public static async Task <Result> ChangePassword(int id, string o, string n, bool passwordReset = false)
{
using (var c = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
var k = await Q.From(User.T).Where(x => x.Id.EqV(id)).FirstOrDefault <User>(c.Connection);// c.Users.FirstOrDefault(x => x.Id == id);
if (k.PasswordHash.SequenceEqual(Salting(o, k.Salt)) || passwordReset)
{
var ctc = ChangeTrackingContext.StartWith(k);
k.PasswordHash = Salting(n, k.Salt);
await ctc.Commit(c.Connection);
}
else
{
c.Connection.Close();
return(new Result {
Success = false, Error = "old password was incorrect"
});
}
c.Connection.Close();
return(new Result {
Success = true
});
}
}
public static async Task <CreateResult> CreateUser(string username, string email, string pwdhash)
{
using (var cont = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
var exists = await FindUserByName(cont.Connection, username);
if (exists != null)
{
//await ChangePassword(exists.Id, "2", pwdhash);
return(new CreateResult {
Success = false, Error = "Username already taken"
});
}
exists = await FindUserByEmail(cont.Connection, email);
if (exists != null)
{
return new CreateResult {
Success = false, Error = "Email already in use"
}
}
;
var minedsalt = GenerateSalt();
var saltedpw = Salting(pwdhash, minedsalt);
User c = new User(username.TrimEnd(), saltedpw, email.TrimEnd(), minedsalt);
await Q.InsertOne(cont.Connection, c);
cont.Connection.Close();
return(new CreateResult {
Success = true, Id = c.Id, EMail = c.Email, Username = c.Username
});
}
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var controller = (BaseController)context.Controller;
using (controller.Context = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
await next.Invoke();
controller.Context.Connection.Close();
}
//await controller.Context.SaveChangesAsync();
}
public static async Task <Result> SendPasswortResetEmail(string email)
{
using (var con = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
User exists = null;
if (email != null)
{
exists = await FindUserByName(con.Connection, email);
}
if (exists == null)
{
exists = await FindUserByEmail(con.Connection, email);
if (exists == null)
{
return new Result {
Success = false, Error = "user could not be found"
}
}
;
}
var sender = new OutlookDotComMail(mailUser, mailUserPwd);
var payload = new Dictionary <string, object>()
{
{ "Expires", DateTime.UtcNow.AddDays(1) },
{ "Id", exists.Id },
{ "Created", DateTime.UtcNow }
};
var token = JsonWebToken.Encode(new Dictionary <string, object>(), payload, SecretKey, JsonWebToken.JwtHashAlgorithm.HS256);
var tokenUser = new TokenUserId(token, exists.Id);
tokenUser.Timestamp = DateTime.UtcNow;
await Q.InsertOne(con.Connection, tokenUser);
sender.SendMail(exists.Email, "NSSL Password Reset",
$"Dear {exists.Username},\r\n\r\n" +
"This email was automatically sent following your request to reset your password.\r\n" +
"To reset your password, click this link or paste it into your browser's address bar:\r\n" +
"https://nssl.susch.eu/password/site/reset?token=" + token +
"\r\n\r\n" +
"If you did not forget your password, please ignore this email. Thank you.\r\n\r\n" +
"Kind Regards,\r\n" +
"NSSL Team");
con.Connection.Close();
return(new Result {
Success = true, Error = ""
});
}
}
public static async Task <LoginResult> Login(string username, string email, string passwordhash)
{
using (var con = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
User exists = null;
if (username != null)
{
exists = await FindUserByName(con.Connection, username);
}
if (exists == null)
{
if (email == null)
{
return new LoginResult {
Success = false, Error = "user could not be found"
}
}
;
exists = await FindUserByEmail(con.Connection, email);
if (exists == null)
{
return new LoginResult {
