/*
* // авторизация пользователя по логину и хешу пароля
* public String LoginUserMd5(String Login, String Password_md5)
* {
* Debug.Info("Call LoginUser Login ="******"Пользователь с таким логином и паролем не найден", TypeException.InvalidLoginOrPassword);
* }
* else
* {
* user.SessionKey = Guid.NewGuid();
* db.SaveChanges();
* return user.SessionKey.ToString();
* }
* }
* }*/
// авторизация пользователя по логину и паролю
public String LoginUser(String Login, String Password)
{
using (var db = new DataBase())
{
var user = db.Admins.Where(u => u.Login == Login).SingleOrDefault();
if (user == null)
{
throw new uniJudgeException("Пользователь с таким логином и паролем не найден", TypeException.InvalidLoginOrPassword);
}
else
{
// теперь сверим пароли
if (user.Password_SaltAndHash == HashMd5.getMd5Hash(Password + user.PasswordSalt))
{
if (user.AllowAccessToAdminPanel == false)
{
throw new uniJudgeException("Запрещен доступ к админ панели", TypeException.AccessDenided);
}
user.SessionKey = Guid.NewGuid();
db.SaveChanges();
return(user.SessionKey.ToString());
}
else
{
throw new uniJudgeException("Пользователь с таким логином и паролем не найден", TypeException.InvalidLoginOrPassword);
}
}
}
}
public JsonResult Login(string _Nombre, string _Contrasena)
{
var datosUsuario = new ObjetoUsuario();
SessionVariables.Session_Datos_Usuarios = null;
var validador = 0;
datosUsuario.Usuario = _Nombre;
datosUsuario.Contrasena = HashMd5.GetMD5(_Contrasena);
var resultado = Acceso.LoginUsuario(datosUsuario);
SessionVariables.Session_Datos_Usuarios = resultado;
if (resultado.Verificador != false)
{
validador = 2;
return(Json(validador));
}
else
{
return(Json(new RespuestaModel()
{
Verificador = false, Mensaje = "Error de Usuario y/o Contraseña"
}));
}
}
public HttpResponseMessage Register(Traveler traveler)
{
if (ModelState.IsValid)
{
var v = isExist(traveler.email);
if (v)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Email is exist"));
}
var s = SaltGenerate.saltStr(10);
traveler.salt = s;
traveler.password = HashMd5.CreateMD5(traveler.password, s);
traveler.ActivationCode = Guid.NewGuid();
traveler.IsEmailVerified = false;
traveler.Role_id = 1;
traveler.createdAt = DateTime.Now;
traveler.updatedAt = DateTime.Now;
db.Travelers.Add(traveler);
db.SaveChanges();
SendVerificationLinkEmail(traveler.email, traveler.ActivationCode.ToString());
return(Request.CreateResponse(HttpStatusCode.OK, traveler));
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
}
public HttpResponseMessage Login([FromBody] Traveler traveler)
{
using (db)
{
db.Configuration.ProxyCreationEnabled = false;
var v = db.Travelers.FirstOrDefault(a => a.email == traveler.email);
if (v != null)
{
if (string.Compare(HashMd5.CreateMD5(traveler.password, v.salt), v.password) == 0 && v.IsEmailVerified == true)
{
return(Request.CreateResponse(HttpStatusCode.OK, v));
}
else if (string.Compare(HashMd5.CreateMD5(traveler.password, v.salt), v.password) == 0 && v.IsEmailVerified == false)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
"Email does not active. Please active this email."));
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Password doesn't match"));
}
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Email does not exist"));
}
}
}
public static BigInteger ComputeS(byte[] msg, BigInteger D, BigInteger N)
{
HashMd5 hash = new HashMd5();
msg = hash.ComputeHash(msg);
BigInteger M = BigInteger.Abs(HashMd5.HashToBig(msg));
BigInteger S = BigInteger.ModPow(M, D, N);
return(S);
}
public static bool CheckECP(byte[] msg, BigInteger S, BigInteger N, BigInteger E)
{
BigInteger temp = BigInteger.ModPow(S, E, N);
HashMd5 hash = new HashMd5();
msg = hash.ComputeHash(msg);
BigInteger M = BigInteger.Abs(HashMd5.HashToBig(msg));
