public JsonResult GetStepDetail(string StepId)
{
if (ObserveServiceManager.GetObserveByStepId(StepId).Users.Id == User.Identity.GetUserId())
{
int numPC = 0;
string PC1Label = null;
string PC2Label = null;
string decrypted = null;
ObserverDbContext _db = new ObserverDbContext();
StepsModel model = _db.Steps.Where(e => e.Id == StepId).FirstOrDefault();
if (model.PC_Method != null)
{
PCMethodsModel models = model.PC_Method;
numPC = models.Type;
PC1Label = models.PC1;
PC2Label = models.PC2;
}
int pcmethod = 0;
if (model.PC_Method != null)
{
pcmethod = int.Parse(model.PC_Method.Id);
}
if (model.PC2 != null)
{
decrypted = EncryptionAlgorithmServiceManager.DecryptStringFromBytes_Aes(Convert.FromBase64String(model.PC2), Convert.FromBase64String(_db._AESSecretKeyS), Convert.FromBase64String(model.PC2Secret));
}
StepDetailOutputModel outputModel = new StepDetailOutputModel()
{
StepId = model.Id,
Url = model.Url,
Method = model.Method.GetValueOrDefault(),
Header = model.SetHeader.GetValueOrDefault(),
Priority = model.Order.GetValueOrDefault(),
PredefinedHeader = model.PredefinedHeader,
Status = "Authorized",
PC_Method = pcmethod,
PC1 = model.PC1,
PC2 = decrypted,
PC1Label = PC1Label,
PC2Label = PC2Label,
numPC = numPC
};
return(Json(outputModel));
}
else
{
return(Json(JsonConvert.DeserializeObject("{ 'Status': 'Unauthorized' }")));
}
}
public int EmailLoginRequest(string SessionId, string Email, string SessionKey)
{
ObserverDbContext _db = new ObserverDbContext();
var session = _db.LoginSessions
.Where(e => e.Id == SessionId)
.FirstOrDefault();
if (session.Status == 6)
{
// Session expired
return(0);
}
if (session.Status != 1)
{
// Session type error
return(1);
}
if (session.Key != SessionKey)
{
// Session expired
return(0);
}
var users = _db.Users
.Where(e => e.Email == Email)
.ToList();
if (users.Count > 0)
{
var user = users.FirstOrDefault();
if (user.Status == 1)
{
session.EmailKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
session.Status = 4;
session.Users = user;
_db.SaveChanges();
EmailServiceManager.AccountEmailLogin(user.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/LoginEmail?Id=" + SessionId + "&Key=" + session.EmailKey, user.Email);
return(4);
}
else
{
// Inactive user
return(3);
}
}
else
{
// Cannot find user
return(2);
}
}
public async Task <ActionResult> VerifyEmail(string Id, string Key)
{
ObserverDbContext _db = new ObserverDbContext();
var query = _db.PendingUsers
.Where(e => e.Id == Id && e.Key == Key)
.OrderByDescending(e => e.DateCreated)
.ToList();
if (query.Count > 0)
{
var query2 = query.FirstOrDefault();
if (query2.DateCreated.AddHours(1) < DateTime.UtcNow)
{
return(RedirectToAction("Index", "Home", new { status = 8 }));
}
else if (query2.Id == Id && query2.Key == Key)
{
query2.Status = 1;
var user = new ApplicationUser {
UserName = query2.Email, Email = query2.Email, LockoutEndDateUtc = System.DateTime.UtcNow
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
UsersModel newUser = new UsersModel()
{
Id = user.Id,
Name = query2.DisplayName,
Email = query2.Email,
Status = 1,
DateCreated = DateTime.UtcNow,
ApiCode = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()
};
_db.Users.Add(newUser);
_db.SaveChanges();
await SignInManager.SignInAsync(user, true, true);
}
return(RedirectToAction("Index", "Home", new { status = 9 }));
}
else
{
return(RedirectToAction("Index", "Home", new { status = 8 }));
}
}
else
{
return(RedirectToAction("Index", "Home", new { status = 8 }));
}
}
public int ResubmitStep(StepResubmitInputModel model)
{
if (model.Url == null)
{
return(1);
}
else if (model.Method != 1 && model.Method != 2)
{
return(2);
}
else
{
ObserverDbContext _db = new ObserverDbContext();
byte[] encrypt = null;
byte[] encryptSecret = null;
string encrypted = null;
string encryptedSecret = null;
if (model.PC2 != null)
{
