protected override void OnModelCreating(ModelBuilder modelBuilder)
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash("1", out passwordHash, out passwordSalt);
modelBuilder.Entity <User>().HasData(new User {
Id = 1,
UserName = "******",
Email = "*****@*****.**",
Type = UserType.System,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt
});
modelBuilder.Entity <Account>().HasData(new Account {
Id = 1,
UserId = 1,
Balance = 0
});
base.OnModelCreating(modelBuilder);
foreach (var relationship in modelBuilder.Model.GetEntityTypes().SelectMany(e => e.GetForeignKeys()))
{
relationship.DeleteBehavior = DeleteBehavior.Restrict;
}
}
public async Task UserSignUp(SignUpViewModel signUpViewModel)
{
if (String.IsNullOrEmpty(signUpViewModel.Username) || String.IsNullOrEmpty(signUpViewModel.Password) || String.IsNullOrEmpty(signUpViewModel.ConfirmPassword))
{
throw new Exception(ApplicationVariable.RequiredFieldsMessage);
}
if (!signUpViewModel.Password.Equals(signUpViewModel.ConfirmPassword))
{
throw new Exception(ApplicationVariable.PasswordDoesNotMatch);
}
var account = await _accountRepository.Find(x => x.Username.ToLower() == signUpViewModel.Username);
if (account.Count > 0)
{
throw new Exception(ApplicationVariable.UserAlreadyExist);
}
var accountModel = new AccountModel {
Username = signUpViewModel.Username, Name = signUpViewModel.Name
};
PasswordHasher.CreatePasswordHash(signUpViewModel.Password, out var passwordHash, out var passwordSalt);
accountModel.PasswordHash = passwordHash;
accountModel.PasswordSalt = passwordSalt;
await _accountRepository.Insert(accountModel);
}
public User ResetPassword(int id, string password, string validationToken)
{
var entity = _context.User.FirstOrDefault(e => e.Id == id);
if (entity != null)
{
if (entity.ResetPasswordToken == validationToken)
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
entity.PasswordHash = passwordHash;
entity.PasswordSalt = passwordSalt;
entity.ResetPasswordToken = null;
_context.SaveChanges();
return(entity);
}
throw new UnauthorizedAccessException();
}
throw new ArgumentNullException();
}
private async Task <ServiceOperationResult> ValidateAndStoreUserAsync(User user, string password)
{
if (string.IsNullOrEmpty(user.Username) || string.IsNullOrEmpty(password))
{
return(ServiceOperationResult.BadRequest("Email and password cannot be empty!"));
}
var userExists = _unitOfWork.Users
.GetAsQueryable()
.Any(au => au.Username == user.Username);
if (userExists)
{
return(ServiceOperationResult.Conflict($"User {user.Username} already exists"));
}
PasswordHasher.CreatePasswordHash(password, out var passwordHash, out var passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
_unitOfWork.Users.Add(user);
await _unitOfWork.SaveAsync();
return(ServiceOperationResult.Ok());
}
public (User, string) Create(User user, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
return(null, "Password is required");
}
;
User entity = db.Users.FirstOrDefault(o => o.Email == user.Email);
if (entity == null)
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.Type = UserType.Client;
string message = _accountService.OpenNewAccount(user);
message += AddFirstSumOnBalance(user);
return(user, "Your account is created." + message);
}
else
{
return(null, "The email is already exist. Choose another one.");
}
}
public void CreatePasswordHash_NullPassword_ShouldThrow()
{
PasswordHasher hasher = new PasswordHasher();
string msg = Assert.Throws <NullReferenceException>(() => hasher.CreatePasswordHash(null))
.Message;
Assert.Equal("password cannot be null or empty", msg);
}
public void CreatePasswordHash_ShouldCreate()
{
PasswordHasher hasher = new PasswordHasher();
string password = "******";
PasswordHashModel model = hasher.CreatePasswordHash(password);
Assert.NotNull(model);
Assert.NotNull(model.PasswordHash);
Assert.NotNull(model.PasswordSalt);
}
public void VerifyPasswordHash_CorrectHash_ShouldReturnTrue()
{
PasswordHasher hasher = new PasswordHasher();
string password = "******";
var model = hasher.CreatePasswordHash(password);
bool isCorrect = hasher.VerifyPasswordHash(password, model.PasswordHash, model.PasswordSalt);
Assert.True(isCorrect);
}
private AccountModel GetAdminAccount()
{
PasswordHasher.CreatePasswordHash("admin", out var passwordHash, out var passwordSalt);
return(new AccountModel
{
Id = 1,
Username = "******",
PasswordSalt = passwordSalt,
PasswordHash = passwordHash,
UpdateDate = DateTime.UtcNow
});
}
private static void InitializeUser()
{
if (!db.Users.Any())
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash("1", out passwordHash, out passwordSalt);
db.Users.Add(new User {
Username = "******", FirstName = "1", LastName = "1", Status = SystemRoles.Administrator, PasswordHash = passwordHash, PasswordSalt = passwordSalt
});
db.SaveChanges();
}
}
public SystemAccount()
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash("1", out passwordHash, out passwordSalt);
User systemUser = new User {
Id = 1, UserName = "******", Email = "*****@*****.**", Type = UserType.System, PasswordHash = passwordHash, PasswordSalt = passwordSalt
};
Id = 1;
UserId = 1;
User = systemUser;