return(M == temp);
}
public int HashCode()
{
int prime = 31;
int result = 1;
result = prime * result + HashMd5.GetHashCode();
result = prime * result + CreateTime.GetHashCode();
return(result);
}
public void TestingMD5()
{
string secret = "SomeKey";
byte[] key = Encoding.UTF8.GetBytes(secret);
var hmac = new HashMd5();
OneTimePassword generator = new OneTimePassword(key, hmac);
String otp = generator.Generate("12345", 0);
Assert.IsNotNull(otp);
Assert.AreEqual(8, otp.Length);
Assert.AreEqual("29321840", otp);
}
public String CreateNewPasswordUseble(String SessionKey, int AdminId, string pass)
{
CheckSession(SessionKey);
using (var db = new DataBase())
{
var admin = db.Admins.Where(u => u.Id == AdminId).Single();
var newPass = pass.Length >= 6 ? pass : Guid.NewGuid().ToString().Substring(0, 13); // новый парль - это Guid в котором были взять первые 13 символов
admin.PasswordSalt = Guid.NewGuid().ToString();
admin.Password_SaltAndHash = HashMd5.getMd5Hash(newPass + admin.PasswordSalt);
db.SaveChanges();
return(newPass);
}
}
public String CreateNewUserPassword(String SessionKey, int UserId, String pass)
{
CheckSession(SessionKey);
using (var db = new DataBase())
{
var user = db.Users.Where(u => u.Id == UserId).Single();
var newPass = pass.Length >= 6 ? pass : Guid.NewGuid().ToString().Substring(0, 13); // новый парль - это Guid в котором были взять первые 13 символов
user.PasswordEncrypted = WCFServices.ServiceHelper.Crypt.Encrypt(newPass, Properties.Settings.Default.KeyForPasswordEncrypt);
user.PasswordSalt = Guid.NewGuid().ToString();
user.Password_SaltAndHash = HashMd5.getMd5Hash(newPass + user.PasswordSalt);
db.SaveChanges();
return(newPass);
}
}
private void btLogar_Click(object sender, EventArgs e)
{
try
{
UsuarioLoginAcoesDB usuarioAcoes = new UsuarioLoginAcoesDB();
if (txUsuario.Text == "" && txSenha.Text == "")
{
MessageBox.Show("Usuario e Senha devem ser preenchidos");
}
else if (txUsuario.Text == "")
{
MessageBox.Show("Usuario deve ser preenchido");
}
else if (txSenha.Text == "")
{
MessageBox.Show("Senha deve ser preenchida");
}
else
{
List <UsuarioModel> usruarios = usuarioAcoes.Select(txUsuario.Text, 0);
if (usruarios == null)
{
MessageBox.Show("Usuario não existe");
}
else if (usruarios[0].Senha != HashMd5.GerarMd5(txSenha.Text))
{
MessageBox.Show("Senha incorreta");
}
else
{
Session.Instance.UserID = usruarios[0].Id;
Main formMenu = new Main();
MessageBox.Show($"Bem vindo {usruarios[0].Nome}");
this.Hide();
formMenu.Show();
}
}
}
catch (Exception ex)
{
MessageBox.Show("Erro ao abrir tela de Menu, contade o desenvolvedor.");
RegistraLog.Log($"Erro no metodo de chamado da tela Main --- {ex}");
}
}
public string Insert(string usuario, string nome, string senha, string email, int privilegio)
{
if (usuario == null || senha == null || nome == null || email == null || privilegio == 0)
{
return("Todos os campos são obrigatórios");
}
if (Select(usuario, null, null, 0, 0, null, null, null, null, null) != null)
{
return("Usuario ja existente");
}
string senhaMd5 = HashMd5.GerarMd5(senha);
try
{
string query = $@"
INSERT
INTO usuario (
usuario,
senha,
nome,
email,
privilegio,
status,
data)
VALUES (
'{usuario}',
'{senhaMd5}',
'{nome}',
'{email}',
{privilegio},
true,
NOW())";
Connection.Sql(query);
return("Usuário cadastrado");
}
catch (Exception ex)
{
RegistraLog.Log($"Erro ao cadastrar Usuario -- {ex}");
return("Erro ao cadastrar Usuario, contate o desenvolvedor");
}
}
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("ta:clientAllowedOrigin");
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
string hashedTokenId = HashMd5.GetHash(context.Token);
using (AuthenticationRepository _repo = new AuthenticationRepository())
{
var refreshToken = await _repo.FindRefreshToken(hashedTokenId);
