private void SeedData(ModelBuilder modelBuilder)
{
if (!System.Diagnostics.Debugger.IsAttached)
{
System.Diagnostics.Debugger.Launch();
}
var test = modelBuilder.Entity <User>().HasData(
new User
{
Id = 30,
FirstName = "test",
LastName = "user",
Email = "*****@*****.**",
CreatedAt = DateTime.UtcNow,
IsActive = true,
PasswordHash = BC.HashPassword("123456")
}
);
//var testuser = Users.FirstOrDefault();
modelBuilder.Entity <Post>().HasData(
new Post
{
Id = 30,
Title = "Post 1",
Content = "Content post 1",
CreatedAt = DateTime.UtcNow,
LastModifiedAt = DateTime.UtcNow,
UserId = 30
}
);
}
public async Task <ActionResult <dynamic> > Put(
[FromServices] DataContext context,
[FromBody] User model,
int userId
)
{
//Verificar se dados seguem model
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await context.user.Where(x => x.id == userId).SingleOrDefaultAsync();
//verificar se usuario realmente existe
if (user == null)
{
return(BadRequest(new { messsage = "Usuario não cadastrado!" }));
}
//atualizar dados do usuario
user.name = model.name;
user.password = BC.HashPassword(model.password);
await context.SaveChangesAsync();
return(model);
}
public IActionResult Login(string username, string password)
{
if (username == null || password == null)
{
ViewBag.Message = "Brugernavn og kodeord skal udfyldes";
return(View());
}
var user = _context.User.FirstOrDefault(u => u.Username == username);
if (user == null)
{
ViewBag.Message = "Ukendt brugernavn";
return(View());
}
else
{
if (BC.Verify(password, user.Password))
{
HttpContext.Session.SetInt32("UserId", user.Id);
return(Redirect("/home/Todos"));
}
else
{
ViewBag.Message = "Forkert brugernavn eller kodeord";
return(View());
}
}
}
public IActionResult Register(User user)
{
user.Password = BC.HashPassword(user.Password);
_context.User.Add(user);
_context.SaveChanges();
return(Redirect("/home/login"));
}
public async Task Create(User user)
{
string passwordHash = BC.HashPassword(user.Password);
user.Password = passwordHash;
await _context.Users.InsertOneAsync(user);
}
public async Task <IActionResult> Login([FromForm] AccessDto data)
{
try
{
var users = await _userRepository.Get(u => !u.IsDeleted);
var user = users.FirstOrDefault(u => u.Email == data.Email || u.Dni == data.Dni);
if (user == null)
{
return(Unauthorized(new { Message = "Incorrect user or password" }));
}
if (!Bcrypt.Verify(data.Password, user.Password ?? string.Empty))
{
return(Unauthorized(new { Message = "Incorrect user or password" }));
}
_httpContextAccessor.HttpContext.Session.SetString("UserId", user.Id.ToString());
_httpContextAccessor.HttpContext.Session.SetString("User_FullName", user.FullName);
return(RedirectToAction(nameof(Index)));
}
catch (Exception e)
{
return(BadRequest(new { Message = "Error.", Data = e.Message }));
}
}
public async Task Register(RegisterRequest model, string origin)
{
// validate
if (await _accountRepository.FindByEmail(model.Email) != null)
{
// send already registered error in email to prevent account enumeration
sendAlreadyRegisteredEmail(model.Email, origin);
return;
}
// map model to new account object
var account = _mapper.Map <Account>(model);
// first registered account is an admin
var isFirstAccount = await _accountRepository.GetCount() == 0;
account.Role = isFirstAccount ? Role.Admin : Role.User;
account.Created = DateTime.UtcNow;
account.VerificationToken = randomTokenString();
// hash password
account.PasswordHash = BC.HashPassword(model.Password);
// save account
await _accountRepository.Add(account);
// send email
sendVerificationEmail(account, origin);
}
public LoginResponse login([FromBody] LoginModel model, string ipAcesso)
{
var usuario = _context.Usuarios.SingleOrDefault(x => x.Email == model.Email);
if (usuario == null || BC.Verify(BC.HashPassword(model.Senha), usuario.SenhaHash))
{
throw new AppException("Email ou Senha estar Incorreto!");
}
//!usuario.IsVerificado
var JwtToken = generateJwtToken(usuario);
