private static void OperChangePass(user user, string newPass)
{
bool result = (user != null) && (!string.IsNullOrEmpty(newPass));
if (!result)
{
throw new ServiceUserException("ChangePass");
}
try
{
using (var servicios = new FrameworkServiceFactory())
{
user = servicios.ServiceUser.Find(user.Id);
user.Pass = MyCryptography.EncryptPass(newPass);
user.DateLastPassChange = DateTime.Now;
user.CountAfterPassAttempt = 0;
using (var transaction = new TransactionScope())
{
servicios.ServiceUser.GetOwnDataService.Update(user);
transaction.Complete();
}
}
}
catch (ApplicationException e)
{
throw new ServiceUserException("ChangePass: " + e.Message);
}
}
public static void ChangePass(user user, string oldPass, string newPass)
{
var result = (user != null) &&
(!string.IsNullOrEmpty(oldPass)) &&
(!string.IsNullOrEmpty(newPass)) &&
(user.Pass.Equals(MyCryptography.EncryptPass(oldPass), StringComparison.OrdinalIgnoreCase));
if (!result)
{
throw new ServiceUserException("ChangePass");
}
OperChangePass(user, newPass);
}
protected void Fill(user user, string name, string lastname, string pass, string email, string phone, int idPais, int idUserCreated)
{
user.Name = name;
user.LastName = lastname;
user.Pass = MyCryptography.EncryptPass(pass);
user.Email = email.ToLower();
user.Phone = phone;
user.IsActive = true;
user.IsLocked = false;
if (idUserCreated > 0)
{
user.UserCreated = idUserCreated;
}
user.DateCreated = DateTime.Now;
}
public static bool SaveChangePass(string Zold, string Znew)
{
string UserName = HttpContext.Current.Session["UserName"].ToString();
try
{
string[] nResult = Users_Data.CheckUser(UserName, Zold);
if (nResult[0] == "ERR")
{
return(false);
}
else
{
Users_Data.UpdatePass(nResult[1], MyCryptography.HashPass(Znew));
return(true);
}
}
catch { return(false); }
}
private void ChangePass(user user, string newPass)
{
bool result = (user != null) && (!string.IsNullOrEmpty(newPass));
if (!result)
{
throw new ServiceUserException("ChangePass");
}
try
{
user.Pass = MyCryptography.EncryptPass(newPass);
user.DateLastPassChange = DateTime.Now;
user.CountAfterPassAttempt = 0;
GetOwnDataService.Update(user);
}
catch (ApplicationException e)
{
throw new ServiceUserException("ChangePass: " + e.Message);
}
}
//現在のクリアデータを、外部にセーブする
//
public static void Save()
{
string json = JsonUtility.ToJson(SaveData.Instance);
string iv;
string base64;
MyCryptography.Encrypt(json, out iv, out base64);
byte[] ivBytes = Encoding.UTF8.GetBytes(iv);
byte[] base64Bytes = Encoding.UTF8.GetBytes(base64);
using (FileStream fs = new FileStream(GetSaveFilePath(), FileMode.Create, FileAccess.Write)) {
using (BinaryWriter bw = new BinaryWriter(fs)) {
bw.Write(ivBytes.Length);
bw.Write(ivBytes);
bw.Write(base64Bytes.Length);
bw.Write(base64Bytes);
}
}
}
public static InfoCenter GetBillBoardServiceObject(string billboardUrl)
{
try
{
if (server == null)
{
if (billboardUrl == null || billboardUrl == "")
{
return(null);
}
MyCryptography myCrypt = new MyCryptography("GCRIS2-20061025");
string strDeEncyptUrl = myCrypt.DeEncrypt(billboardUrl);
//string strDeEncyptUrl = "http://150.245.176.128:8080/BillBoardBroadcastService.soap";
BinaryServerFormatterSinkProvider serverProvider = new BinaryServerFormatterSinkProvider();
BinaryClientFormatterSinkProvider clientProvider = new BinaryClientFormatterSinkProvider();
serverProvider.TypeFilterLevel = TypeFilterLevel.Full;
IDictionary props = new Hashtable();
props["port"] = 0;
int timeOut = 5;//5 seconds
Int32.TryParse(System.Configuration.ConfigurationManager.AppSettings["BillboardTimeOut"], out timeOut);
