public void Post([FromBody] string value)
{
UserWithPassword newUser = JsonConvert.DeserializeObject <UserWithPassword>(value);
IUserWriter userWriter = new UserWriter();
userWriter.CreateUser(newUser);
}
public void UpdatePassword(UserWithPassword user)
{
user.Password = new SecurityHelper().HashPassword(user.Password, 20);
string updatePassword = "******";
dbr.UpdateData(updatePassword, user);
}
public async Task <IActionResult> Create([FromRoute] string membershipId, [FromBody] CreateUserFormModel model)
{
var membership = await this.membershipService.GetAsync(membershipId);
if (membership == null)
{
return(this.MembershipNotFound(membershipId));
}
var userModel = new UserWithPassword
{
Username = model.Username,
EmailAddress = model.EmailAddress,
FirstName = model.FirstName,
LastName = model.LastName,
Role = model.Role,
MembershipId = membershipId,
PasswordHash = this.cryptographyService.CalculatePasswordHash(membership, model.Password)
};
var utilizer = this.GetUtilizer();
var user = await this.userService.CreateAsync(utilizer, membershipId, userModel);
return(this.Created($"{this.Request.Scheme}://{this.Request.Host}{this.Request.Path}/{user.Id}", user));
}
public async Task <Failable <User> > RegisterAsync(UserWithPassword user)
{
const string settingsName = "RegisterClientBaseAddress";
try
{
var uri = AssemblyConfig <RegisterClient> .GetValue(settingsName);
var response = await Client.PostAsync(new Uri(uri), user.ToJsonContent());
var result = await HandleResponseAsync <User>(response);
if (result.IsSucceeded())
{
await UpdateCookiesAsync(response);
}
await UpdateCurrentUserAsync(result.Value);
return(result);
}
catch (Exception e)
{
Console.WriteLine(e);
return(new Failable <User>(e));
}
}
private void ValidateCreateUser(UserWithPassword user)
{
if (String.IsNullOrEmpty(user.Email) || String.IsNullOrEmpty(user.Name) || String.IsNullOrEmpty(user.LastName) ||
String.IsNullOrEmpty(user.Password))
{
throw new IncorrectRequestFormatException("The user data is incomplete");
}
}
public async Task <IActionResult> Migrate([FromBody] MigrationModel model)
{
if (model.Membership == null)
{
throw ErtisAuthException.ValidationError(new[] { "membership is required" });
}
if (model.User == null)
{
throw ErtisAuthException.ValidationError(new[] { "user is required" });
}
if (!this.Request.Headers.ContainsKey("ConnectionString"))
{
throw ErtisAuthException.ValidationError(new[] { "ConnectionString must be post in header" });
}
var connectionString = this.Request.Headers["ConnectionString"];
var membership = new Membership
{
Name = model.Membership.Name,
ExpiresIn = model.Membership.ExpiresIn,
RefreshTokenExpiresIn = model.Membership.RefreshTokenExpiresIn,
HashAlgorithm = model.Membership.HashAlgorithm,
DefaultEncoding = model.Membership.DefaultEncoding,
SecretKey = model.Membership.SecretKey
};
var user = new UserWithPassword
{
Username = model.User.Username,
EmailAddress = model.User.EmailAddress,
FirstName = model.User.FirstName,
LastName = model.User.LastName,
PasswordHash = model.User.Password
};
Application application = null;
if (model.Application != null)
{
application = new Application
{
Name = model.Application.Name,
Role = model.Application.Role
};
}
this.Request.HttpContext.Items.Add("SysUtilizer", "migration");
var migrationResult = await this.migrationService.MigrateAsync(connectionString, membership, user, application);
return(this.Ok(migrationResult));
}
public void Post([FromBody] string value)
{
ValidateRequest();
UserWithPassword newUserDetails = JsonConvert.DeserializeObject <UserWithPassword>(value);
IUserWriter iWriter = new UserWriter();
if (Convert.ToInt32(this.HttpContext.Request.Headers["UserId"]) == newUserDetails.Id)
{
iWriter.UpdatePassword(newUserDetails);
}
}
public void CreateUserTest()
{
UserWithPassword user = new UserWithPassword
