(RedirectToAction("ViewImages"));
}
string relativePath;
var decryptedBytes = DecryptImage(image, image.UsernameFk, out relativePath);
if (decryptedBytes == null)
{
return(RedirectToAction("ViewImages"));
}
var imageModel = new ImageViewModel
{
Title = image.Title,
Image = decryptedBytes
};
return(View(imageModel));
}
catch (Exception e)
{
LogsDomain.LogLevel("Images Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public async Task <ActionResult> Register(RegisterViewModel register)
{
try
{
var encodedResponse = Request.Form["g-Recaptcha-Response"];
var result = ReCaptcha.Validate(encodedResponse);
var isCaptchaValid = result.ToLower() == "true";
if (!isCaptchaValid)
{
return(Json("Captcha is missing. Please try again.", JsonRequestBehavior.AllowGet));
}
if (!ModelState.IsValid)
{
var errorList = ModelState.ToDictionary(
kvp => kvp.Key,
kvp => kvp.Value.Errors.Select(e => e.ErrorMessage).ToArray());
return(Json(errorList, JsonRequestBehavior.AllowGet));
}
var response = await HttpClient.PostAsJsonAsync(ApiUri + "/Account/Create", register);
var message = response.Content.ReadAsAsync <object>();
var msg = message.Result.ToString();
if (msg == "Success")
{
return(RedirectToAction("Index", "Home"));
}
dynamic json = JObject.Parse(msg);
var outerMessage = json.Message.ToString();
return(Json(outerMessage, JsonRequestBehavior.AllowGet));
}
catch (Exception e)
{
LogsDomain.LogLevel("Users Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public async Task <ActionResult> LogIn(LoginViewModel loginViewModel)
{
try
{
var response = await HttpClient.PostAsJsonAsync(ApiUri + "/Account/Authenticate", loginViewModel);
var message = response.Content.ReadAsAsync <object>();
var jsonResult = message.Result.ToString();
dynamic result = JObject.Parse(jsonResult);
if (result.message != "Success")
{
TempData["Message"] = result.Message.ToString();
return(RedirectToAction("LogIn", "Account"));
}
var username = Encryption.EncClaim(result.username.ToString());
var role = Encryption.EncClaim(result.role.ToString());
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, username),
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.Role, role)
}, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = false
}, identity);
return(RedirectToAction("Index", "Home"));
}
catch (Exception e)
{
LogsDomain.LogLevel("Users Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}
public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
{
try
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return(View("Login"));
}
var username = loginInfo.DefaultUserName;
var user = UsersDomain.GetUser(username);
if (user == null)
{
var newUser = new User
{
Username = username,
Email = loginInfo.Email
};
var result = UsersDomain.AddExternalUser(newUser);
var userCreated = result.ObjectResult;
var usernameClaim = Encryption.EncClaim(userCreated.Username);
var roleClaim = Encryption.EncClaim(userCreated.RoleName);
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, usernameClaim),
new Claim(ClaimTypes.Name, usernameClaim),
new Claim(ClaimTypes.Role, roleClaim)
}, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = false
}, identity);
return(RedirectToAction("Index", "Home"));
}
else
{
var usernameClaim = Encryption.EncClaim(user.Username);
var roleClaim = Encryption.EncClaim(user.RoleName);
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, usernameClaim),
new Claim(ClaimTypes.Name, usernameClaim),
new Claim(ClaimTypes.Role, roleClaim)
}, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = false
}, identity);
return(RedirectToAction("Index", "Home"));
}
}
catch (Exception e)
{
LogsDomain.LogLevel("Users Domain", e.Message);
return(RedirectToAction("InternalServer", "Error"));
}
}