public override MembershipUser CheckedCreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
if (password.Length < MinRequiredPasswordLength)
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword);
}
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true);
OnValidatingPassword(args);
if (args.Cancel)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
var user = new User();
user.Username = username;
password = password.Trim();
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(password, user.PasswordSalt);
user.Email = email;
user.ApplicationName = this.ApplicationName;
user.DateCreated = DateTime.Now;
using (var session = this.DocumentStore.OpenSession())
{
session.Advanced.UseOptimisticConcurrency = true;
try
{
session.Store(user);
session.Store(new ReservationForUniqueFieldValue {
Id = "username/" + user.Username
});
session.Store(new ReservationForUniqueFieldValue {
Id = "email/" + user.Email
});
session.SaveChanges();
status = MembershipCreateStatus.Success;
return(new MembershipUser(_providerName, username, user.Id, email, null, null, true, false, user.DateCreated,
new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1)));
}
catch (ConcurrencyException e)
{
status = InterpretConcurrencyException(user.Username, user.Email, e);
}
catch (Exception ex)
{
// TODO: log exception properly
Console.WriteLine(ex.ToString());
status = MembershipCreateStatus.ProviderError;
}
}
return(null);
}
public async Task <IActionResult> Post(UserRegistrationModel registrationModel)
{
if (string.IsNullOrWhiteSpace(registrationModel.Username) || string.IsNullOrWhiteSpace(registrationModel.Password))
{
return(BadRequest());
}
var alreadyExist = await _context.Users.AnyAsync(u => u.UserName.Equals(registrationModel.Username));
if (alreadyExist)
{
return(BadRequest());
}
await _context.Users.AddAsync(new UserEntity
{
Guid = Guid.NewGuid(),
UserName = registrationModel.Username,
PasswordHash = PasswordUtil.HashPassword(registrationModel.Password),
Role = Role.Customer,
Email = registrationModel.Email
});
await _context.SaveChangesAsync();
return(Ok());
}
public override string ResetPassword(string username, string answer)
{
using (var session = this.DocumentStore.OpenSession())
{
try
{
var q = from u in session.Query <User>()
where u.Username == username && u.ApplicationName == this.ApplicationName
select u;
var user = q.SingleOrDefault();
if (user == null)
{
throw new Exception("The user to reset the password for could not be found.");
}
var newPassword = Membership.GeneratePassword(8, 2);
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt);
session.SaveChanges();
return(newPassword);
}
catch (Exception ex)
{
// TODO: log exception properly
Console.WriteLine(ex.ToString());
throw;
}
}
}
/// <summary>
/// Encode the password //Chris Pels
/// </summary>
/// <param name="password"></param>
/// <param name="salt"></param>
/// <returns></returns>
private string EncodePassword(string password, string salt)
{
string encodedPassword = password;
switch (_passwordFormat)
{
case MembershipPasswordFormat.Clear:
break;
case MembershipPasswordFormat.Encrypted:
encodedPassword =
Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
break;
case MembershipPasswordFormat.Hashed:
if (string.IsNullOrEmpty(salt))
{
throw new ProviderException("A random salt is required with hashed passwords.");
}
encodedPassword = PasswordUtil.HashPassword(password, salt, _hashAlgorithm, _validationKey);
break;
default:
throw new ProviderException("Unsupported password format.");
}
return(encodedPassword);
}
public void CreatedUser_should_have_hashed_password_and_password_answer()
{
//Arrange
User fakeU = CreateUserFake();
NameValueCollection nvc = CreateConfigFake();
nvc["passwordFormat"] = "Hashed";
_provider.Initialize(fakeU.ApplicationName, nvc);
MembershipCreateStatus status;
//Act
var membershipUser = _provider.CreateUser(fakeU.Username, fakeU.PasswordHash,
fakeU.Email, fakeU.PasswordQuestion, fakeU.PasswordAnswer,
fakeU.IsApproved, null, out status);
User createdUser;
using (var session = RavenDBMembershipProvider.DocumentStore.OpenSession())
{
createdUser = session.Load <User>(membershipUser.ProviderUserKey.ToString());
}