{
Email = Guid.NewGuid().ToString() + "Onet.pl",
LastName = Guid.NewGuid().ToString(),
Name = Guid.NewGuid().ToString(),
Password = "******"
};
writer = new UserWriter();
writer.CreateUser(user);
}
public void CreateUser(UserWithPassword user)
{
ValidateCreateUser(user);
if (userReader.GetUser(user.Email) != null)
{
throw new UserAlreadyExistsException("The user already exists");
}
user.Password = new SecurityHelper().HashPassword(user.Password, 20);
string insertUser = "******";
string insertPassword = $"insert into Passwords (OwnerId, Password) values ((select id from users where email = @Email), @Password)";
dbr.InsertDataInTransaction(new string[] { insertUser, insertPassword }, user);
}
public void RegisterUser(string username, string password)
{
if (UserExists(username))
{
throw new UserServiceException($"The user {username} already exist.");
}
var userWithPassword = new UserWithPassword
{
User = new User(username),
Password = password
};
savedUsers.Add(username, userWithPassword);
}
public void Put(String id, UserWithPassword value)
{
if (value.Password != value.PasswordNew || string.IsNullOrWhiteSpace(value.Password) || string.IsNullOrWhiteSpace(value.PasswordNew))
{
throw new Exception("Not matching passwords");
}
User current = _login.CurrentUser();
if (!current.IsAdmin && id != current.Id.ToString())
{
throw new Exception();
}
var user = _users.GetById(Guid.Parse(id));
_users.UpdatePassword(id, user.Password, value.PasswordNew);
_attempts.Delete(Guid.Parse(id));
}
public async Task <IActionResult> DeleteUser(
[FromHeader] string jwttoken,
[FromBody] UserWithPassword uwp)
{
// Permission Level Admin
if (this.jwtService.PermissionLevelValid(jwttoken, "admin"))
{
try
{
if (this.jwtService.ValidateJwtKey(jwttoken))
{
if (this.jwtService.GetUIDfromJwtKey(jwttoken) == uwp.Uid)
{
if (!this.ModelState.IsValid)
{
return(this.BadRequest(this.ModelState));
}
var user = await this._context.User.FindAsync(uwp.Uid);
if (user == null)
{
return(this.NotFound());
}
this._context.User.Remove(user);
await this._context.SaveChangesAsync();
this.firebase.DeleteUser(uwp.Uid, uwp.Password);
return(this.Ok(user));
}
}
}
catch (SecurityTokenExpiredException)
{
return(new StatusCodeResult(StatusCodes.Status418ImATeapot));
}
}
return(this.Unauthorized());
}
public String Post(UserWithPassword value)
{
if (value.Password != value.PasswordNew)
{
throw new Exception("Not matching passwords");
}
User current = _login.CurrentUser();
if (!current.IsAdmin)
{
throw new Exception();
}
_users.Add(new Repos.User
{
Id = Guid.NewGuid(),
IsAdmin = value.IsAdmin,
Login = value.Login,
Password = value.Password
});
return(value.Id.ToString());
}
public UserWithPassword CreateUser(string username, string password)
{
UserWithPassword result = null;
ISession session = null;
try
{
User user = new User();
user.Username = username;
user.Password = password;
session = DataLayer.GetSession();
bool usernameInUse = ValidateUsername(session, user.Id, user.Username);
if (usernameInUse)
{
//return result;//new UsernameTaken();
result = null;
}
else
{
session.Save(user);
session.Flush();
result = new UserWithPassword(user);
session.Close();
//result = new UserCreated();
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
if (session != null)
{
session.Close();
}
}
return(result);
}
public UserWithPassword GetUser(string username, string password)
{
UserWithPassword result = null;
ISession session = null;
try
{
session = DataLayer.GetSession();
User user = session.Query <User>()
.Where(u => u.Username.Equals(username))
.Where(u => u.Password.Equals(password)).FirstOrDefault();
result = new UserWithPassword(user);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
if (session != null)
{
session.Close();
}
}
return(result);
}
public UserWithPassword Post(UserWithPassword user)
{