props["connectionTimeout"] = timeOut;
channel = new HttpChannel(props, clientProvider, serverProvider);
ChannelServices.RegisterChannel(channel, false);
server = (InfoCenter)Activator.GetObject(
typeof(InfoCenter), strDeEncyptUrl);
}
return(server);
}
catch (Exception ex)
{
throw ex;
}
}
public MyConstant.EnumLoginError Authenticate(user user, string pass)
{
var result = MyConstant.EnumLoginError.NoError;
if (user == null)
{
return(MyConstant.EnumLoginError.NoUserRegistered);
}
if (user.IsConnected)
{
result = MyConstant.EnumLoginError.NoError; //myConstant.enumLoginError.UserConnected;
}
else if (user.IsLocked)
{
result = MyConstant.EnumLoginError.UserLocked;
}
if ((result == MyConstant.EnumLoginError.NoError) && (user.Pass != MyCryptography.EncryptPass(pass)))
{
result = MyConstant.EnumLoginError.IncorrectPassword;
}
return(result);
}
public static string[] CheckUser(string UserName, string Pass)
{
string[] nResult = new string[3];
User_Info nUserLogin = new User_Info(UserName, true);
if (nUserLogin.Key.Trim().Length == 0)
{
nResult[0] = "ERR";
nResult[1] = "CheckUser_Error01";
return(nResult);//"Don't have this UserName";
}
if (nUserLogin.Password != MyCryptography.HashPass(Pass))
{
nUserLogin.UpdateFailedPass();
nResult[0] = "ERR";
nResult[1] = "CheckUser_Error01";
return(nResult);// "Wrong Password";
}
if (!nUserLogin.Activate)
{
nResult[0] = "ERR";
nResult[1] = "CheckUser_Error02";
return(nResult);//"Don't Activate"
}
if (nUserLogin.ExpireDate < DateTime.Now)
{
nResult[0] = "ERR";
nResult[1] = "CheckUser_Error03";
return(nResult);//"Expire On"
}
nResult[0] = "OK";
nResult[1] = nUserLogin.Key;
nResult[2] = nUserLogin.EmployeeKey.ToString();
nUserLogin.UpdateDateLogin();
return(nResult);
}
/// <summary>
/// Validates context
/// </summary>
/// <param name="context">Context</param>
/// <returns>Validation task.</returns>
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
try
{
// getting user
var user = await this._userRepository.FindAsync(context.UserName);
// checking password
if (user != null)
{
// if password is ok set
if (user.Password == MyCryptography.Encrypt(context.Password) && user.IsVerified == true) //
{
context.Result = new GrantValidationResult(
subject: user.Id.ToString(),
authenticationMethod: "custom",
claims: GetUserClaims(user));
return;
}
// othwerwise construct error response
context.Result = new GrantValidationResult(
TokenRequestErrors.InvalidGrant, "Incorrect password or user is not verified");
return;
}
// message about non-existing user
context.Result = new GrantValidationResult(
TokenRequestErrors.InvalidGrant, "User does not exist.");
return;
}
// catching exception
catch (Exception)
{
context.Result = new GrantValidationResult(
TokenRequestErrors.InvalidGrant, "Invalid username or password");
}
}
public async Task <IActionResult> Put(int id, [FromBody] AdminInfo admin)
{
var userName = GetCurrentUserName();
if (userName == "Admin888")
{
await this.repo.ExecuteOperationAsync("UpdateAdmin", new[] { new KeyValuePair <string, object>("id", id), new KeyValuePair <string, object>("name", admin.Name ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("email", admin.Email ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("password", MyCryptography.Encrypt(admin.Password) ?? DBNull.Value.ToString()) });
return(Ok(await this.repo.ExecuteOperationAsync("GetAdmin", new[] { new KeyValuePair <string, object>("id", id) })));
}
return(NotFound());
}
/// <summary>
/// Init The buffer to store the login user infomation at the client side.
