public JsonResult GetStepDetail(string StepId) { if (ObserveServiceManager.GetObserveByStepId(StepId).Users.Id == User.Identity.GetUserId()) { int numPC = 0; string PC1Label = null; string PC2Label = null; string decrypted = null; ObserverDbContext _db = new ObserverDbContext(); StepsModel model = _db.Steps.Where(e => e.Id == StepId).FirstOrDefault(); if (model.PC_Method != null) { PCMethodsModel models = model.PC_Method; numPC = models.Type; PC1Label = models.PC1; PC2Label = models.PC2; } int pcmethod = 0; if (model.PC_Method != null) { pcmethod = int.Parse(model.PC_Method.Id); } if (model.PC2 != null) { decrypted = EncryptionAlgorithmServiceManager.DecryptStringFromBytes_Aes(Convert.FromBase64String(model.PC2), Convert.FromBase64String(_db._AESSecretKeyS), Convert.FromBase64String(model.PC2Secret)); } StepDetailOutputModel outputModel = new StepDetailOutputModel() { StepId = model.Id, Url = model.Url, Method = model.Method.GetValueOrDefault(), Header = model.SetHeader.GetValueOrDefault(), Priority = model.Order.GetValueOrDefault(), PredefinedHeader = model.PredefinedHeader, Status = "Authorized", PC_Method = pcmethod, PC1 = model.PC1, PC2 = decrypted, PC1Label = PC1Label, PC2Label = PC2Label, numPC = numPC }; return(Json(outputModel)); } else { return(Json(JsonConvert.DeserializeObject("{ 'Status': 'Unauthorized' }"))); } }
public int EmailLoginRequest(string SessionId, string Email, string SessionKey) { ObserverDbContext _db = new ObserverDbContext(); var session = _db.LoginSessions .Where(e => e.Id == SessionId) .FirstOrDefault(); if (session.Status == 6) { // Session expired return(0); } if (session.Status != 1) { // Session type error return(1); } if (session.Key != SessionKey) { // Session expired return(0); } var users = _db.Users .Where(e => e.Email == Email) .ToList(); if (users.Count > 0) { var user = users.FirstOrDefault(); if (user.Status == 1) { session.EmailKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); session.Status = 4; session.Users = user; _db.SaveChanges(); EmailServiceManager.AccountEmailLogin(user.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/LoginEmail?Id=" + SessionId + "&Key=" + session.EmailKey, user.Email); return(4); } else { // Inactive user return(3); } } else { // Cannot find user return(2); } }
public async Task <ActionResult> VerifyEmail(string Id, string Key) { ObserverDbContext _db = new ObserverDbContext(); var query = _db.PendingUsers .Where(e => e.Id == Id && e.Key == Key) .OrderByDescending(e => e.DateCreated) .ToList(); if (query.Count > 0) { var query2 = query.FirstOrDefault(); if (query2.DateCreated.AddHours(1) < DateTime.UtcNow) { return(RedirectToAction("Index", "Home", new { status = 8 })); } else if (query2.Id == Id && query2.Key == Key) { query2.Status = 1; var user = new ApplicationUser { UserName = query2.Email, Email = query2.Email, LockoutEndDateUtc = System.DateTime.UtcNow }; var result = await UserManager.CreateAsync(user); if (result.Succeeded) { UsersModel newUser = new UsersModel() { Id = user.Id, Name = query2.DisplayName, Email = query2.Email, Status = 1, DateCreated = DateTime.UtcNow, ApiCode = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString() }; _db.Users.Add(newUser); _db.SaveChanges(); await SignInManager.SignInAsync(user, true, true); } return(RedirectToAction("Index", "Home", new { status = 9 })); } else { return(RedirectToAction("Index", "Home", new { status = 8 })); } } else { return(RedirectToAction("Index", "Home", new { status = 8 })); } }
public int ResubmitStep(StepResubmitInputModel model) { if (model.Url == null) { return(1); } else if (model.Method != 1 && model.Method != 2) { return(2); } else { ObserverDbContext _db = new ObserverDbContext(); byte[] encrypt = null; byte[] encryptSecret = null; string encrypted = null; string encryptedSecret = null; if (model.PC2 != null) { byte[] secretKey = Convert.FromBase64String(_db._AESSecretKeyS); using (AesManaged myAes = new AesManaged()) { encrypt = EncryptionAlgorithmServiceManager.EncryptStringToBytes_Aes(model.PC2, secretKey, myAes.IV); encryptSecret = myAes.IV; } } if (encrypt != null) { encrypted = Convert.ToBase64String(encrypt); encryptedSecret = Convert.ToBase64String(encryptSecret); } PCMethodsModel pcMethodsModel = PCMethodServiceManager.GetPCMethodById(model.PC_Method.ToString()); StepsModel stepsModel = new StepsModel() { Id = model.StepId, Url = model.Url, Method = model.Method, SetHeader = model.Header, Deleted = false, PredefinedHeader = model.PredefinedHeader, PC1 = model.PC1, PC2 = encrypted, PC2Secret = encryptedSecret }; StepServiceManager.UpdateStep(stepsModel, model.PC_Method.ToString()); return(4); } }