byte[] secretKey = Convert.FromBase64String(_db._AESSecretKeyS);
using (AesManaged myAes = new AesManaged())
{
encrypt = EncryptionAlgorithmServiceManager.EncryptStringToBytes_Aes(model.PC2, secretKey, myAes.IV);
encryptSecret = myAes.IV;
}
}
if (encrypt != null)
{
encrypted = Convert.ToBase64String(encrypt);
encryptedSecret = Convert.ToBase64String(encryptSecret);
}
PCMethodsModel pcMethodsModel = PCMethodServiceManager.GetPCMethodById(model.PC_Method.ToString());
StepsModel stepsModel = new StepsModel()
{
Id = model.StepId,
Url = model.Url,
Method = model.Method,
SetHeader = model.Header,
Deleted = false,
PredefinedHeader = model.PredefinedHeader,
PC1 = model.PC1,
PC2 = encrypted,
PC2Secret = encryptedSecret
};
StepServiceManager.UpdateStep(stepsModel, model.PC_Method.ToString());
return(4);
}
}
public async Task <JsonResult> CheckLoginStatus(string SessionId, string SessionKey)
{
ObserverDbContext _db = new ObserverDbContext();
var query = _db.LoginSessions
.Where(e => e.Id == SessionId)
.FirstOrDefault();
if (query.Key == SessionKey)
{
if (query.SessionDate.AddMinutes(30) < DateTime.UtcNow)
{
query.Status = 6;
_db.SaveChanges();
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }")));
}
else if (query.Status == 3 || query.Status == 5)
{
ApplicationUser user = UserManager.Users
.Where(e => e.Id == query.Users.Id)
.FirstOrDefault();
await SignInManager.SignInAsync(user, true, true);
string key = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()));
query.Key = key;
_db.SaveChanges();
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = query.Id;
SessionCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = key;
SessionKeyCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionKeyCookie);
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'LoginReady', 'Path': '" + query.Path + "' }")));
}
else if (query.Status == 1 || query.Status == 2 || query.Status == 4)
{
if (query.Status == 2)
{
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'QRPending', 'SessionCode': '" + query.SessionCode + "' }")));
}
else
{
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Pending' }")));
}
}
else
{
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }")));
}
}
else
{
return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Invalid Session' }")));
}
}
public PlayersModel()
{
Id = Guid.NewGuid().ToString();
Status = 0;
PIN = EncryptionAlgorithmServiceManager.GetRandomDigit(6);
}
public async Task <ActionResult> Login(string errorMessage = null, string ReturnUrl = null)
{
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Home", new { status = 2 }));
}
ObserverDbContext _db = new ObserverDbContext();
try
{
string sessionId = Request.Cookies.Get("SessionId").Value;
string sessionKey = Request.Cookies.Get("SessionKey").Value;
string myUserAgent = Request.UserAgent;
var session = _db.LoginSessions
.Where(e => e.Id == sessionId)
.FirstOrDefault();
if (session.UserAgent == myUserAgent && session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow)
{
ApplicationUser user = UserManager.FindById(session.Users.Id);
await SignInManager.SignInAsync(user, true, true);
string newId = Guid.NewGuid().ToString();
string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()));
LoginSessionsModel newSession = new LoginSessionsModel()
{
Id = newId,
Key = newKey,
Status = 3,
Users = session.Users,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = session.SessionDate
};
session.Status = 6;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = newId;
SessionCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = newKey;
SessionKeyCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionKeyCookie);
_db.LoginSessions.Add(newSession);
_db.SaveChanges();
if (String.IsNullOrEmpty(ReturnUrl))
{
return(RedirectToAction("Index", "Home", new { status = 13, name = session.Users.Name }));
}
else
{
if (ReturnUrl.Contains("?"))