Success = false, Error = "user could not be found"
}
}
;
}
if (!Salting(passwordhash, exists.Salt).SequenceEqual(exists.PasswordHash))
{
con.Connection.Close();
return(new LoginResult {
Success = false, Error = "password is incorrect"
});
}
var payload = new Dictionary <string, object>()
{
{ "Expires", DateTime.UtcNow.AddMonths(1) },
{ "Id", exists.Id },
{ "Created", DateTime.UtcNow }
};
con.Connection.Close();
return(new LoginResult {
Success = true, Error = "", Token = JsonWebToken.Encode(new Dictionary <string, object>(), payload, SecretKey, JsonWebToken.JwtHashAlgorithm.HS256), Id = exists.Id, EMail = exists.Email, Username = exists.Username
});
}
}
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
private async static void DoStuff()
{
Registry.RegisterTypeToTable <Product, ProductsTable>();
Registry.RegisterTypeToTable <GtinEntry, GtinsTable>();
Registry.RegisterTypeToTable <ProductsGtins, ProductsGtinsTable>();
Registry.RegisterTypeToTable <ListItem, ListItemTable>();
Registry.RegisterTypeToTable <Contributor, ContributorTable>();
Registry.RegisterTypeToTable <User, UserTable>();
Registry.RegisterTypeToTable <ShoppingList, ShoppingListTable>();
Registry.RegisterTypeToTable <TokenUserId, TokenUserTable>();
using (var c = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
c.Connection.Close();
}
//I like my do Stuff methods :)
EdekaDatabaseUpdater.Initialize();
}
public static async Task <Result> ResetPassword(string token, string n)
{
using (var c = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
var rpt = await Q.From(TokenUserId.T).Where(x => x.Timestamp.GtV(DateTime.UtcNow.AddDays(-1)).And(x.ResetToken.EqV(token))).FirstOrDefault <TokenUserId>(c.Connection);
if (rpt == null)
{
return new Result {
Success = false, Error = "Token Expired or password reset was not requested"
}
}
;
var user = await Q.From(T).Where(x => x.Id.EqV(rpt.UserId)).FirstOrDefault <User>(c.Connection);
if (user == null)
{
return new Result {
Success = false, Error = "User for the token doesn't exists anymore"
}
}
;
await ChangePassword(user.Id, "", n, true);
await Q.DeleteFrom(TokenUserId.T).Where(x => x.Timestamp.EqV(rpt.Timestamp).And(x.ResetToken.EqV(rpt.ResetToken).And(x.UserId.EqV(rpt.UserId)))).Execute(c.Connection);
var sender = new OutlookDotComMail(mailUser, mailUserPwd);
sender.SendMail(user.Email, "NSSL Password Reset",
$@"Dear {user.Username},
This email was sent to you, because you have successfully changed your password.
If it wasn't you, than this might be an indicator, that someone has access to your email account.
Kind Regards,
NSSL Team");
c.Connection.Close();
return(new Result {
Success = true
});
}
}
public static async Task <ShoppingList> LoadShoppingList(int listId, bool alreadyBought, int userId)
{
using (var con = new DBContext(await NsslEnvironment.OpenConnectionAsync(), true))
{
var list = await Q.From(Contributor.T)
.InnerJoin(ShoppingList.T).On((c, sl) => c.ListId.Eq(sl.Id))
.Where(
(c, sl) => c.UserId.EqV(userId),
(c, sl) => sl.Id.EqV(listId)
)
.Select(new RawSql(ShoppingList.T.TableAlias + ".*")).Limit(1)
.FirstOrDefault <ShoppingList>(con.Connection);
if (list == null)
{
return new ShoppingList {
}
}
; //TODO Nicht leere Liste zurückgeben
var tempQuery = Q.From(ListItem.T).Where(l => l.ListId.EqV(list.Id)).OrderBy(t => t.Id.Asc());
if (!alreadyBought)
{
list.Products = await tempQuery.Where(l => l.Amount.Neq(Q.P("a", 0))).ToList <ListItem>(con.Connection);
}
else
{
list.Products = await tempQuery.Where(l => l.Amount.Eq(Q.P("a", 0))).ToList <ListItem>(con.Connection);
}
//list.Products = await Q.From(ListItem.T).Where(l => l.ListId.EqV(list.Id))
// .OrderBy(t => t.Id.Asc())
// .Where(l => l.Amount.Neq(Q.P("a", 0)))
// .ToList<ListItem>(con.Connection);
con.Connection.Close();
return(list);
}
}
