예제 #1
0
        public virtual async Task <bool> PasswordRecovery(UserModel passwordRecoveryModel)
        {
            if (passwordRecoveryModel == null || string.IsNullOrEmpty(passwordRecoveryModel.UserName))
            {
                return(false);
            }

            if (!_userDAO.Exist(passwordRecoveryModel.UserName))
            {
                return(false);
            }
            string token = new Guid().ToString();

            _userDAO.UpdatePasswordToken(passwordRecoveryModel.UserName, token);

            string passwordRecoverySubject = "Password recovery email";
            string passwordRecoveryBody    = $@"
                Hi! <br/>
                You requested password recovery to complete request follow 
                <a href='{_appSettings.BaseUrl}/Auth/recover?token={EncoderUtils.Base64Encode(token)}'>link</a>
                <br/><br/><br/>
                Best regards!";

            await _emailSender.SendEmailAsync(passwordRecoveryModel.UserName, passwordRecoverySubject, passwordRecoveryBody);

            return(true);
        }
예제 #2
0
        public virtual async Task <bool> Register(UserModel registrationModel)
        {
            if (registrationModel == null || string.IsNullOrEmpty(registrationModel.UserName) || string.IsNullOrEmpty(registrationModel.Password))
            {
                return(false);
            }

            bool registerUserResult = _userDAO.RegisterUser(registrationModel);

            if (!registerUserResult)
            {
                return(false);
            }

            bool addWelcomeBonusResult = AddwelcomeBonus(registrationModel.UserName);

            string token = EncoderUtils.Base64Encode(registrationModel.UserName);

            string registrationMailSubject = "Confirm email";
            string registrationMailBody    = $@"
                Hi! <br/>
                To confirm your email please follow the 
                <a href='{GetCurrentDomain()}/Auth/ConfirmRegistration?token={token}'>link</a> 
                <br/><br/><br/>
                Best regards!";

            if (_appSettings.IgnoreEmails)
            {
                return(await ConfirmRegistration(token));
            }

            await _emailSender.SendEmailAsync(registrationModel.UserName, registrationMailSubject, registrationMailBody);

            return(true);
        }
예제 #3
0
        public virtual Task <UserModel> Login(UserModel loginModel)
        {
            if (loginModel == null || string.IsNullOrEmpty(loginModel.UserName) || string.IsNullOrEmpty(loginModel.Password))
            {
                return(Task.FromResult <UserModel>(null));
            }

            var accessLogModel = new
            {
                Ip       = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(),
                Username = loginModel.UserName,
                Password = loginModel.Password
            };

            _accessLogger.Info($"{Newtonsoft.Json.JsonConvert.SerializeObject(accessLogModel)}");

            if (!_userDAO.ValidatePassword(loginModel.UserName, loginModel.Password))
            {
                return(Task.FromResult <UserModel>(null));
            }

            UserDBModel userModel = _userDAO.GetUser(loginModel.UserName);

            Random random = new Random();

            var byteArray = new byte[256];

            random.NextBytes(byteArray);

            string cookie = Sha256HashUtils.ComputeSha256Hash(byteArray);
            string inrole = userModel.Role > 0 ? "1" : "0";

            if (userModel.Role > 50)
            {
                inrole = "100";
            }

            string allCookie = $"{EncoderUtils.Base64Encode(loginModel.UserName)}-{cookie}-{inrole}";

            if (!_userDAO.SaveSession(cookie, DateTime.UtcNow.AddDays(1)))
            {
                return(Task.FromResult <UserModel>(null));
            }

            loginModel.Password = null;
            loginModel.Cookie   = allCookie;
            loginModel.Status   = "ok";

            _httpContextAccessor.HttpContext.Response.Cookies.Append(AUTH_COOKIE, loginModel.Cookie, new CookieOptions
            {
                Expires  = DateTime.Now.AddDays(3),
                HttpOnly = false
            });

            return(Task.FromResult(loginModel));
        }
예제 #4
0
        public override string CreateCookie(UserDBModel user, HttpContext context)
        {
            Random random = new Random();

            var byteArray = new byte[256];

            random.NextBytes(byteArray);

            string cookieHash = Sha256HashUtils.ComputeSha256Hash(byteArray);
            string inrole     = user.Role.ToString();

            if (user.Role > ADMIN_ROLE)
            {
                inrole = ADMIN_ROLE_COOKIE_VALUE;
            }

            IUserDAO userDAO           = context.RequestServices.GetRequiredService <IUserDAO>();
            bool     saveSessionResult = userDAO.SaveSession(cookieHash, DateTime.UtcNow.Add(COOKIE_VALID_FOR));

            if (!saveSessionResult)
            {
                return(null);
            }

            string allCookie = string.Format(COOKIE_FORMAT, EncoderUtils.Base64Encode(user.UserName), cookieHash, inrole);

            string encodedCookie = _protector.Protect(allCookie);

            CookieOptions cookieOptions = new CookieOptions
            {
                Expires = DateTime.UtcNow.AddDays(1)
            };

            context.Response.Cookies.Append(COOKIE_KEY, encodedCookie, cookieOptions);

            return(encodedCookie);
        }
예제 #5
0
        public virtual async Task <bool> PasswordRecovery(UserModel passwordRecoveryModel)
        {
            if (passwordRecoveryModel == null || string.IsNullOrEmpty(passwordRecoveryModel.UserName))
            {
                return(false);
            }

            if (!_userDAO.Exist(passwordRecoveryModel.UserName))
            {
                return(false);
            }

            string passwordRecoverySubject = "Password recovery email";
            string passwordRecoveryBody    = $@"
                Hi! <br/>
                You requested password recovery to complete request follow 
                <a href='{GetCurrentDomain()}/Auth/recover?token={EncoderUtils.Base64Encode(passwordRecoveryModel.UserName)}'>link</a>
                <br/><br/><br/>
                Best regards!";

            await _emailSender.SendEmailAsync(passwordRecoveryModel.UserName, passwordRecoverySubject, passwordRecoveryBody);

            return(true);
        }