Balance = 0;
}
public void VerifyPasswordHash_WrongHash_ShouldReturnFalse()
{
PasswordHasher hasher = new PasswordHasher();
string password = "******";
var model = hasher.CreatePasswordHash(password);
string wrongPassword = "******";
bool isCorrect = hasher.VerifyPasswordHash(wrongPassword, model.PasswordHash, model.PasswordSalt);
Assert.False(isCorrect);
}
public User Update(User obj, string password)
{
var entity = _context.User.FirstOrDefault(e => e.Id == obj.Id);
if (entity != null)
{
if (obj.Username != entity.Username)
{
if (_context.User.Any(x => x.Username == obj.Username))
{
throw new ApplicationException();
}
}
entity.FirstName = obj.FirstName;
entity.LastName = obj.LastName;
entity.Username = obj.Username;
entity.Email = obj.Email;
entity.EmailConfirmed = obj.EmailConfirmed;
entity.Token = obj.Token;
entity.State = obj.State;
if (!string.IsNullOrWhiteSpace(password))
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
entity.PasswordHash = passwordHash;
entity.PasswordSalt = passwordSalt;
}
_context.User.Update(entity);
_context.SaveChanges();
return(entity);
}
else
{
throw new ArgumentNullException();
}
}
public User Create(User obj, string password)
{
obj.Id = 0;
obj.CreatedDate = DateTime.Now;
obj.State = Enums.EntityState.Active;
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException();
}
if (_context.User.Any(x => x.Username == obj.Username))
{
throw new ApplicationException();
}
if (_context.User.Any(x => x.Email == obj.Email))
{
throw new ApplicationException();
}
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
obj.PasswordHash = passwordHash;
obj.PasswordSalt = passwordSalt;
_context.User.Add(obj);
_context.SaveChanges();
var entity = _context.User.FirstOrDefault(e => e.Id == obj.Id);
if (entity != null)
{
return(entity);
}
throw new ArgumentNullException();
}
public User AddUser(User user, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new Exception("Password cannot be null or whitespace only");
}
if (context.Users.Any(u => u.Name == user.Name))
{
throw new Exception("Username already taken");
}
byte[] passwordHash, passwordSalt;
pHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
context.Users.Add(user);
context.SaveChanges();
return(user);
}
public static async void OnEnterRegisterData(CustomPlayer player, Dictionary <string, string> registerData)
{
if (player.LoggedIn)
{
return;
}
var pData = new AccountData();
pData.Email = registerData["email"];
pData.Login = registerData["login"];
var passAndSalt = PasswordHasher.CreatePasswordHash(registerData["password"]);
pData.Password = passAndSalt.Item1;
pData.Salt = passAndSalt.Item2;
try
{
pData.Save();
}
catch (MongoWriteException e)
{
Alt.Log(e.ToString());
if (e.WriteError.Code == 11000)
{
player.Emit("auth:registerFailed", 0, "Player with such email or login already exists!");
}
else
{
player.Emit("auth:registerFailed", 1, e.Message);
}
return;
}
player.LoggedIn = true;
player.Data = pData;
player.Emit("auth:registerSuccess");
player.Model = (uint)PedModel.FreemodeMale01;
spawnPlayer(player, 0);
}
public void SeedDatabase()
{
var pendingMigrations = _context.Database.GetPendingMigrations();
if (pendingMigrations.Count() == 0)
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash("12345", out passwordHash, out passwordSalt);
var user = new User
{
Id = 0,
Username = "******",
FirstName = "test",
LastName = "user",
PasswordHash = passwordHash,
PasswordSalt = passwordSalt,
CreatedDate = DateTime.Now,
Email = "*****@*****.**",
EmailConfirmed = true,
ResetPasswordToken = null,
State = Enums.EntityState.Active
};
if (!_context.User.Any())
{
_context.User.Add(user);
_context.SaveChanges();
}
}
else
{
Migrate();
SeedDatabase();
}
}
public User Create(User user, string password)
{
// validation
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
if (db.Users.Any(x => x.Username == user.Username))
{
throw new AppException("Username " + user.Username + " is already taken");
}
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
db.Users.Add(user);
db.SaveChanges();
return(user);
}
public void Update(User userParam, string password = null)
{
var user = db.Users.Find(userParam.Id);
if (user == null)
{
throw new AppException("User not found");
}
if (userParam.Username != user.Username)
{
// username has changed so check if the new username is already taken
if (db.Users.Any(x => x.Username == userParam.Username))
{
throw new AppException("Username " + userParam.Username + " is already taken");
}
}
// update user properties
user.FirstName = userParam.FirstName;
user.LastName = userParam.LastName;
user.Username = userParam.Username;
// update password if it was entered
if (!string.IsNullOrWhiteSpace(password))
{
byte[] passwordHash, passwordSalt;
PasswordHasher.CreatePasswordHash(password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
}
db.Users.Update(user);
db.SaveChanges();
}
private void AddPassword(string password, UserEntity userEntity)
{
_passwordHasher.CreatePasswordHash(password, out byte[] passwordHash, out byte[] passwordSalt);
userEntity.PasswordHash = passwordHash;
userEntity.PasswordSalt = passwordSalt;
}
