public ActionResult Register(RegisterDTO register) { var customer = customerService.FindByEmail(register.Email); if (customer != null || register.Password != register.ConfirmPassword) { return(new HttpStatusCodeResult(400)); } CustomerM newCustomer = new CustomerM() { FirstName = register.FirstName, LastName = register.LastName, Address = register.Address, Email = register.Email, Password = authService.HashPassword(register.Password), Blocked = false, Activated = false, IsAdmin = false, }; customerService.Save(newCustomer); var token = authService.GenerateJWT(newCustomer); FormsAuthentication.SetAuthCookie(token, true); HttpContext.Response.SetCookie(new HttpCookie("Role", "REGULAR")); return(Redirect("/Home")); }
public void updateCustomer(CustomerM Customer) { string spName = @"[dbo].[updateCustomer]"; using (SqlCommand cmd = new SqlCommand(spName, SQLConnection)) { SqlParameter[] parms = new SqlParameter[5]; string[] names = { "@CustomerID", "@Fname", "@Phone_number", "@Lname", "@Address" }; SqlDbType[] DBtypes = { SqlDbType.Int, SqlDbType.VarChar, SqlDbType.VarChar, SqlDbType.VarChar, SqlDbType.VarChar }; Object[] values = { Customer.CustomerID, Customer.Fname, Customer.Phone_number, Customer.Lname, Customer.Address }; for (int i = 0; i < parms.Length; i++) { parms[i] = new SqlParameter(); parms[i].ParameterName = names[i]; parms[i].SqlDbType = DBtypes[i]; parms[i].Value = values[i]; cmd.Parameters.Add(parms[i]); } cmd.CommandType = CommandType.StoredProcedure; cmd.ExecuteNonQuery(); } }
public CustomerM getCustomer(int Customer_id) { CustomerM C = null; string spName = @"[dbo].[getCustomer]"; using (SqlCommand cmd = new SqlCommand(spName, SQLConnection)) { SqlParameter Emp_id_Parameter = new SqlParameter(); Emp_id_Parameter.ParameterName = "@CustomerID"; Emp_id_Parameter.SqlDbType = SqlDbType.Int; Emp_id_Parameter.Value = Customer_id; cmd.Parameters.Add(Emp_id_Parameter); cmd.CommandType = CommandType.StoredProcedure; using (SqlDataReader reader = cmd.ExecuteReader()) { if (reader.HasRows) { int test = 0; while (reader.Read()) { if (test > 0) { throw new Exception("more then one customer with the PK: " + Customer_id + ", key values have been destroyed"); } C = new CustomerM(reader); } } } } return(C); }
public CustomerM DecodeJWT(string jwt) { CustomerM customer = new CustomerM(); try { IJsonSerializer serializer = new JsonNetSerializer(); IDateTimeProvider provider = new UtcDateTimeProvider(); IJwtValidator validator = new JwtValidator(serializer, provider); IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder(); IJwtDecoder decoder = new JwtDecoder(serializer, validator, urlEncoder); var json = decoder.Decode(jwt, new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["JwtSecret"])).ToString(), verify: true); customer = customerService.FindById((int)JObject.Parse(json)["id"]); } catch (TokenExpiredException) { Console.WriteLine("Token has expired"); return(null); } catch (SignatureVerificationException) { Console.WriteLine("Token has invalid signature"); return(null); } catch (Exception) { Console.WriteLine("Invalid Jwt token."); return(null); } return(customer); }
public ActionResult Edit(ChangeAccountInfo accountInfo) { CustomerM customer = authService.DecodeJWT(User.Identity.Name); if (authService.HashPassword(accountInfo.OldPassword) != customer.Password) { ModelState.AddModelError("Password", "Your password is incorrect."); return(View("MyAccount", accountInfo)); } if (accountInfo.Password != accountInfo.ConfirmPassword && (string.IsNullOrWhiteSpace(accountInfo.ConfirmPassword) || string.IsNullOrEmpty(accountInfo.ConfirmPassword)) && (string.IsNullOrWhiteSpace(accountInfo.Password) || string.IsNullOrEmpty(accountInfo.Password))) { ModelState.AddModelError("Password", "New password and confirm password does not match."); return(View("MyAccount", accountInfo)); } customer.LastName = accountInfo.LastName; customer.FirstName = accountInfo.FirstName; customer.Email = accountInfo.Email; customer.Address = accountInfo.Address; customer.Password = authService.HashPassword(accountInfo.Password); customerService.Edit(customer); return(View("Index", "Home")); }
public bool Authenticate(string email, string password) { CustomerM customer = customerService.FindByEmail(email); if (customer.Password != HashPassword(password)) { return(false); } return(true); }
public string GenerateJWT(CustomerM customer) { return(new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["JwtSecret"])).ToString()) .AddClaim("exp", DateTimeOffset.UtcNow.AddMonths(1).ToUnixTimeSeconds()) .AddClaim("email", customer.Email) .AddClaim("id", customer.Id) .AddClaim("isAdmin", customer.IsAdmin) .Build()); }