var refreshToken = generateRefreshToken(ipAcesso);
usuario.RecarregarToken.Add(refreshToken);
_context.Update(usuario);
_context.SaveChanges();
if (usuario.Role == Role.Auxi)
{
usuario.Id = _context.Auxiliars.SingleOrDefault(a => a.IdUsuario == usuario.Id).Id;
}
var reponse = _mapper.Map <LoginResponse>(usuario);
reponse.jwtToken = JwtToken;
reponse.RecarregarToken = refreshToken.Token;
return(reponse);
}
public async Task <IActionResult> ForgetPassword(int id, Account account)
{
if (id != account.Id)
{
return(BadRequest());
}
// hash password
String passwordHash = BC.HashPassword(account.Password);
account.Password = passwordHash;
_context.Entry(account).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!AccountExists(account.Id))
{
return(NotFound());
}
else
{
throw;
}
}
return(CreatedAtAction("GetAccount", new { id = account.Id }, account));
}
public IActionResult Update(int id, GetUserVM dataVM)
{
if (ModelState.IsValid)
{
var getData = _context.Users.Include("Role").SingleOrDefault(x => x.Id == id);
getData.Name = dataVM.Name;
getData.Email = dataVM.Email;
if (dataVM.Password != null)
{
if (!Bcrypt.Verify(dataVM.Password, getData.Password))
{
getData.Password = Bcrypt.HashPassword(dataVM.Password);
}
}
if (dataVM.RoleName != null)
{
var getRoleID = _context.Roles.SingleOrDefault(x => x.RoleName == dataVM.RoleName);
getData.RoleId = getRoleID.RoleId;
}
_context.Users.Update(getData);
_context.SaveChanges();
return(Ok("Successfully Updated"));
}
return(BadRequest("Not Successfully"));
}
public async Task <IActionResult> Register([FromBody] RegisterPayload registerPayload)
{
try
{
var existingUserWithMail = _db.Users
.Any(u => u.Email == registerPayload.Email);
if (existingUserWithMail)
{
// return message that this mail is taken
}
var userToCreate = new User
{
Email = registerPayload.Email,
FirstName = registerPayload.FirstName,
LastName = registerPayload.LastName,
PasswordHash = BC.HashPassword(registerPayload.Password),
Role = "SimpleUser",
};
_db.Users.Add(userToCreate);
_db.SaveChanges();
return(Ok(new { status = true, user = userToCreate }));
}
catch (Exception)
{
return(new StatusCodeResult(StatusCodes.Status500InternalServerError));
}
}
public static String HashGenerated(String value)
{
String salt = Bcrypt.GenerateSalt();
String hash = Bcrypt.HashPassword(value, salt);
return(hash);
}
public async Task <AuthenticateResponse> AuthenticateAsync(AuthenticateRequest model, string ipAddress)
{
Account account = await _context.Accounts.SingleOrDefaultAsync(x => x.Email == model.Email);
if (account == null || !account.IsVerified || !BC.Verify(model.Password, account.PasswordHashed))
{
throw new ApiProblemDetailsException("Username or password is incorrect", StatusCodes.Status401Unauthorized);
}
;
// authentication successful so generate jwt and refresh tokens
string jwtToken = GenerateJwtToken(account);
var refreshToken = GenerateRefreshToken(ipAddress);
account.RefreshTokens.Add(refreshToken);
// remove old refresh tokens from account
RemoveOldRefreshTokens(account);
// save changes to db
_context.Update(account);
await _context.SaveChangesAsync();
var response = _mapper.Map <AuthenticateResponse>(account);
response.JwtToken = jwtToken;
response.RefreshToken = refreshToken.Token;
response.Expires = DateTime.Now.AddMinutes(_jwtSettings.DurationInMinutes);
return(response);
}
public AuthenticateResponse Authenticate(AuthenticateRequest model, string ipAddress)
{
var account = _context.Accounts.SingleOrDefault(x => x.Email == model.Email);
if (account == null || !account.IsVerified || !BC.Verify(model.Password, account.PasswordHash))
{
throw new AppException("Email or password is incorrect");
}
// authentication successful so generate jwt and refresh tokens
var jwtToken = generateJwtToken(account);
var refreshToken = generateRefreshToken(ipAddress);
account.RefreshTokens.Add(refreshToken);
// remove old refresh tokens from account
removeOldRefreshTokens(account);
// save changes to db