service = Service.UserService;
return(service.GetUser(user.Username, user.Password));
}
public async Task <dynamic> MigrateAsync(string connectionString, Membership _membership, UserWithPassword _user)
{
// Validation
var databaseInformation = Ertis.MongoDB.Helpers.ConnectionStringHelper.ParseConnectionString(connectionString);
var connectionString1 = Ertis.MongoDB.Helpers.ConnectionStringHelper.GenerateConnectionString(this.databaseSettings);
var connectionString2 = Ertis.MongoDB.Helpers.ConnectionStringHelper.GenerateConnectionString(databaseInformation);
if (connectionString1 != connectionString2)
{
throw ErtisAuthException.MigrationRejected("Connection string could not validated");
}
// 1. Membership
var membership = await this.membershipService.CreateAsync(new Membership
{
Name = _membership.Name,
DefaultEncoding = _membership.DefaultEncoding,
HashAlgorithm = _membership.HashAlgorithm,
ExpiresIn = _membership.ExpiresIn,
RefreshTokenExpiresIn = _membership.RefreshTokenExpiresIn,
SecretKey = string.IsNullOrEmpty(_membership.SecretKey) ? GenerateRandomSecretKey(32) : _membership.SecretKey
});
// Utilizer
var utilizer = new Utilizer
{
Role = Rbac.ReservedRoles.Administrator,
Type = Utilizer.UtilizerType.System,
MembershipId = membership.Id
};
// 2. Role
var adminRole = await this.roleService.CreateAsync(utilizer, membership.Id, new Role
{
Name = Rbac.ReservedRoles.Administrator,
Description = "Administrator",
MembershipId = membership.Id,
Permissions = RoleHelper.AssertAdminPermissionsForReservedResources()
});
// 3. User (admin)
var adminUser = await this.userService.CreateAsync(utilizer, membership.Id, new UserWithPassword
{
Username = _user.Username,
FirstName = _user.FirstName,
LastName = _user.LastName,
EmailAddress = _user.EmailAddress,
Role = adminRole.Name,
MembershipId = membership.Id,
PasswordHash = this.cryptographyService.CalculatePasswordHash(membership, _user.PasswordHash)
});
return(new
{
membership,
user = adminUser,
role = adminRole
});
}
public async Task <IActionResult> PostUser([FromBody] UserWithPassword userWithPassword, [FromQuery] string apikey)
{
// Permission Level Everyone
if (this.auth.KeyIsValid(apikey))
{
if (!this.ModelState.IsValid)
{
return(this.BadRequest(this.ModelState));
}
var authProvider = new FirebaseAuthProvider(new FirebaseConfig(this.apikey));
try
{
var auth = await authProvider.CreateUserWithEmailAndPasswordAsync(userWithPassword.Email, userWithPassword.Password);
var firebasetoken = authProvider.SignInWithEmailAndPasswordAsync(userWithPassword.Email, userWithPassword.Password).Result.FirebaseToken;
await this.firebase.SendVerificationEmail(firebasetoken);
// TODO check if usefull
if (auth.User == null)
{
return(this.BadRequest(this.ModelState));
}
User user = new User
{
Name = userWithPassword.Name,
Surname = userWithPassword.Surname,
Email = userWithPassword.Email,
Birthday = userWithPassword.Birthday,
CouncilID = userWithPassword.Council_id,
UID = auth.User.LocalId,
Sex = userWithPassword.Sex,
Address = userWithPassword.Address,
Note = userWithPassword.Note,
};
string token = this.jwtService.CreateKey(user.UID, user.CouncilID);
this.telBot.SendTextMessage($"User Created, Name: {user.Name} {user.Surname} ");
var userreturn = new
{
User = user,
JwtToken = token
};
this._context.User.Add(user);
await this._context.SaveChangesAsync();
return(this.Ok(userreturn));
// return this.CreatedAtAction("GetUser", new { id = user.UID }, Tuple.Create(user, token));
}
// Catch Email Exists usw.
catch (Exception e)
{
this.telBot.SendTextMessage($"Error at USER CREATE with E-Mail: {userWithPassword.Email}");
// { "error": { "code": 400, "message": "EMAIL_EXISTS", "errors": [ { "message": "EMAIL_EXISTS", "domain": "global", "reason": "invalid" } ] } }
return(this.BadRequest(this.ModelState));
}
}
return(this.Unauthorized());
}