public async Task <JsonResult> CheckLoginStatus(string SessionId, string SessionKey) { ObserverDbContext _db = new ObserverDbContext(); var query = _db.LoginSessions .Where(e => e.Id == SessionId) .FirstOrDefault(); if (query.Key == SessionKey) { if (query.SessionDate.AddMinutes(30) < DateTime.UtcNow) { query.Status = 6; _db.SaveChanges(); return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }"))); } else if (query.Status == 3 || query.Status == 5) { ApplicationUser user = UserManager.Users .Where(e => e.Id == query.Users.Id) .FirstOrDefault(); await SignInManager.SignInAsync(user, true, true); string key = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); query.Key = key; _db.SaveChanges(); HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = query.Id; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = key; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'LoginReady', 'Path': '" + query.Path + "' }"))); } else if (query.Status == 1 || query.Status == 2 || query.Status == 4) { if (query.Status == 2) { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'QRPending', 'SessionCode': '" + query.SessionCode + "' }"))); } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Pending' }"))); } } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }"))); } } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Invalid Session' }"))); } }
public PlayersModel() { Id = Guid.NewGuid().ToString(); Status = 0; PIN = EncryptionAlgorithmServiceManager.GetRandomDigit(6); }
public async Task <ActionResult> Login(string errorMessage = null, string ReturnUrl = null) { if (User.Identity.IsAuthenticated) { return(RedirectToAction("Index", "Home", new { status = 2 })); } ObserverDbContext _db = new ObserverDbContext(); try { string sessionId = Request.Cookies.Get("SessionId").Value; string sessionKey = Request.Cookies.Get("SessionKey").Value; string myUserAgent = Request.UserAgent; var session = _db.LoginSessions .Where(e => e.Id == sessionId) .FirstOrDefault(); if (session.UserAgent == myUserAgent && session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow) { ApplicationUser user = UserManager.FindById(session.Users.Id); await SignInManager.SignInAsync(user, true, true); string newId = Guid.NewGuid().ToString(); string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); LoginSessionsModel newSession = new LoginSessionsModel() { Id = newId, Key = newKey, Status = 3, Users = session.Users, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = session.SessionDate }; session.Status = 6; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = newId; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = newKey; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); _db.LoginSessions.Add(newSession); _db.SaveChanges(); if (String.IsNullOrEmpty(ReturnUrl)) { return(RedirectToAction("Index", "Home", new { status = 13, name = session.Users.Name })); } else { if (ReturnUrl.Contains("?")) { ReturnUrl = ReturnUrl + "&status=13&name=" + session.Users.Name; } else { ReturnUrl = ReturnUrl + "?status=13&name=" + session.Users.Name; } return(Redirect(ReturnUrl)); } } else { string loginSessionId = Guid.NewGuid().ToString(); string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key); string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString()); LoginSessionsModel loginSession = new LoginSessionsModel() { Id = loginSessionId, Status = 1, Key = key, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = DateTime.UtcNow, Path = ReturnUrl }; session.Status = 6; _db.LoginSessions.Add(loginSession); _db.SaveChanges(); ViewBag.LoginSessionId = loginSessionId; ViewBag.Key = key; ViewBag.QRImage = image; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = null; SessionCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = null; SessionKeyCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionKeyCookie); return(View("Login")); } } catch (NullReferenceException e) { e.ToString(); string loginSessionId = Guid.NewGuid().ToString(); string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key); string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString()); LoginSessionsModel loginSession = new LoginSessionsModel() { Id = loginSessionId, Status = 1, Key = key, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = DateTime.UtcNow, Path = ReturnUrl }; _db.LoginSessions.Add(loginSession); _db.SaveChanges(); ViewBag.LoginSessionId = loginSessionId; ViewBag.Key = key; ViewBag.QRImage = image; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = null; SessionCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = null; SessionKeyCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionKeyCookie); return(View("Login")); } }
public ActionResult Register(RegisterInputModel Input) { ObserverDbContext _db = new ObserverDbContext(); if (User.Identity.IsAuthenticated) { return(RedirectToAction("Index", "Home")); } var pendingUsers = _db.PendingUsers .Where(e => e.Email == Input.Email) .OrderByDescending(e => e.DateCreated) .ToList(); var user = _db.Users .Where(e => e.Email == Input.Email) .ToList(); if (user.Count > 0) { ViewBag.ErrorMessage = "Error: The email has been used."; return(View()); } else if (pendingUsers.Count >= 1) { var pendingUser = pendingUsers.FirstOrDefault(); if (pendingUser.Status == 1) { ViewBag.ErrorMessage = "Error: The email has been used."; return(View()); } else if (pendingUser.Status == 0 || pendingUser.Status == 2) { if (pendingUser.DateCreated.AddHours(1) < DateTime.UtcNow) { pendingUser.Status = 2; string id = Guid.NewGuid().ToString(); string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); PendingUsersModel newUser = new PendingUsersModel() { Id = id, DisplayName = Input.Name, Email = Input.Email, Key = key, Status = 0, DateCreated = DateTime.UtcNow }; _db.PendingUsers.Add(newUser); _db.SaveChanges(); EmailServiceManager.AccountPendingVerification(Input.