_context.Update(account);
_context.SaveChanges();
var response = _mapper.Map <AuthenticateResponse>(account);
response.JwtToken = jwtToken;
response.RefreshToken = refreshToken.Token;
return(response);
}
public bool Verify(string plainText, string hash, string salt)
{
var saltedText = salt + plainText;
var encryptedText = _encryptionService.Encrypt(saltedText);
return(BCryptHasher.EnhancedVerify(encryptedText, hash));
}
public async Task <ActionResult> PutUser([FromBody] UserDTO userDto, Guid userId, Guid tenantId)
{
if (await _tenantRepo.GetById(tenantId) == null)
{
return(BadRequest("Invalid tenant id"));
}
if (await _repository.GetById(userId) == null)
{
return(BadRequest("Invalid user id"));
}
if (!ModelState.IsValid)
{
return(BadRequest("User not updated properly"));
}
userDto.Password = BC.HashPassword(userDto.Password);
User user = await _repository.GetById(userId);
user.Username = userDto.Username;
user.Password = userDto.Password;
user.Role = userDto.Role;
user.Email = userDto.Email;
await _repository.Update(user);
return(Ok("User Updated Successfully.."));
}
public AuthenticateAccountResponse Register(RegisterAccountRequest request)
{
if (_context.Accounts.Any(x => x.EmailAddress == request.EmailAddress))
{
// There is already an account with given email address
throw new AccountAlreadyExistsException();
}
// Create new account object from the request model
var account = new Account()
{
UserFullName = request.UserFullName,
EmailAddress = request.EmailAddress,
PasswordHash = BC.HashPassword(request.Password)
};
// Save account
_context.Accounts.Add(account);
_context.SaveChanges();
// Create a response that includes the access token
var response = new AuthenticateAccountResponse
{
AccountId = account.AccountId,
UserFullName = account.UserFullName,
EmailAddress = account.EmailAddress,
AccessToken = GenerateJsonWebToken(account)
};
return(response);
}
public async Task <ActionResult <User> > UserLogin([FromBody] LoginDTO loginDto, Guid tenantId)
{
if (await _tenantRepo.GetById(tenantId) == null)
{
return(BadRequest("Invalid tenant id"));
}
if (!ModelState.IsValid)
{
return(BadRequest("Email or password is invalid"));
}
User user = await _repository.FirstOrDefault(x => x.Email == loginDto.Email && x.TenantId == tenantId);
if (user == null)
{
return(BadRequest("Email or password is invalid"));
}
if (!BC.Verify(loginDto.Password, user.Password))
{
return(BadRequest("Email or password is invalid"));
}
var token = _tokenManager.CreateToken(user);
return(Ok(token));
}
public AccountResponse Update(string id, UpdateRequest model)
{
var account = accountRepository.GetById(ObjectId.Parse(id));
if (account.Email != model.Email &&
accountRepository.GetAll().SingleOrDefault(x => x.Email == model.Email) != null)
{
throw new NotImplementedException();
}
{
throw new Exception($"Email {model.Email} has been taken");
}
// hash password if it was entered
if (!string.IsNullOrEmpty(model.Password))
{
account.PasswordHash = BC.HashPassword(model.Password);
}
// copy model to account and save
mapper.Map(model, account);
account.Updated = DateTime.UtcNow;
accountRepository.Update(account, account.Id);
return(mapper.Map <AccountResponse>(account));
}
public async Task Register(RegisterRequest model, string origin)
{
if (accountRepository.GetAll().SingleOrDefault(x => x.Email == model.Email) != null)
{
await sendAlreadyRegisteredEmail(model.Email, origin);
throw new Exception($"Email {model.Email} has been registered");
}
var account = mapper.Map <Account>(model);
var isFirstAccount = !accountRepository.GetAll().Any();
account.Role = isFirstAccount ? Role.Admin : Role.User;
account.Created = DateTime.UtcNow;
// hash password
account.PasswordHash = BC.HashPassword(model.Password);
await accountRepository.AddAsync(account);
if (model.IsExternalRegister == true)
{
account.VerificationToken = string.Empty;
account.Verified = DateTime.Now;
await accountRepository.UpdateAsync(account, account.Id);