public ActionResult MyAccount() { CustomerM customer = authService.DecodeJWT(User.Identity.Name); return(View(new ChangeAccountInfo() { Address = customer.Address, Email = customer.Email, FirstName = customer.FirstName, Id = customer.Id, LastName = customer.LastName, })); }
public ActionResult Buy() { CustomerM customer = authService.DecodeJWT(User.Identity.Name); foreach (var shopping in shoppingService.FindAll().Where(x => x.CustomerId == customer.Id && x.Status == "Active")) { shopping.Status = "Pending"; shopping.Date = DateTime.Now; shoppingService.Edit(shopping); } return(RedirectToAction("Index")); }
public ActionResult Info() { CustomerM customer = authService.DecodeJWT(User.Identity.Name); ShopM shop = new ShopM(); if (customer.ShopAdminId != -1) { shop = shopService.FindById(customer.ShopAdminId); } return(View(shop)); }
public ActionResult Edit(MobileDTO mobileDTO) { CustomerM admin = authService.DecodeJWT(User.Identity.Name); ShopMobilesM shopMobiles = shopMobilesService.FindByShopAndMobile(admin.ShopAdminId, mobileDTO.Id); if (shopMobiles != null) { shopMobiles.Price = mobileDTO.Price; shopMobiles.MobilesLeft = mobileDTO.Amount; shopMobilesService.Edit(shopMobiles); } return(RedirectToAction("Manage")); }
public ActionResult Remove(int id) { CustomerM admin = authService.DecodeJWT(User.Identity.Name); CustomerM customer = customerService.FindById(id); if (customer == null || admin.ShopAdminId != customer.ShopAdminId) { return(RedirectToAction("Manage")); } customer.IsAdmin = false; customer.ShopAdminId = -1; customerService.Edit(customer); return(RedirectToAction("Manage")); }
public ActionResult Add(int id) { CustomerM customer = customerService.FindById(id); if (customer != null) { CustomerM admin = authService.DecodeJWT(User.Identity.Name); if (!customer.IsAdmin && customer.ShopAdminId == -1) { customer.IsAdmin = true; customer.ShopAdminId = admin.ShopAdminId; customerService.Edit(customer); } } return(RedirectToAction("All")); }
public ActionResult Manage() { CustomerM admin = authService.DecodeJWT(User.Identity.Name); IEnumerable <ShopMobilesM> shopMobiles = shopMobilesService.FindAll().Where(x => x.ShopId == admin.ShopAdminId); List <MobileDTO> mobileDTOs = new List <MobileDTO>(); foreach (var m in shopMobiles) { MobileM mobile = mobileService.FindById(m.MobileId); mobileDTOs.Add(new MobileDTO() { Id = m.MobileId, Amount = m.MobilesLeft, Price = m.Price, Name = mobile.Name }); } return(View(mobileDTOs)); }
public ActionResult Add(MobileShopDTO mobileShop) { CustomerM customer = authService.DecodeJWT(User.Identity.Name); ShopMobilesM foundPair = shopMobilesService.FindByShopAndMobile(customer.ShopAdminId, mobileShop.MobileId); if (foundPair == null) { shopMobilesService.Save(new ShopMobilesM() { MobileId = mobileShop.MobileId, MobilesLeft = mobileShop.Amount, ShopId = customer.ShopAdminId, Price = mobileShop.Price, }); } return(RedirectToAction("All")); }
public ActionResult Create(ShopM shop) { if (ModelState.IsValid) { CustomerM customer = authService.DecodeJWT(User.Identity.Name); if (customer.ShopAdminId != -1) { return(RedirectToAction("New")); } shop = shopService.Save(shop); customer.IsAdmin = true; customer.ShopAdminId = shop.Id; customerService.Edit(customer); HttpContext.Response.SetCookie(new HttpCookie("Role", "ADMIN")); } return(RedirectToAction("Index", "Home")); }
public ActionResult Add(ShoppingM shopping) { MobileM mobile = mobileService.FindById(shopping.MobileId); ShopM shop = shopService.FindById(shopping.ShopId); CustomerM customer = authService.DecodeJWT(User.Identity.Name); ShopMobilesM shopMobiles = shopMobilesService.FindByShopAndMobile(shop.Id, mobile.Id); if (!ModelState.IsValid || mobile == null || shop == null || customer == null || shopMobiles == null || shopping.Price != shopMobiles.Price) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } shopping.CustomerId = customer.Id; shopping.Status = "Active"; shoppingService.Save(shopping); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }
public ActionResult Decline(int id) { ShoppingM shopping = shoppingService.FindById(id); CustomerM customer = authService.DecodeJWT(User.Identity.Name); if (shopping == null || shopping.Status != "Pending") { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } if (shopping.ShopId != customer.ShopAdminId) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } shopping.Status = "Declined"; shoppingService.Edit(shopping); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }
public ActionResult Index() { CustomerM customer = authService.DecodeJWT(User.Identity.Name); List <ShoppingDTO> shoppings = new List <ShoppingDTO>(); foreach (var shopping in shoppingService.FindAll().Where(x => x.CustomerId == customer.Id && x.Status == "Active")) { shoppings.Add(new ShoppingDTO() { MobileName = mobileService.FindById(shopping.MobileId).Name, ShopName = shopService.FindById(shopping.ShopId).ShopName, Id = shopping.Id, Price = shopping.Price, ShopId = shopping.ShopId, MobileId = shopping.MobileId, CustomerId = shopping.CustomerId, }); } return(View(shoppings)); }
public CustomerM Save(CustomerM customer) { Customer customerDb = new Customer() { FirstName = customer.FirstName, LastName = customer.LastName, Email = customer.Email, CustomerAddress = customer.Address, Blocked = customer.Blocked, Activated = customer.Activated, IsAdmin = customer.IsAdmin, CustomerPassword = customer.Password, ShopAdminId = null, IsRootAdmin = customer.IsRootAdmin, }; Context.Customers.Add(customerDb); Context.SaveChanges(); customer.Id = customerDb.Id; return(customer); }
public ActionResult Accept(int id) { ShoppingM shopping = shoppingService.FindById(id); CustomerM customer = authService.DecodeJWT(User.Identity.Name); ShopMobilesM shopMobiles = shopMobilesService.FindByShopAndMobile(shopping.ShopId, shopping.MobileId); if (shopping == null || shopping.Status != "Pending" || shopMobiles == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } if (shopping.ShopId != customer.ShopAdminId) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } shopping.Status = "Accepted"; shoppingService.Edit(shopping); shopMobiles.MobilesLeft--; shopMobilesService.Edit(shopMobiles); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }
public ActionResult History() { CustomerM admin = authService.DecodeJWT(User.Identity.Name); ShopM shop = shopService.FindById(admin.ShopAdminId); List <ShoppingDTO> shoppings = new List <ShoppingDTO>(); foreach (var shopping in shoppingService.FindAll().Where(x => x.ShopId == shop.Id)) { shoppings.Add(new ShoppingDTO() { Id = shopping.Id, Customer = admin.Email, CustomerId = admin.Id, MobileId = shopping.MobileId, MobileName = mobileService.FindById(shopping.MobileId).Name, Price = shopping.Price, Status = shopping.Status, }); } return(View(shoppings)); }
public ActionResult Login(LoginDTO login) { CustomerM customer = customerService.FindByEmail(login.Email); if (customer == null || !authService.Authenticate(login.Email, login.Password)) { ModelState.AddModelError("LoginError", "Wrong username or password."); return(View("Login")); } var token = authService.GenerateJWT(customer); FormsAuthentication.SetAuthCookie(token, true); var httpContext = HttpContext.ApplicationInstance as MvcApplication; HttpCookie cookie = null; if (customer.IsAdmin) { if (customer.IsRootAdmin) { cookie = new HttpCookie("Role", "ROOT"); } else { cookie = new HttpCookie("Role", "ADMIN"); } } else { cookie = new HttpCookie("Role", "REGULAR"); } cookie.Expires.AddMonths(1); httpContext.Response.Cookies.Set(cookie); return(Redirect("/Home")); }
public CustomerM Edit(CustomerM customer) { var found = Context.Customers.SingleOrDefault(x => x.Id == customer.Id); if (found == null) { return(null); } found.FirstName = customer.FirstName; found.LastName = customer.LastName; found.Email = customer.Email; if (customer.Password != null && customer.Password != "") { found.CustomerPassword = customer.Password; } found.IsAdmin = customer.IsAdmin; found.Blocked = customer.Blocked; found.Activated = customer.Activated; found.ShopAdminId = (customer.ShopAdminId != -1) ? (int?)customer.ShopAdminId : null; found.IsRootAdmin = customer.IsRootAdmin; Context.SaveChanges(); customer.Password = ""; return(customer); }
public CustomerM Save(CustomerM customer) { return(customerRepository.Save(customer)); }
public CustomerM Edit(CustomerM customer) { return(customerRepository.Edit(customer)); }
public ActionResult All() { CustomerM admin = authService.DecodeJWT(User.Identity.Name); return(View(mobileService.FindAll().Where(x => shopMobilesService.FindByShopAndMobile(admin.ShopAdminId, x.Id) == null))); }
public ActionResult All() { CustomerM user = authService.DecodeJWT(User.Identity.Name); return(View(customerService.FindAll().Where(x => x.ShopAdminId == -1 && x.IsAdmin == false && x.IsRootAdmin == false && x.Id != user.Id))); }
public ActionResult Manage() { CustomerM admin = authService.DecodeJWT(User.Identity.Name); return(View(customerService.FindAll().Where(x => x.ShopAdminId == admin.ShopAdminId && x.Id != admin.Id))); }