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/VerifyEmail?Id=" + id + "&Key=" + key, Input.Email); return(RedirectToAction("Index", "Home", new { Status = 7, email = Input.Email })); } else { int minute = DateTime.UtcNow.Subtract(pendingUser.DateCreated).Minutes; return(RedirectToAction("Index", "Home", new { Status = 6, min = minute })); } } return(View()); } else { string key = Guid.NewGuid().ToString(); string id = Guid.NewGuid().ToString(); PendingUsersModel newUser = new PendingUsersModel() { Id = id, DisplayName = Input.Name, Email = Input.Email, Key = key, Status = 0, DateCreated = DateTime.UtcNow }; _db.PendingUsers.Add(newUser); _db.SaveChanges(); EmailServiceManager.AccountPendingVerification(Input.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/VerifyEmail?Id=" + id + "&Key=" + key, Input.Email); return(RedirectToAction("Index", "Home", new { Status = 7, email = Input.Email })); } }
public async Task <ActionResult> QRLogin(string Id, string Key) { ObserverDbContext _db = new ObserverDbContext(); string userId = null; try { string sessionId = Request.Cookies.Get("SessionId").Value; string sessionKey = Request.Cookies.Get("SessionKey").Value; var session = _db.LoginSessions .Where(e => e.Id == sessionId) .FirstOrDefault(); if (session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow) { ApplicationUser user = UserManager.FindById(session.Users.Id); userId = user.Id; await SignInManager.SignInAsync(user, true, true); string newId = Guid.NewGuid().ToString(); string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); LoginSessionsModel newSession = new LoginSessionsModel() { Id = newId, Key = newKey, Status = 3, Users = session.Users, DateCreation = DateTime.UtcNow, SessionDate = session.SessionDate }; session.Status = 6; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = newId; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = newKey; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); _db.LoginSessions.Add(newSession); _db.SaveChanges(); } else { RedirectToAction("Login", "Identity"); } } catch (NullReferenceException e) { RedirectToAction("Login", "Identity"); } var loginSession = _db.LoginSessions .Where(e => e.Id == Id) .FirstOrDefault(); if (loginSession.SessionDate.AddMinutes(30) < DateTime.UtcNow) { loginSession.Status = 6; _db.SaveChanges(); return(RedirectToAction("Index", "Home", new { status = 12 })); } else { var user = _db.Users .Where(e => e.Id == userId) .FirstOrDefault(); string proceedKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Random random = new Random(); int randomInt = random.Next(999); while (randomInt < 100) { randomInt = random.Next(999); } string sessionCode = randomInt.ToString(); if (loginSession.Status == 1) { loginSession.Status = 2; loginSession.Users = user; loginSession.QRKey = proceedKey; loginSession.SessionCode = sessionCode; loginSession.SessionDate = DateTime.UtcNow.AddSeconds(30); _db.SaveChanges(); } ViewBag.SessionId = Id; ViewBag.ProceedKey = proceedKey; ViewBag.SessionCode = sessionCode; return(View()); } }
public int CreateNewStep(StepCreationInputModel model) { if (model.Url == null) { return(1); } else if (model.Method != 1 && model.Method != 2) { return(2); } else if (model.Priority != 1 && model.Priority != 2) { return(3); } else { ObserverDbContext _db = new ObserverDbContext(); ObservesModel observesModel = _db.Observes .Where(e => e.Id == model.ObserveId) .FirstOrDefault(); PCMethodsModel pcMethodsModel = _db.PCMethods .Where(e => e.Id == model.ContentMethod.ToString()) .FirstOrDefault(); byte[] encrypt = null; byte[] encryptSecret = null; string encrypted = null; string encryptedSecret = null; if (model.PC2 != null) { byte[] secretKey = Convert.FromBase64String(_db._AESSecretKeyS); using (AesManaged myAes = new AesManaged()) { encrypt = EncryptionAlgorithmServiceManager.EncryptStringToBytes_Aes(model.PC2, secretKey, myAes.IV); encryptSecret = myAes.IV; } } if (encrypt != null) { encrypted = Convert.ToBase64String(encrypt); encryptedSecret = Convert.ToBase64String(encryptSecret); } StepsModel stepsModel = new StepsModel() { Id = Guid.NewGuid().ToString(), Url = model.Url, Method = model.Method, SetHeader = model.Header, Deleted = false, PredefinedHeader = model.PredefinedHeader, PC_Method = pcMethodsModel, PC1 = model.PC1, PC2 = encrypted, PC2Secret = encryptedSecret }; int numStep = StepServiceManager.GetStepListByObserveId(model.ObserveId).Count(); if (numStep == 0) { if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 1, model.ObserveId)) { return(4); } else { return(5); } } else { if (model.Priority == 1) { if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 2, model.ObserveId)) { return(4); } else { return(5); } } if (model.Priority == 2) { if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 3, model.ObserveId)) { return(4); } else { return(5); } } return(4); } } }