if (refreshToken != null)
{
//Get protectedTicket from refreshToken class
context.DeserializeTicket(refreshToken.ProtectedTicket);
var result = await _repo.RemoveRefreshTokenByID(hashedTokenId);
}
}
}
public List <UsuarioModel> login(UsuarioModel usuario)
{
try
{
var data = new DBConector().EjecutarProcedimientoAlmacenado("SP_Login", new System.Collections.Hashtable()
{
{ "pv_Usuario", usuario.NombreUsuario },
{ "pv_Contrasena", usuario.Contrasena },
{ "pv_ContrasenaMD5", HashMd5.GetMD5(usuario.Contrasena) },
});
return(UTIL.Mapper.BindDataList <UsuarioModel>(data));
}
catch (Exception e)
{
string error = e.ToString();
return(null);
}
}
public JsonResult Login(string nombre, string password)
{
var validador = 0;
var datosUsuarios = new ObjetoUsuario();
datosUsuarios.nombreUsuario = nombre;
datosUsuarios.passUsuario = password;
datosUsuarios.passUsuario = HashMd5.GetMD5(datosUsuarios.passUsuario);
var resultado = control().Login(datosUsuarios);
var result = contro
if ()
{
}
return(Json(new { Validador = validador }));
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
//Get the client ID from the Ticket properties
var clientid = context.Ticket.Properties.Dictionary["client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
//Generating a Uniqure Refresh Token ID
var refreshTokenId = Guid.NewGuid().ToString("n");
using (AuthenticationRepository _repo = new AuthenticationRepository())
{
// Getting the Refesh Token Life Time From the Owin Context
var refreshTokenLifeTime = context.OwinContext.Get <string>("ta:clientRefreshTokenLifeTime");
//Creating the Refresh Token object
var token = new RefreshToken()
{
//storing the RefreshTokenId in hash format
ID = HashMd5.GetHash(refreshTokenId),
ClientID = clientid,
UserName = context.Ticket.Identity.Name,
IssuedTime = DateTime.UtcNow,
ExpiredTime = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime))
};
//Setting the Issued and Expired time of the Refresh Token
context.Ticket.Properties.IssuedUtc = token.IssuedTime;
context.Ticket.Properties.ExpiresUtc = token.ExpiredTime;
token.ProtectedTicket = context.SerializeTicket();
var result = await _repo.AddRefreshToken(token);
if (result)
{
context.SetToken(refreshTokenId);
}
}
}
public string Upgrade(int id, string usuario, string nome, string senha, string email, int privilegio, int status)
{
try
{
string senhaMd5 = null;
bool statusResultado = status == 1 ? true : false;
if (senha != null)
{
senhaMd5 = HashMd5.GerarMd5(senha);
}
string query = $@"
UPDATE
usuario SET
usuario = '{usuario}'," ;
if (senhaMd5 != null)
{
query += $"senha = '{senhaMd5}',";
}
query += $@"
nome = '{nome}',
email = '{email}',
privilegio = {privilegio},
status = {statusResultado},
data = NOW()
WHERE id = {id} ";
Connection.Sql(query);
return("Inventario atualizado");
}
catch (Exception ex)
{
RegistraLog.Log($"Erro ao atualizar Usuario -- {ex}");
return("Erro ao atualizar Usuario, contate o desenvolvedor");
}
}
protected void RegisterUser_CreatedUser(object sender, EventArgs e)
{
Compte compte = new Compte();
//Récupérer informations saisies
String nom = this.TextBoxNom.Text;
String prenom = this.TextBoxPrenom.Text;
String email = this.Email.Text;
String login = this.UserName.Text;
String mdp = HashMd5.getMd5Hash(Password.Text);
try
{
compte.creerCompte(nom, prenom, email, login, mdp);
Response.Redirect("~/pages/Account/Login.aspx");
}
catch (Exception)
{
ErrorMessage.Text = "L'utilisateur n'a pas pu être créé";
}
}
protected void VerifierConnection_Click(object sender, EventArgs e)
{
Compte compte = new Compte();
if (compte.getPassword(UserName.Text, HashMd5.getMd5Hash(Password.Text)))
{
DataTable dt = compte.getInformationsPersonne(UserName.Text);
Session["connecte"] = "true";
