public async Task RaiseAsync(Event evt)
{
if (evt.Name.Contains("Login"))
{
if (evt.EventType == EventTypes.Success)
{
UserLoginSuccessEvent successEvent = evt as UserLoginSuccessEvent;
UserAudit user = UserAudit.CreateAuditEvent(successEvent.SubjectId.ToString(), successEvent.Username, successEvent.DisplayName, successEvent.Name, successEvent.Id.ToString(), evt.EventType.ToString(), evt.RemoteIpAddress);
await _context.UserAuditEvents.AddAsync(user);
await _context.SaveChangesAsync();
}
else
{
UserLoginFailureEvent failEvent = evt as UserLoginFailureEvent;
UserAudit user = UserAudit.CreateAuditEvent(failEvent.Username.ToString(), failEvent.Id.ToString(), failEvent.Name, failEvent.EventType.ToString(), evt.RemoteIpAddress);
await _context.UserAuditEvents.AddAsync(user);
await _context.SaveChangesAsync();
}
}
else if (evt.Name.Contains("Logout"))
{
UserLogoutSuccessEvent failEvent = evt as UserLogoutSuccessEvent;
UserAudit user = UserAudit.CreateAuditEvent(failEvent.SubjectId.ToString(), failEvent.DisplayName, failEvent.DisplayName, failEvent.Name, failEvent.Id.ToString(), evt.EventType.ToString(), evt.RemoteIpAddress);
await _context.UserAuditEvents.AddAsync(user);
await _context.SaveChangesAsync();
}
}
public async Task AddUserAndAddAudit_Commit_RecordsExsists()
{
//arrange
var user = User.CreateSample();
var audit = UserAudit.CreateSample(user.Id);
IMongoDatabase db = _mongoRsResource.CreateDatabase();
await db.CreateCollectionAsync("users");
await db.CreateCollectionAsync("audit");
using (IClientSessionHandle session =
await _mongoRsResource.Client.StartSessionAsync())
{
var repo = new UserRepositoryWithTransaction(db);
session.StartTransaction();
//act
await repo.AddAsync(user, session);
await repo.AddAuditAsync(audit, session);
await session.CommitTransactionAsync();
}
//assert
User createdUser = await GetUserAsync(db, user.Id);
createdUser.Should().BeEquivalentTo(user);
UserAudit createdAudit = await GetUserAuditAsync(db, audit.Id);
createdAudit.Should().BeEquivalentTo(audit);
}
public ActionResult Login(LoginModel model)
{
if (ModelState.IsValid)
{
var userModel = new UserAudit
{
CompanyId = model.CompanyId,
Login = model.Login,
Password = model.Password,
SessionId = model.SessionId,
};
if (ContextManager.Authorize(userModel))
{
var userToUpdate = ContextManager.GetCompanyUser(model.CompanyId);
if (userToUpdate != null)
{
userToUpdate.LastAuthorization = DateTime.Now;
userToUpdate.SessionId = model.SessionId;
ContextManager.SaveUserAudit(userToUpdate);
}
return(RedirectToAction("Details", "Company", new { id = model.CompanyId }));
}
else
{
model.Successful = false;
ModelState.AddModelError("Login", "Login/Password is wrong");
}
}
return(View(model));
}
public static bool Authorize(UserAudit model)
{
var user = new UserAudit();
using (var session = Store.OpenSession())
{
user = session.Query <UserAudit, UserAudits_All>()
.Customize(cu => cu.WaitForNonStaleResults())
.Where(u => u.CompanyId == model.CompanyId)
.FirstOrDefault();
if (user == null)
{
return(true);
}
else if (model.SessionId == user.SessionId && ((DateTime.Now - model.LastAuthorization).Hours < 1) && model.SessionId != Guid.Empty)
{
return(true);
}
else if (user.CompanyId == model.CompanyId && user.Login == model.Login && user.Password == model.Password)
{
return(true);
}
else
{
return(false);
}
}
}
public override async Task <SignInResult> PasswordSignInAsync(TUser user, string password, bool isPersistent, bool lockoutOnFailure)
{
var result = await base.PasswordSignInAsync(user, password, isPersistent, lockoutOnFailure);
var appUser = user as IdentityUser;
if (appUser != null) // We can only log an audit record if we can access the user object and it's ID
{
var ip = _contextAccessor.HttpContext.Connection.RemoteIpAddress.ToString();
UserAudit auditRecord = null;
switch (result.ToString())
{
case "Succeeded":
auditRecord = UserAudit.CreateAuditEvent(appUser.Id, UserAuditEventType.Login, ip);
break;
case "Failed":
auditRecord = UserAudit.CreateAuditEvent(appUser.Id, UserAuditEventType.FailedLogin, ip);
break;
}
if (auditRecord != null)
{
_db.UserAuditEvents.Add(auditRecord);
await _db.SaveChangesAsync();
}
}
return(result);
}
public static void SaveUserAudit(UserAudit model)
{
using (var session = Store.OpenSession())
{
session.Store(model);
session.SaveChanges();
}
}
//POST : /api/ApplicationUser/Login
public async Task <IActionResult> Login(LoginModel model)
{
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
try
{
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] { new Claim("UserID", user.Id.ToString()) }),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var access_token = tokenHandler.WriteToken(securityToken);
UserAudit userAudit = new UserAudit
{
userId = user.Id,
ActionDate = DateTimeOffset.UtcNow,
ActionName = "Login",
Status = "Success"
};
_authenticationContext.Add(userAudit);
_authenticationContext.SaveChanges();
return(Ok(new { access_token }));
}
catch (Exception)
{
UserAudit userAudit = new UserAudit
{
userId = user.Id,
ActionDate = DateTimeOffset.UtcNow,
ActionName = "Login",
Status = "Failed - System Error"
};
_authenticationContext.Add(userAudit);
_authenticationContext.SaveChanges();
return(BadRequest(new { message = "Funtion System Error." }));;
}
}
else
{
UserAudit userAudit = new UserAudit
{
userId = user.Id,
ActionDate = DateTimeOffset.UtcNow,
ActionName = "Login",
Status = "Failed - Username or password is incorrect."