///
/// UserGuid : After successfully server-side logined, get this value.
///
/// RoleName, LoginName: Got from user input at the login form or dcom login call
///
/// The user inputed plain password is encrypted and stored here, encrypted is for Security net-work transfer.
///
/// ClientSessionID is a random string to encrypt and decrypt the password transfer between server and client Side
///
///Para: different bit stand for different meanings
///It's Value is set by WebserviceManager to storage the status got from server side
///0bit: no meanings
///1bit: no meanings
///2bit: 1 for no hard Dog pluged at the IIS Server Machine
///3bit: 1 fot the server time has exceed the the expire-time recorded at the hard dog,
///
/// FunsLicensedStr: stored the License function string recorded in the hard dog,got after successfully logined
///
/// IP: Client side IP Address, is for judging whether the calling is from the same client machine.
///
/// </summary>
/// <returns></returns>
public UserRow NewNullRow()
{
UserRow newRow = this.User.NewUserRow();
//UserGuid : After successfully server-side logined, get this value.
newRow.UserGuid = "";
//RoleName, LoginName: Got from user input at the login form or dcom login call
newRow.RoleName = "";
newRow.LoginName = "";
newRow.LocalName = "";
//The user inputed plain password is encrypted and stored here, encrypted is for Security net-work transfer.
newRow.PasswordEncrypted = "";
//ClientSessionID is a random string to encrypt and decrypt the password transfer between server and client Side
MyCryptography c = new MyCryptography("GCRIS2-20061025");
newRow.ClientSessionID = c.Encrypt(DateTime.Now.ToLongTimeString());// FormsAuthentication.HashPasswordForStoringInConfigFile(DateTime.Now.ToLongTimeString(), "SHA1");
//Para: different bit stand for different meanings
//It's Value is set by WebserviceManager to storage the status got from server side
//0bit: no meanings
//1bit: no meanings
//2bit: 1 for no hard Dog plugs at the IIS Server Machine
//3bit: 1 for the server time has exceed the the expire-time recorded at the hard dog
newRow.Para = 0;
//Para: different bit stand for different meanings
//It's Value is set by client to storage the status got from client side
//0bit: 1 for web clinic and 0 for smart client
//1bit: no meanings
//2bit: no meanings
//3bit: no meanings
newRow.ClientPara = 0;
//FunsLicensedStr: stored the License function string recorded in the hard dog, got after successfully logined
newRow.FunsLicensedStr = "";
//ServerTime: IIS Server side time got after successfully logined
newRow.ServerTime = System.DateTime.MinValue;
string strHostName = Dns.GetHostName();
IPHostEntry IPList = Dns.GetHostEntry(strHostName);
string strIPAddress = "";
foreach (IPAddress ip in IPList.AddressList)
{
strIPAddress = ip.ToString();
}
//IP: Client side IP Address, is for judging whether the calling is from the same client machine.