Session["personnePrenom"] = dt.Rows[0].ItemArray.GetValue(1).ToString();
Session["personneNom"] = dt.Rows[0].ItemArray.GetValue(0).ToString();
Session["personneEmail"] = dt.Rows[0].ItemArray.GetValue(5).ToString();
Session["personneLogin"] = dt.Rows[0].ItemArray.GetValue(2).ToString();
Session["personneID"] = dt.Rows[0].ItemArray.GetValue(4).ToString();
Response.Redirect("~/");
}
else
{
FailureText.Text = "L'identification a échoué";
}
}
public JsonResult GrabaDatos(string rut, string pass, string nombreUsuario, string apellidoUsuario, int idPerfil, string email)
{
var usuario = new ObjetoUsuarios();
var validador = 0;
if (!string.IsNullOrEmpty(rut))
{
if (ValidaRut.DigitoVerificador(rut))
{
usuario.RutUsuario = rut;
usuario.Pass = HashMd5.GetMD5(pass);
usuario.NombreUsuario = string.Concat(nombreUsuario, " ", apellidoUsuario);
usuario.IdPerfil = idPerfil;
usuario.Email = email;
if (_control.GetVerificaUsuario(rut))
{
validador = 2;
}
else
{
if (_control.SetGrabaUsuario(usuario))
{
validador = 1;
}
}
}
else
{
validador = 3;
}
}
else
{
validador = 4;
}
//, JsonRequestBehavior.AllowGet --- solo si se usa metodo GET
return(Json(validador));
}
public IActionResult Index(ListFile model)
{
string token = HttpContext.Session.GetString("Session.Token");
string username = HttpContext.Session.GetString("Session.Username");
string password = HttpContext.Session.GetString("Session.Password");
if (string.IsNullOrEmpty(token) || string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
HttpContext.Session.Clear();
return(RedirectToAction("Login", "Accounts"));
}
TblUser u = new ApitemplatereportContext().TblUsers.Where(x => x.Username == username).FirstOrDefault();
var validatetoken = new RequestHelper(factory).PostRequest("api/Token/ValidateToken", token, u);
if (validatetoken.StatusCode == 200)
{
var us = JsonConvert.DeserializeObject <UserLogin>(validatetoken.Content.ToString());
string newPass = new HashMd5().CreateMD5Hash(us.Password);
if (newPass == password)
{
var response = new RequestHelper(factory).GetRequest("api/Files/GetAllFile", token);
if (response.StatusCode == 200)
{
model.FileList = JsonConvert.DeserializeObject <List <TblFileDetail> >(response.Content.ToString());
return(View(model));
}
else
{
HttpContext.Session.Clear();
return(RedirectToAction("Login", "Accounts"));
}
}
}
return(View(null));
}
public ActionResult Index(LoginViewModel model, string returnUrl)
{
string url = string.Empty;
try
{
var rutUsuario = ValidaRut.DigitoVerificador(model.Rut);
if (!ModelState.IsValid)
{
return(View(model));
}
else
{
if (ValidaRut.DigitoVerificador(model.Rut))
{
Log.Info(string.Format("Ingreso al sistema con los datos del usuario: {0} desde la IP: {1}", model.Rut, Request.UserHostAddress));
var resultado = login.Login(model.Rut, HashMd5.GetMD5(model.Password));
var datosUsuarios = new ObjetoLogin();
if (resultado.Count > 0)
{
for (var i = 0; i < resultado.Count; i++)
{
datosUsuarios.IdUsuario = resultado[i].IdUsuario;
datosUsuarios.Nombre = resultado[i].Nombre;
datosUsuarios.Email = resultado[i].Email;
datosUsuarios.Rut = resultado[i].Rut;
datosUsuarios.IdPerfil = resultado[i].IdPerfil;
datosUsuarios.AutorizaModificacion = resultado[i].AutorizaModificacion;
datosUsuarios.Activo = resultado[i].Activo;
}
url = "~/Home/Index";
Session["DatosUsuario"] = datosUsuarios;
switch (datosUsuarios.IdPerfil)
{
case 1:
HttpContext.Session["PermisoUsuario"] = "Administrador";
break;
case 2:
HttpContext.Session["PermisoUsuario"] = "Ingreso";
break;
case 3:
HttpContext.Session["PermisoUsuario"] = "Lectura";
break;
}
}
else
{
url = "~/Error/Index?error=901";
}
}
else
{
url = "~/Login/Index";
}
}
return(Redirect(Url.Content(url)));
}
catch (Exception ex)
{
throw (new CapturaExcepciones(ex));
}
}