return;
}
account.VerificationToken = Extension.randomOTPString();
await accountRepository.UpdateAsync(account, account.Id);
await sendVerificationEmail(account, origin);
}
public async Task <ActionResult <Account> > PostAccount(Account account)
{
account.IsActive = true;
account.RoleId = 1;
account.IsHD = true;
// hash password
String passwordHash = BC.HashPassword(account.Password);
account.Password = passwordHash;
_context.Accounts.Add(account);
await _context.SaveChangesAsync();
int id = account.Id;
account.User.CreatedDate = DateTime.Now;
account.User.LastLogOnDate = DateTime.Now;
account.User.Gender = true;
account.User.PubishFree = 3;
_context.Users.Add(account.User);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetAccount", new { id = account.Id }, account));
}
public void Register(RegisterRequest model, string origin)
{
// validate
if (_context.Accounts.Any(x => x.Email == model.Email))
{
// send already registered error in email to prevent account enumeration
sendAlreadyRegisteredEmail(model.Email, origin);
return;
}
// map model to new account object
var account = _mapper.Map <Account>(model);
// first registered account is an admin
var isFirstAccount = _context.Accounts.Count() == 0;
account.Role = isFirstAccount ? Role.Admin : Role.User;
account.Created = DateTime.UtcNow;
account.VerificationToken = randomTokenString();
// hash password
account.PasswordHash = BC.HashPassword(model.Password);
// save account
_context.Accounts.Add(account);
_context.SaveChanges();
// send email
sendVerificationEmail(account, origin);
}
/// <summary>
/// Checks if given login information is correct and returns value
/// </summary>
/// <param name="name">Username input</param>
/// <param name="pwd">Password input</param>
/// <returns>true if given login infomation is correct</returns>
private bool CheckLoginInfo(string name, char[] pwd)
{
try
{
string query = "SELECT password FROM user WHERE @name LIKE username";
MySqlCommand cmd = new MySqlCommand(query, Connection)
{
CommandTimeout = 60
};
Connect();
cmd.Parameters.AddWithValue("@name", name);
cmd.Prepare();
string retVal = cmd.ExecuteScalar() == null ? "." : cmd.ExecuteScalar().ToString();
CloseConnection();
return(!retVal.Equals(".") && Hash.CheckPassword(GetStringFromChar(pwd), retVal));
}
catch (Exception ex)
{
Buchhaltung.Log(ex.Message);
Buchhaltung.SaveErrorMsg(ex);
}
return(false);
}
public void VerifyPassword(string password, string passwordHash)
{
if (!BC.Verify(password, passwordHash))
{
throw new MainException(ErrorCode.NotFound, "User could not be found");
}
}
public async Task <IActionResult> ChangePassword(string newPassword, string confirmPassword)
{
var userId = HttpContext.Session.GetInt32("UserId");
if (userId == null)
{
return(Redirect("/login/login"));
}
User user = await _dbContext.Users.FirstOrDefaultAsync(u => u.UserId == userId);
if (user != null && user.UserId == userId)
{
if (!string.IsNullOrWhiteSpace(newPassword) && !string.IsNullOrWhiteSpace(confirmPassword))
{
if (newPassword == confirmPassword)
{
user.Password = BC.HashPassword(confirmPassword);
}
}
_dbContext.Update(user);
_dbContext.SaveChanges();
}
return(Redirect("/"));
}
public async Task <IActionResult> Register([FromForm] AccessDto data)
{
try
{
var user = await _userRepository.Get(u => !u.IsDeleted && u.Email == data.Email || u.Dni == data.Dni);
if (user.Any())
{
return(BadRequest(new { Message = "Existing user" }));
}
await _userRepository.Insert(new User
{
Id = new Guid(),
FullName = data.FullName,
Dni = data.Dni,
Role = await _roleRepository.GetById(RoleEnum.Standard),
Email = data.Email,
Password = Bcrypt.HashPassword(data.Password)
});
await _userRepository.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
catch (Exception ex)
{
return(BadRequest(new { Message = "Error.", Data = ex.Message }));
}
}
public async Task <Account> RegisterAsync(RegisterRequest model)
{
// validate
if (await _context.Accounts.AnyAsync(x => x.Email == model.Email))
