protected override User Update(User domainObject)
{
// Pull out the id because we'll be using it in a lambda that might be deferred when calling and the thread may not have access to the domain object's context
// (yay multithreading)
int id;
if (null == domainObject)
{
throw new ArgumentNullException(nameof(domainObject));
}
id = domainObject.Id;
using (MGFContext entities = new MGFContext())
{
DataEntities.User entity = entities.Users
.Include(userEntity => userEntity.Characters)
.FirstOrDefault(userEntity => userEntity.Id == id);
if (entity != null)
{
Map(domainObject, entity);
domainObject = SaveChanges(entities, entity);
}
}
return(domainObject);
}
private User SaveChanges(MGFContext entities, DataEntities.User entity)
{
// Save everything in the context (unit of work means it should only be this entity and anything it contains)
entities.SaveChanges();
// reload what the database has based on the ID that we modified
return(Fetch(entity.Id));
}
public static bool VerifyPassword(this DataEntities.User user, string password)
{
var pepper = user.UserID.ToByteArray().Sum(x => x);
var binary = KeyDerivation.Pbkdf2(password, user.Salt, KeyDerivationPrf.HMACSHA512, 8000 + pepper, 64);
return(user.Password.SequenceEqual(binary));
}
public async Task <IActionResult> Register([FromBody] LoginModel userModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var dbUser = new DataEntities.User();
ToDoUser newUser = new ToDoUser(dbUser)
{
UserName = userModel.User,
Email = userModel.Email,
Password = userModel.Password
};
var result = await _userManager.CreateAsync(newUser, userModel.Password);
if (result.Succeeded)
{
return(CreatedAtAction(nameof(Get), new { id = newUser.Id }, _userManager.FindByNameAsync(userModel.User)));
}
return(NoContent());
}
public AccessControlPrincipal(DataEntities.User user, IIdentity identity)
{
_user = user ?? new DataEntities.User();
_user.Profile = _user.Profile ?? new DataEntities.Profile();
//_user.Profile.Name = (user != null ? _user.Profile.Name : identity.Name);
_identity = identity;
}
public static void RegisterPassword(this DataEntities.User user, string password)
{
var pepper = user.UserID.ToByteArray().Sum(x => x);
var salt = new byte[16];
var random = RandomNumberGenerator.Create();
random.GetBytes(salt);
user.Salt = salt;
user.Password = KeyDerivation.Pbkdf2(password, salt, KeyDerivationPrf.HMACSHA512, 8000 + pepper, 64);
}
protected override User Insert(User domainObject)
{
using (MGFContext entities = new MGFContext())
{
DataEntities.User entity = new DataEntities.User();
Map(domainObject, entity);
entities.Users.Add(entity);
domainObject = SaveChanges(entities, entity);
}
return(domainObject);
}
protected override void DeleteNow(int id)
{
using (MGFContext entities = new MGFContext())
{
MGF.DataEntities.User entity = new DataEntities.User {
Id = id
};
// Gets the character list and attaches the entity to the contain (makes this object exist in the list of objects).
entities.Users.Attach(entity);
// Remove the character from the container
entities.Users.Remove(entity);
entities.SaveChanges();
}
}
public static async Task <DataResponse <string> > SignUp(LoginSignupModel model)
{
using (var db = BaseService.CreateSampleContext())
{
var response = new DataResponse <string>();
if (string.IsNullOrWhiteSpace(model.Logon) || string.IsNullOrWhiteSpace(model.Password))
{
response.ResponseCode = 400;
response.Message = "Logon and Password can't be empty";
return(response);
}
var grupo = await db.GetTenantById(model.TenantId);
if (grupo == null)
{
response.ResponseCode = 400;
response.Message = "Tenant not found.";
return(response);
}
db.TenantID = model.TenantId;
var user = await db.GetUserByLogon(model.Logon);
if (user != null)
{
response.ResponseCode = 400;
response.Message = "Login Name already in use by another User.";
return(response);
}
user = new DataEntities.User();
user.UserID = Guid.NewGuid();
user.Logon = model.Logon;
user.TenantID = model.TenantId;
user.RegisterPassword(model.Password);
var sessao = user.CreateSession();
await db.Users.AddAsync(user);
await db.Sessions.AddAsync(sessao);
await db.SaveChangesAsync();
response.ResponseCode = 200;
response.Data = Convert.ToBase64String(sessao.Token);
return(response);
}
}
private static void SeedAdminUser(this SampleContext db)
{
var usuarioId = Guid.Parse("{30EA0242-4937-4C2D-8BE4-EA9FA4B2A97E}");
var usuario = db.Users.Where(x => x.UserID == usuarioId).FirstOrDefault();
if (usuario == null)
{
usuario = new DataEntities.User();
usuario.UserID = usuarioId;
usuario.Logon = "admin";
usuario.RegisterPassword("H3ll0@W0rld");
db.Users.Add(usuario);
}
}
public static DataEntities.Session CreateSession(this DataEntities.User user)
{
var token = new byte[64];
RandomNumberGenerator.Create().GetBytes(token);
var session = new DataEntities.Session();
