public async Task <UserDetailsViewModel> Create(UserCreateViewModel userViewModel)
{
var user = new Users()
{
Id = Guid.NewGuid(),
Name = userViewModel.Name,
Surname = userViewModel.Surname,
Email = userViewModel.Email,
Password = _cryptoService.ComputeHash(userViewModel.Password)
};
return(_mapper.Map <UserDetailsViewModel>(await _usersRepository.Add(user)));
}
public bool TryAuthentifcate(Credentials credentials, out Model.UserIdentity identity)
{
identity = null;
using (var database = DatabaseFactory.GetDatabase())
{
User user = database.Query <User>().FirstOrDefault(x => x.Name == credentials.UserName);
// Check if there is a User:
if (user == null)
{
return(false);
}
// Make sure the Hashed Passwords match:
if (user.PasswordHash != cryptoService.ComputeHash(credentials.Password, user.PasswordSalt))
{
return(false);
}
// We got a User, now obtain his claims from DB:
IList <Claim> claims = database.Fetch <Claim>(@"
select c.*
from auth.user u
inner join auth.user_claim uc on u.user_id = uc.user_id
inner join auth.claim c on uc.claim_id = c.claim_id
where u.user_id = @0", user.Id);
// And return the UserIdentity:
identity = Convert(user, claims);
return(true);
}
}
public bool TryAuthentifcate(AuthenticateUserRequest request, out IUserIdentity identity)
{
using (var database = DatabaseFactory.GetDatabase())
{
identity = null;
User user = database.Query <User>().FirstOrDefault(x => x.Name == request.UserName);
if (user == null)
{
return(false);
}
if (user.PasswordHash != cryptoService.ComputeHash(request.Password, user.PasswordSalt))
{
return(false);
}
IList <string> claims = database.Fetch <string>(@"
select c.*
from auth.user u
inner join auth.user_claim uc on u.user_id = uc.user_id
inner join auth.claim c on uc.claim_id = c.claim_id
where u.user_id = @0", user.Id);
identity = new DefaultUserIdentity(user.Name, claims);
return(true);
}
}
public virtual void SetPassword(ICryptoService cryptoService, string password)
{
Guard.AgainstNull(() => cryptoService);
Guard.AgainstNullOrWhiteSpaceString(() => password);
this.PasswordSalt = cryptoService.GenerateSalt(password);
this.PasswordHash = cryptoService.ComputeHash(this.PasswordSalt, password);
}
public static string ComputeHash(this ICryptoService cryptoService, string data, string salt)
{
byte[] dataBytes = Encoding.UTF8.GetBytes(data);
byte[] saltBytes = Convert.FromBase64String(salt);
byte[] hashBytes = cryptoService.ComputeHash(dataBytes, saltBytes);
return(Convert.ToBase64String(hashBytes));
}
private byte[] ComputeHash(UserEM user, string password)
{
return(cryptoService.ComputeHash(cryptoService.Xor(user.GetIdentityBytes(password), user.Salt)));
}
public bool TryAuthenticate(Credentials credentials, out UserIdentity identity)
{
identity = null;
CHXUser user = new CHXUser()
{
Name = "netcad", PasswordSalt = "zTCzpgHUJKQQbE8hXg==", PasswordHash = "VErPokc5xJBc58FT4vVXcF+GA+tuO0Pbxfp3nsXcRv1IZGGTe8Ge4iOaMulzOr8hQ6AH2cUwGamXeBUSCQA+jA=="
};
// Check if there is a User:
if (credentials.UserName != user.Name)
{
return(false);
}
// Make sure the Hashed Passwords match:
if (user.PasswordHash != cryptoService.ComputeHash(credentials.Password, user.PasswordSalt))
{
return(false);
}
// We got a User, now obtain his claims from DB:
IList <Claim> claims = new List <Claim>()
{
};
claims.Add(new Claim()
{
Type = "basic", Value = "true", Id = 0
});
claims.Add(new Claim()
{
Type = "data", Value = "true", Id = 1
});
claims.Add(new Claim()
{
Type = "data.getalltables", Value = "true", Id = 2
});
claims.Add(new Claim()
{
Type = "data.getallviews", Value = "true", Id = 3
});
claims.Add(new Claim()
{
Type = "data.getallsequences", Value = "true", Id = 4
});
claims.Add(new Claim()
{
Type = "data.getallindexes", Value = "true", Id = 5
});
claims.Add(new Claim()
{
Type = "data.getallconstraints", Value = "true", Id = 6
});
claims.Add(new Claim()
{
Type = "data.gettable", Value = "true", Id = 7
});
claims.Add(new Claim()
{
Type = "data.getview", Value = "true", Id = 8
});
claims.Add(new Claim()
{
Type = "data.getconstraint", Value = "true", Id = 9
});
claims.Add(new Claim()
{
Type = "data.getindex", Value = "true", Id = 10
});
claims.Add(new Claim()
{
Type = "data.getsequence", Value = "true", Id = 11
});
claims.Add(new Claim()
{
Type = "settings", Value = "true", Id = 11
});
claims.Add(new Claim()
{
Type = "settings.adddatabase", Value = "true", Id = 11
});
claims.Add(new Claim()
{
Type = "settings.getalldatabase", Value = "true", Id = 12
});
claims.Add(new Claim()
{
Type = "settings.deletedatabase", Value = "true", Id = 13
});
claims.Add(new Claim()
{
Type = "model", Value = "true", Id = 14
});
claims.Add(new Claim()
{
Type = "model.query", Value = "true", Id = 15
});
claims.Add(new Claim()
{
Type = "model.add", Value = "true", Id = 16
});
claims.Add(new Claim()
{
Type = "model.delete", Value = "true", Id = 17
});
// And return the UserIdentity:
identity = Convert(user, claims);
return(true);
}