{
ReturnUrl = ReturnUrl + "&status=13&name=" + session.Users.Name;
}
else
{
ReturnUrl = ReturnUrl + "?status=13&name=" + session.Users.Name;
}
return(Redirect(ReturnUrl));
}
}
else
{
string loginSessionId = Guid.NewGuid().ToString();
string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key);
string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString());
LoginSessionsModel loginSession = new LoginSessionsModel()
{
Id = loginSessionId,
Status = 1,
Key = key,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = DateTime.UtcNow,
Path = ReturnUrl
};
session.Status = 6;
_db.LoginSessions.Add(loginSession);
_db.SaveChanges();
ViewBag.LoginSessionId = loginSessionId;
ViewBag.Key = key;
ViewBag.QRImage = image;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = null;
SessionCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = null;
SessionKeyCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionKeyCookie);
return(View("Login"));
}
} catch (NullReferenceException e)
{
e.ToString();
string loginSessionId = Guid.NewGuid().ToString();
string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key);
string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString());
LoginSessionsModel loginSession = new LoginSessionsModel()
{
Id = loginSessionId,
Status = 1,
Key = key,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = DateTime.UtcNow,
Path = ReturnUrl
};
_db.LoginSessions.Add(loginSession);
_db.SaveChanges();
ViewBag.LoginSessionId = loginSessionId;
ViewBag.Key = key;
ViewBag.QRImage = image;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = null;
SessionCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = null;
SessionKeyCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionKeyCookie);
return(View("Login"));
}
}
public ActionResult Register(RegisterInputModel Input)
{
ObserverDbContext _db = new ObserverDbContext();
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Home"));
}
var pendingUsers = _db.PendingUsers
.Where(e => e.Email == Input.Email)
.OrderByDescending(e => e.DateCreated)
.ToList();
var user = _db.Users
.Where(e => e.Email == Input.Email)
.ToList();
if (user.Count > 0)
{
ViewBag.ErrorMessage = "Error: The email has been used.";
return(View());
}
else if (pendingUsers.Count >= 1)
{
var pendingUser = pendingUsers.FirstOrDefault();
if (pendingUser.Status == 1)
{
ViewBag.ErrorMessage = "Error: The email has been used.";
return(View());
}
else if (pendingUser.Status == 0 || pendingUser.Status == 2)
{
if (pendingUser.DateCreated.AddHours(1) < DateTime.UtcNow)
{
pendingUser.Status = 2;
string id = Guid.NewGuid().ToString();
string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
PendingUsersModel newUser = new PendingUsersModel()
{
Id = id,
DisplayName = Input.Name,
Email = Input.Email,
Key = key,
Status = 0,
DateCreated = DateTime.UtcNow
};
_db.PendingUsers.Add(newUser);
_db.SaveChanges();
EmailServiceManager.AccountPendingVerification(Input.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/VerifyEmail?Id=" + id + "&Key=" + key, Input.Email);
return(RedirectToAction("Index", "Home", new { Status = 7, email = Input.Email }));
}
else
{
int minute = DateTime.UtcNow.Subtract(pendingUser.DateCreated).Minutes;
return(RedirectToAction("Index", "Home", new { Status = 6, min = minute }));
}
}
return(View());
}
else
{
string key = Guid.NewGuid().ToString();
string id = Guid.NewGuid().ToString();
PendingUsersModel newUser = new PendingUsersModel()
{
Id = id,
DisplayName = Input.Name,
Email = Input.Email,
Key = key,
Status = 0,
DateCreated = DateTime.UtcNow
};
_db.PendingUsers.Add(newUser);
_db.SaveChanges();
EmailServiceManager.AccountPendingVerification(Input.Name, Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/VerifyEmail?Id=" + id + "&Key=" + key, Input.Email);
return(RedirectToAction("Index", "Home", new { Status = 7, email = Input.Email }));
}
}
public async Task <ActionResult> QRLogin(string Id, string Key)
{