newRow.IP = strIPAddress;
#region Added by Blue for RC507 - US16220, 07/14/2014
//get client side MAC address
string mac = string.Empty;
ManagementClass mc = new ManagementClass("Win32_NetworkAdapterConfiguration");
ManagementObjectCollection moc = mc.GetInstances();
foreach (ManagementObject mo in moc)
{
if (mo["IPEnabled"].ToString() == "True")
{
mac = mo["MacAddress"].ToString();
}
}
newRow.IP = string.Format("{0}&{1}&{2}", newRow.IP, mac, strHostName);
#endregion
this.User.AddUserRow(newRow);
return(newRow);
}
public async Task <IActionResult> Post([FromBody] AdminInfo admin)
{
var userName = GetCurrentUserName();
if (userName == "Admin888") //our super admin
{
if ((int)this.userRepo.ExecuteOperation("ExistsLogin", new[] { new KeyValuePair <string, object>("login", admin.Login) }) == 1)
{
throw new System.Exception("Username already exists");
}
var res = await this.repo.ExecuteOperationAsync("CreateAdmin", new[] { new KeyValuePair <string, object>("name", admin.Name), new KeyValuePair <string, object>("email", admin.Email), new KeyValuePair <string, object>("login", admin.Login), new KeyValuePair <string, object>("password", MyCryptography.Encrypt(admin.Password)) });
return(Ok(res));
}
return(NotFound());
}
public async Task <IActionResult> Post([FromBody] SellerInfo seller)
{
if ((int)this.userRepo.ExecuteOperation("ExistsLogin", new[] { new KeyValuePair <string, object>("login", seller.Login) }) == 1)
{
throw new System.Exception("Username already exists");
}
var res = await this.repo.ExecuteOperationAsync("CreateSeller", new[] { new KeyValuePair <string, object>("name", seller.Name), new KeyValuePair <string, object>("email", seller.Email), new KeyValuePair <string, object>("cellphone", seller.CellPhone), new KeyValuePair <string, object>("address", seller.Address), new KeyValuePair <string, object>("login", seller.Login), new KeyValuePair <string, object>("password", MyCryptography.Encrypt(seller.Password)) });
return(Ok(res));
}
public async Task <IActionResult> Put(int id, [FromBody] SellerInfo seller)
{
var userId = GetCurrentUserId();
if (userId == ((SellerInfo)(await this.repo.ExecuteOperationAsync("GetSeller", new[] { new KeyValuePair <string, object>("id", id) }))).UserId)
{
await this.repo.ExecuteOperationAsync("UpdateSeller", new[] { new KeyValuePair <string, object>("id", id), new KeyValuePair <string, object>("name", seller.Name ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("cellphone", seller.CellPhone ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("address", seller.Address ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("email", seller.Email ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("password", MyCryptography.Encrypt(seller.Password) ?? DBNull.Value.ToString()) });
return(await this.GetById(id));
}
return(NotFound());
}
//外部にセーブされているデータを、ロードしてくる
//
static void Load()
{
//セーブデータの初期化
SaveData s = GetInitSaveData();
//
//テキストからデータを読んでくる
//
//ファイルが存在しなければ、何もロードしない
if (!File.Exists(GetSaveFilePath()))
{
Debug.Log("SaveData Not Exist");
SaveData.Instance = s;
return;
}
byte[] ivBytes = null;
byte[] base64Bytes = null;
using (FileStream fs = new FileStream(GetSaveFilePath(), FileMode.Open, FileAccess.Read)) {
using (BinaryReader br = new BinaryReader(fs)) {
int length = br.ReadInt32();
ivBytes = br.ReadBytes(length);
length = br.ReadInt32();
base64Bytes = br.ReadBytes(length);
}
//復号化
string json;
string iv = Encoding.UTF8.GetString(ivBytes);
string base64 = Encoding.UTF8.GetString(base64Bytes);
try {
MyCryptography.Decrypt(iv, base64, out json);
}
catch {
//エラー発生時はロードしない
SaveData.Instance = s;
return;
}
SaveData sd = JsonUtility.FromJson <SaveData>(json);
//エラーが起きたらロードしない
if (sd == null)
{
SaveData.Instance = s;
return;
}
//ステージ数が違っていたらロードしない
if (!IsSameStageNum(s, sd))
{
SaveData.Instance = s;
return;
}
//ロードする
SaveData.Instance = sd;
}
}
public async Task <IActionResult> Put(int id, [FromBody] CustomerInfo customer)
{
var userId = GetCurrentUserId();
if (((CustomerInfo)(await this.repo.ExecuteOperationAsync("GetCustomer", new[] { new KeyValuePair <string, object>("id", id) }))).UserId == userId)
{
await this.repo.ExecuteOperationAsync("UpdateCustomer", new[] { new KeyValuePair <string, object>("id", id), new KeyValuePair <string, object>("name", customer.Name = customer.Name ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("surname", customer.Surname = customer.Surname ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("email", customer.Email = customer.Email ?? DBNull.Value.ToString()), new KeyValuePair <string, object>("password", customer.Password = MyCryptography.Encrypt(customer.Password) ?? DBNull.Value.ToString()) });
return(Ok(await this.Get(id)));
}
return(NotFound());
}
