Validate(string user, string password)
{
try
{
var requestUser = GetByUser(user);
if (requestUser.Result.Equals(Response.Results.notSuccess))
{
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.notSuccess, Message = "Invalid User or Password."
});
}
else if (!requestUser.Data.Password.Equals(HashHL.SHA256Of(password + requestUser.Data.PasswordSalt)))
{
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.notSuccess, Message = "Invalid User or Password."
});
}
else
{
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.success, Message = "The User is valid."
});
}
}
catch (Exception ex)
{
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.error, Message = ex.Message
});
}
}
Create(DTO.UsersDTO user)
{
try
{
var result = GetByUser(user.User);
if (result.Result == Asteri.Lib.DTO.Response.Results.success)
{
return(new Response <DTO.UsersDTO> {
Result = Asteri.Lib.DTO.Response.Results.notSuccess, Message = "User already Exists"
});
}
else
{
user.PasswordSalt = Guid.NewGuid().ToString();
user.Password = HashHL.SHA256Of(user.Password + user.PasswordSalt);
usersDL.Insert(user);
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.success, Message = "User Created", Data = user
});
}
}
catch (Exception ex)
{
return(new Response <DTO.UsersDTO>()
{
Result = Response.Results.error, Message = ex.Message
});
}
}
public Envelope <dynamic> Create(dynamic data, UsuariosDS usuariosDS)
{
try
{
var result = usuariosDS.GetByUsuario(data);
if (result.Result == "ok")
{
return(new Envelope <dynamic> {
Result = "notSuccess", Message = "El Usuario ya Existe"
});
}
else
{
dynamic data2 = JsonConvert.DeserializeObject("{}");
data2.Nombre = data.Nombre;
data2.Apellidos = data.Apellidos;
data2.Email = data.Email;
data2.Usuario = data.Usuario.ToString().ToLower();
data2.PasswordSalt = Guid.NewGuid().ToString();
data2.Password = HashHL.SHA256Of($"{data2.Usuario}123{data2.PasswordSalt}");
data2.IsActive = true;
var response = usuariosDS.Insert(data2);
return(response);
}
}
catch (Exception ex)
{
return(new Envelope <dynamic>()
{
Result = "error", Message = ex.Message
});
}
}
public Envelope <dynamic> CambiarPass(dynamic data, UsuariosDS usuariosDS)
{
try
{
string usuario = data.AuthUser;
string password = data.previoPassword;
string options = $" WHERE Usuario = '{usuario}' ";
var requestUser = usuariosDS.GetDataSet(fields: "[iUsuario],[Usuario],[Password],[PasswordSalt]", options: options);
if (requestUser.Result != "ok")
{
return(new Envelope <dynamic>()
{
Result = "notSuccess", Message = "User not found"
});
}
var dataSet = requestUser.Data.FirstOrDefault();
if (HashHL.SHA256Of($"{usuario}{password}{dataSet.PasswordSalt}") != dataSet.Password &&
dataSet.Password != password)
{
return(new Envelope <dynamic>()
{
Result = "notSuccess", Message = "Wrong passord"
});
}
else
{
dynamic data2 = JsonConvert.DeserializeObject("{}");
data2.id = dataSet.iUsuario;
data2.PasswordSalt = Guid.NewGuid().ToString();;
data2.Password = HashHL.SHA256Of($"{usuario}{data.nuevoPassword}{data2.PasswordSalt}");;
var updateResponse = usuariosDS.Update(data2);
return(updateResponse);
}
}
catch (Exception ex)
{
return(new Envelope <dynamic>()
{
Result = "error", Message = ex.Message
});
}
}
public Envelope <dynamic> Login(dynamic data, UsuariosDS usuariosDS)
{
string usuario = data.Usuario;
string password = data.Password;
var response = usuariosDS.GetByUsuario(new { Usuario = usuario.ToLower() });
if (response.Result == "empty")
{
return(new Envelope <dynamic>()
{
Result = "notSuccess", Message = "Usuario o Password no encontrado"
});
}
var dataSet = response.Data.FirstOrDefault();
if (HashHL.SHA256Of($"{usuario}{password}{dataSet.PasswordSalt}") != dataSet.Password &&
dataSet.Password != password)
{
return(new Envelope <dynamic>()
{
Result = "notSuccess", Message = "Usuario o Password no encontrado"
});
}
else
{
var signingKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(plainTextSecurityKey));
var signingCredentials = new SigningCredentials(signingKey,
SecurityAlgorithms.HmacSha256Signature);
var x = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, usuario),
new Claim(ClaimTypes.Name, dataSet.Nombre),
new Claim(ClaimTypes.Surname, dataSet.Apellidos)
};
var claimsIdentity = new ClaimsIdentity(x, "Custom");
var securityTokenDescriptor = new SecurityTokenDescriptor()
{
Audience = "http://localhost:61101",
Issuer = "http://localhost:61101",
Subject = claimsIdentity,
Expires = DateTime.Now.AddHours(12),
SigningCredentials = signingCredentials,
};
var tokenHandler = new JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(securityTokenDescriptor);
var signedAndEncodedToken = tokenHandler.WriteToken(plainToken);
dynamic dataReturn = new { Token = signedAndEncodedToken,
Usuario = usuario,
dataSet.Nombre,
dataSet.Apellidos,
dataSet.Email };
return(new Envelope <dynamic>()
{
Result = "ok", Data = dataReturn
});
}
}