};
_authenticationContext.Add(userAudit);
_authenticationContext.SaveChanges();
return(BadRequest(new { message = "Username or password is incorrect." }));
}
}
private async Task <UserAudit> GetUserAuditAsync(IMongoDatabase db, string id)
{
IMongoCollection <UserAudit> col = db.GetCollection <UserAudit>("audit");
UserAudit audit = await col.AsQueryable()
.Where(x => x.Id == id)
.FirstOrDefaultAsync();
return(audit);
}
public static UserAudit GetUserBySession(Guid sessionId)
{
var user = new UserAudit();
using (var session = Store.OpenSession())
{
user = session.Query <UserAudit, UserAudits_All>()
.Customize(cu => cu.WaitForNonStaleResults())
.Where(u => u.SessionId == sessionId)
.FirstOrDefault();
}
return(user);
}
public async void AuditEvent(object sender, UserAuditEventArgs e)
{
var userAudit = new UserAudit
{
ActionType = e.UserActionType,
DateTime = e.DateTime,
EventDescription = e.EventDescription,
UserId = e.UserId,
};
await _repository.AddAsync(userAudit);
await _repository.Commit();
}
public static NewCompanyModel SaveNewCompany(NewCompanyModel model)
{
using (var session = Store.OpenSession())
{
var company = new Company
{
Id = model.Id,
Name = model.Name,
Budget = model.Budget,
AddressLine = model.AddressLine,
CompanyId = model.CompanyId,
OwnerId = model.OwnerId,
};
session.Store(company);
if (model.Login != null && model.Password != null)
{
var newCompanyId = company.Id;
var userAudit = new UserAudit
{
CompanyId = newCompanyId,
Login = model.Login,
Password = model.Password,
LastAuthorization = DateTime.Now
};
session.Store(userAudit);
company.OwnerId = userAudit.Id;
session.Store(company);
}
if (model.employees != null && model.employees.Count > 0)
{
foreach (var employee in model.employees)
{
employee.CompanyId = company.Id;
session.Store(employee);
}
}
session.SaveChanges();
}
return(model);
}
public CpventaMntItemFrm(TipoMantenimiento tipoMnt, VwCpventadet vwCpventadetMnt, List <VwCpventadet> vwCpventadetList, CpVentaItem cpVentaItemParameter)
{
InitializeComponent();
_errorProvider = new DXErrorProvider();
var styleController = new StyleController();
WinFormUtils.SetStyleController(this, styleController);
TipoMnt = tipoMnt;
VwCpventadetMnt = vwCpventadetMnt;
VwCpventadetList = vwCpventadetList;
CpVentaItemParameter = cpVentaItemParameter;
UserAudit = new UserAudit();
}
public async Task <IActionResult> OnGetAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
UserAudit = await _context.UserAudit.FirstOrDefaultAsync(m => m.UserAuditID == id);
if (UserAudit == null)
{
return(NotFound());
}
return(Page());
}
public override async Task SignOutAsync()
{
await base.SignOutAsync();
var user = await _userManager.FindByIdAsync(_userManager.GetUserId(_contextAccessor.HttpContext.User)) as IdentityUser;
if (user != null)
{
var ip = _contextAccessor.HttpContext.Connection.RemoteIpAddress.ToString();
var auditRecord = UserAudit.CreateAuditEvent(user.Id, UserAuditEventType.LogOut, ip);
_db.UserAuditEvents.Add(auditRecord);
await _db.SaveChangesAsync();
}
}
public async Task <IActionResult> OnPostAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
UserAudit = await _context.UserAudit.FindAsync(id);
if (UserAudit != null)
{
_context.UserAudit.Remove(UserAudit);
await _context.SaveChangesAsync();
}
return(RedirectToPage("./Index"));
}
public void Test_UserAudit_ValueToAudit()
{
var audit = new UserAudit();
audit.ValueToAudit(new User
{
Reputation = 10,
Name = "test",
Title = "test2",
EmailAddress = "test3",
Signature = "test4",
Status = UserStatus.Activated
});
Assert.AreEqual(10, audit.Reputation, "Reputation");
Assert.AreEqual("test", audit.Name, "Name");
Assert.AreEqual("test2", audit.Title, "Title");
Assert.AreEqual("test3", audit.EmailAddress, "EmailAddress");
Assert.AreEqual("test4", audit.Signature, "Signature");
Assert.AreEqual(UserStatus.Activated, audit.Status, "Status");
}
public static void SaveCompany(CompanyCreateEditModel model)
{
using (var session = Store.OpenSession())
{
var company = new Company
{
Id = model.Id,
Name = model.Name,
Budget = model.Budget,
AddressLine = model.AddressLine,
CompanyId = model.CompanyId,
OwnerId = model.OwnerId,
};
session.Store(company);
if (model.Login != null && model.Password != null)
{
var newCompanyId = company.Id;
var userAudit = new UserAudit
{
CompanyId = newCompanyId,
Login = model.Login,
Password = model.Password,
LastAuthorization = DateTime.Now
};
session.Store(userAudit);
company.OwnerId = userAudit.Id;
session.Store(company);
}
session.SaveChanges();
}
}
public async Task AddAuditAsync(UserAudit audit, IClientSessionHandle session)
{
IMongoCollection <UserAudit> col = _mongoDatabase.GetCollection <UserAudit>("audit");
await col.InsertOneAsync(session, audit, options : null);
}