session.SessionID = Guid.NewGuid();
session.UserID = user.UserID;
session.TenantID = user.TenantID;
session.Token = token;
session.IsActive = true;
session.CreationDate = DateTime.UtcNow;
return(session);
}
public VivinaMembershipUser(DataEntities.User user)
: base(
System.Web.Security.Membership.Provider.Name,
user.UserName,
user.UserId,
user.Email,
user.PasswordQuestion,
"",
user.IsActive,
user.IsLockedOut,
user.CreationDate,
user.LastLoginDate,
DateTime.Now,
user.LastPasswordChangedDate,
user.LastLockoutDate)
{
_hasChangePassword = user.HasChangePassword;
}
protected override User Fetch(int id)
{
User userObject = null;
using (MGFContext entities = new MGFContext())
{
DataEntities.User entity = entities.Users
// Eagerly grab this entities linked object - Stats
//.Include(characterEntity => characterEntity.Stats)
.FirstOrDefault(userEntity => userEntity.Id == id);
if (entity != null)
{
// Load data and extra data such as linked objects or XML data etc
userObject = new User(entity.Id, entity.LoginName, entity.PasswordHash, entity.Salt);
}
}
return(userObject);
}
public static User LoadByUserName(string loginName)
{
User userObject = null;
using (MGFContext entities = new MGFContext())
{
DataEntities.User entity = entities.Users
// Eagerly grab this entities linked object - Stats
//.Include(characterEntity => characterEntity.Stats)
.FirstOrDefault(userEntity => userEntity.LoginName == loginName);
if (entity != null)
{
// Load data and extra data such as linked objects or XML data etc
userObject = new User(entity.Id, entity.LoginName, entity.PasswordHash, entity.Salt);
}
}
return(userObject);
}
// One way mapping of all data in the domain object to the entity for adding/updating
protected override void Map(User domainObject, object entity)
{
DataEntities.User userEntity = entity as DataEntities.User;
if (null == domainObject)
{
throw new ArgumentNullException(nameof(domainObject));
}
if (null == entity)
{
throw new ArgumentNullException(nameof(entity));
}
if (null == userEntity)
{
throw new ArgumentOutOfRangeException(nameof(entity));
}
// Map all fields from the domain object to the entity except the ID if it isn't allowed to change (most IDs should NEVER be changed)
//characterEntity.Id = domainObject.Id;
userEntity.LoginName = domainObject.LoginName;
userEntity.PasswordHash = domainObject.PasswordHash;
userEntity.Salt = domainObject.Salt;
}
void context_PostAcquireRequestState(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
HttpContext context = application.Context;
MembershipManager membershipManager = new MembershipManager(null);
AccessControlPrincipal principal = null;
DataEntities.User user = null;
System.Security.Principal.IIdentity identity = null;
if (IsValid)
{
context.Trace.Warn("Role Module Begin");
#region Cookies
if ((!Roles.CookieRequireSSL || context.Request.IsSecureConnection))
{
if (Roles.CacheRolesInCookie)
{
HttpCookie cookie = context.Request.Cookies[Roles.CookieName];
if (cookie != null && cookie.Value != null)
{
if (!string.IsNullOrEmpty(Roles.CookiePath) && (Roles.CookiePath != "/"))
{
cookie.Path = Roles.CookiePath;
}
if (Roles.CookieProtectionValue == CookieProtection.Encryption)
{
cookie.Value = cookie.Value.Decrypt().Decompress();
}
cookie.Domain = Roles.Domain;
context.User = HttpUtility.UrlDecode(cookie.Value).Deserialize <AccessControlPrincipal>();
}
else
{
Roles.DeleteCookie();
}
}
else
{
Roles.DeleteCookie();
}
}
else
{
Roles.DeleteCookie();
}
#endregion
identity = context.User.Identity;
principal = new AccessControlPrincipal(user, identity);
if (context.Session != null && context.Session[context.Session.SessionID] != null && identity.IsAuthenticated)
{
principal = context.Session[context.Session.SessionID] as AccessControlPrincipal;
}
if (String.IsNullOrEmpty(principal.Name) && !String.IsNullOrEmpty(identity.Name))
{
user = membershipManager.GetUserByName(identity.Name);
if (user != null)
{
bool timeoutExpired = DateTime.Now.Subtract(user.LastActivityDate).Minutes > System.Web.Security.Membership.UserIsOnlineTimeWindow;
user.LastActivityDate = DateTime.Now;
user.IsOnline = !timeoutExpired;
membershipManager.DbContext.SubmitChanges();
membershipManager.DataManager.Commit();
}
principal = new AccessControlPrincipal(user, identity);
}
if (context.Application["Session_End"] == null)
{
context.Application["Session_End"] = new EventHandler(OnSessionEnd);
}
//
// Cache the user in session to dont query database
//
if (context.Session != null && identity.IsAuthenticated)
{
context.Session[context.Session.SessionID] = principal;
}
System.Threading.Thread.CurrentPrincipal = principal;
context.User = principal;
context.Trace.Warn("Role Module End");
}
}
public AccessControlIdentity(DataEntities.User user, IIdentity ident)
:
base(user)
{
identity = ident;
}