{
throw new ApiProblemDetailsException("Email already exists.", StatusCodes.Status422UnprocessableEntity);
}
if (await _context.Accounts.AnyAsync(x => x.Username == model.Username))
{
throw new ApiProblemDetailsException("Username already exists.", StatusCodes.Status422UnprocessableEntity);
}
// map model to new account object
Account account = _mapper.Map <Account>(model);
account.Role = AccountRole.Basic;
account.CreatedAt = DateTime.UtcNow;
account.VerificationToken = RandomTokenString();
// hash password
account.PasswordHashed = BC.HashPassword(model.Password);
// save account
_context.Accounts.Add(account);
await _context.SaveChangesAsync();
return(account);
}
public IActionResult Login(string username, string password)
{
if (username == null || password == null)
{
ViewBag.Message = "Please fill out both forms";
return(View());
}
string email = _protector.Protect(username);
User user = _context.User.FirstOrDefault(u => u.Username == username || u.Email == email);
if (user == null)
{
ViewBag.Message = "No such user exists (or wrong password)";
return(View());
}
else
{
if (!BC.Verify(password, user.Password))
{
ViewBag.Message = "Wrong password (or unknown user)";
return(View());
}
else
{
HttpContext.Session.SetInt32("UserId", user.Id);
Console.WriteLine($"User {user.Username} logged in");
return(Redirect("/"));
}
}
}
public IActionResult Create(GetUserVM getUserVM)
{
var getUser = _context.Users.Where(x => x.Email == getUserVM.Email);
if (getUser.Count() == 0)
{
if (ModelState.IsValid)
{
var getRoleId = _context.Roles.SingleOrDefault(x => x.RoleName == getUserVM.RoleName);
var usr = new User
{
Name = getUserVM.Name,
Email = getUserVM.Email,
Password = Bcrypt.HashPassword(getUserVM.Password),
RoleId = getRoleId.RoleId,
VerifyCode = null,
CreateDate = DateTimeOffset.Now,
isDelete = false
};
_context.Users.Add(usr);
_context.SaveChanges();
return(Ok("Successfully Created"));
}
return(BadRequest("Not Successfully"));
}
return(BadRequest("Email Already Exists "));
}
public async Task <IActionResult> CheckLogin(LoginViewModel emp)
{
var checkLogin = await _employeeService.CheckLogin(emp.Username);
if (checkLogin != null && BC.Verify(emp.Password, checkLogin.Password))
{
string tokenKey = _appSettings.SerectKey;
var tokenHandler = new JwtSecurityTokenHandler();
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var tokenDescripter = new SecurityTokenDescriptor
{
Issuer = "NgocSy",
Audience = "NgocSy",
Subject = new ClaimsIdentity(new Claim[] {
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), //Id of JWT
new Claim("Id", checkLogin.Id.ToString()),
new Claim(ClaimTypes.Role, checkLogin.IdRoleNavigation.NameRole.ToString())
}),
Expires = DateTime.UtcNow.AddHours(1),
SigningCredentials = credentials
};
var token = tokenHandler.CreateToken(tokenDescripter);
return(Ok(tokenHandler.WriteToken(token)));
}
return(BadRequest(new { message = "Fail login!" }));
}
public bool UpdatePassword(int userId, string password)
{
var update = false; //security check
var emailAddr = email;
if(S.Server.resetPass == true && userId == 1)
{
//securely change admin password
//get admin email address from database
var parameters = new List<SqlParameter>();
parameters.Add(new SqlParameter("$userId", userId.ToString(), 0, enumSqlParameterType.isNumber));
emailAddr = (string)S.Sql.ExecuteScalar("EXEC GetUserEmail @userId=$userId", parameters);
if (emailAddr != "" && emailAddr != null) { update = true; }
}
if(update == true)
{
var bCrypt = new BCrypt.Net.BCrypt();
var encrypted = BCrypt.Net.BCrypt.HashPassword(password, S.Server.bcrypt_workfactor);
var sqlUser = new SqlQueries.User(S);
sqlUser.UpdatePassword(userId, encrypted);
S.Server.resetPass = false;
}
return false;
}
public string EncryptPassword(string password)
{
BCrypt.Net.BCrypt bCrypt = new BCrypt.Net.BCrypt();
password = BCrypt.Net.BCrypt.HashPassword(password, BCrypt.Net.BCrypt.GenerateSalt(6));
return password;
}