ObserverDbContext _db = new ObserverDbContext();
string userId = null;
try
{
string sessionId = Request.Cookies.Get("SessionId").Value;
string sessionKey = Request.Cookies.Get("SessionKey").Value;
var session = _db.LoginSessions
.Where(e => e.Id == sessionId)
.FirstOrDefault();
if (session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow)
{
ApplicationUser user = UserManager.FindById(session.Users.Id);
userId = user.Id;
await SignInManager.SignInAsync(user, true, true);
string newId = Guid.NewGuid().ToString();
string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()));
LoginSessionsModel newSession = new LoginSessionsModel()
{
Id = newId,
Key = newKey,
Status = 3,
Users = session.Users,
DateCreation = DateTime.UtcNow,
SessionDate = session.SessionDate
};
session.Status = 6;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = newId;
SessionCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = newKey;
SessionKeyCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionKeyCookie);
_db.LoginSessions.Add(newSession);
_db.SaveChanges();
}
else
{
RedirectToAction("Login", "Identity");
}
}
catch (NullReferenceException e)
{
RedirectToAction("Login", "Identity");
}
var loginSession = _db.LoginSessions
.Where(e => e.Id == Id)
.FirstOrDefault();
if (loginSession.SessionDate.AddMinutes(30) < DateTime.UtcNow)
{
loginSession.Status = 6;
_db.SaveChanges();
return(RedirectToAction("Index", "Home", new { status = 12 }));
}
else
{
var user = _db.Users
.Where(e => e.Id == userId)
.FirstOrDefault();
string proceedKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Random random = new Random();
int randomInt = random.Next(999);
while (randomInt < 100)
{
randomInt = random.Next(999);
}
string sessionCode = randomInt.ToString();
if (loginSession.Status == 1)
{
loginSession.Status = 2;
loginSession.Users = user;
loginSession.QRKey = proceedKey;
loginSession.SessionCode = sessionCode;
loginSession.SessionDate = DateTime.UtcNow.AddSeconds(30);
_db.SaveChanges();
}
ViewBag.SessionId = Id;
ViewBag.ProceedKey = proceedKey;
ViewBag.SessionCode = sessionCode;
return(View());
}
}
public int CreateNewStep(StepCreationInputModel model)
{
if (model.Url == null)
{
return(1);
}
else if (model.Method != 1 && model.Method != 2)
{
return(2);
}
else if (model.Priority != 1 && model.Priority != 2)
{
return(3);
}
else
{
ObserverDbContext _db = new ObserverDbContext();
ObservesModel observesModel = _db.Observes
.Where(e => e.Id == model.ObserveId)
.FirstOrDefault();
PCMethodsModel pcMethodsModel = _db.PCMethods
.Where(e => e.Id == model.ContentMethod.ToString())
.FirstOrDefault();
byte[] encrypt = null;
byte[] encryptSecret = null;
string encrypted = null;
string encryptedSecret = null;
if (model.PC2 != null)
{
byte[] secretKey = Convert.FromBase64String(_db._AESSecretKeyS);
using (AesManaged myAes = new AesManaged())
{
encrypt = EncryptionAlgorithmServiceManager.EncryptStringToBytes_Aes(model.PC2, secretKey, myAes.IV);
encryptSecret = myAes.IV;
}
}
if (encrypt != null)
{
encrypted = Convert.ToBase64String(encrypt);
encryptedSecret = Convert.ToBase64String(encryptSecret);
}
StepsModel stepsModel = new StepsModel()
{
Id = Guid.NewGuid().ToString(),
Url = model.Url,
Method = model.Method,
SetHeader = model.Header,
Deleted = false,
PredefinedHeader = model.PredefinedHeader,
PC_Method = pcMethodsModel,
PC1 = model.PC1,
PC2 = encrypted,
PC2Secret = encryptedSecret
};
int numStep = StepServiceManager.GetStepListByObserveId(model.ObserveId).Count();
if (numStep == 0)
{
if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 1, model.ObserveId))
{
return(4);
}
else
{
return(5);
}
}
else
{
if (model.Priority == 1)
{
if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 2, model.ObserveId))
{
return(4);
}
else
{
return(5);
}
}
if (model.Priority == 2)
{
if (StepServiceManager.CreateStep(User.Identity.GetUserId(), stepsModel, 3, model.ObserveId))
{
return(4);
}
else
{
return(5);
}
}
return(4);
}
}
}