string expected = PasswordUtil.HashPassword(fakeU.PasswordHash, createdUser.PasswordSalt, "HMACSHA256", _validationKey);
string expectedAnswer = PasswordUtil.HashPassword(fakeU.PasswordAnswer, createdUser.PasswordSalt, "HMACSHA256", _validationKey);
//Assert
Assert.AreEqual(expected, createdUser.PasswordHash);
Assert.AreEqual(expectedAnswer, createdUser.PasswordAnswer);
}
public ActionResult Login(Aspuser user)
{
var usernew = Connect.sp_checkData(user.Username.ToString(), PasswordUtil.HashPassword(user.Password));
foreach (DataRow row in usernew.Rows)
{
FormsAuthentication.SetAuthCookie(row["MaSV"] + "|" + row["HoTenSV"] + "|" + row["Malop"] + "|" + row["NgaySinh"] + "|" + row["MatKhau"], true);
}
return(Redirect("/"));
}
private bool Validate(string user, string pass)
{
pass = HashIt("123456789a");
var newpass = PasswordUtil.HashPassword(pass);
var newpass1 = PasswordUtil.AQDecoding(pass);
var newpass2 = PasswordUtil.AQEncoding(pass);
const bool flag = false;
return(flag);
}
public void TestHashingPassword()
{
// Arrange
String salt = "IJKLMNOP";
String clearTextPassword = "******";
String expectedHash = "040942AA8AF939B60A4156FEC8620C7EDDA287BBF1AEC7E6DD06270D81837B9D";
// Act
var hashedPassword = PasswordUtil.HashPassword(salt, clearTextPassword);
// Assert
Assert.Equal(expectedHash, hashedPassword);
}
internal bool HasPasswordBeenUsedBefore(String username, String newPassword)
{
List <PasswordHistory> historicalPasswords = this.GetHistoricalPasswords(username);
foreach (var oldPassword in historicalPasswords)
{
var hashedPassword = PasswordUtil.HashPassword(oldPassword.Salt, newPassword);
if (hashedPassword == oldPassword.PasswordHash)
{
return(true);
}
}
return(false);
}
public override bool CheckedChangePassword(string username, string oldPassword, string newPassword)
{
using (var session = this.DocumentStore.OpenSession())
{
var q = from u in session.Query <User>()
where u.Username == username && u.ApplicationName == this.ApplicationName
select u;
var user = q.SingleOrDefault();
if (user == null || user.PasswordHash != PasswordUtil.HashPassword(oldPassword, user.PasswordSalt))
{
throw new MembershipPasswordException("Invalid username or old password.");
}
user.PasswordSalt = PasswordUtil.CreateRandomSalt();
user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt);
session.SaveChanges();
}
return(true);
}
public override bool CheckPassword(string username, string password, bool updateLastLogin)
{
username = username.Trim();
password = password.Trim();
using (var session = this.DocumentStore.OpenSession())
{
var q = from u in session.Query <User>().Customize(c => c.WaitForNonStaleResultsAsOfNow())
where u.Username == username && u.ApplicationName == this.ApplicationName
select u;
var user = q.SingleOrDefault();
if (user != null && user.PasswordHash == PasswordUtil.HashPassword(password, user.PasswordSalt))
{
if (updateLastLogin)
{
user.DateLastLogin = DateTime.Now;
}
session.SaveChanges();
return(true);
}
}
return(false);
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
modelBuilder.Entity <UserEntity>(builder =>
{
builder.HasKey(user => user.Guid);
builder.HasMany(user => user.UserDeviceLogins)
.WithOne(login => login.User)
.HasForeignKey(login => login.UserId)
.IsRequired();
builder.Property(user => user.Email).IsRequired(false);
builder.HasIndex(user => user.UserName).IsUnique();
builder.Property(user => user.Role)
.IsRequired()
.HasConversion(new EnumToStringConverter <Role>());
builder.HasData(new UserEntity
{
Guid = Guid.NewGuid(),
UserName = "******",
PasswordHash = PasswordUtil.HashPassword("admin"),
Role = Role.Administrator
});
});
modelBuilder.Entity <ProductClassAttributeValueEntity>(builder =>
{
builder.HasKey(value => value.Guid);
builder.HasIndex(e => new { e.ProductId, e.ProductClassAttributeId }).IsUnique();
builder.HasOne(value => value.Product)
.WithMany(product => product.ProductClassAttributeValues)
.HasForeignKey(value => value.ProductId);
builder.HasOne(value => value.ProductClassAttribute)
.WithMany(classAttribute => classAttribute.AttributeValues)
.HasForeignKey(value => value.ProductClassAttributeId);
});
modelBuilder.Entity <ProductClassAttributeEntity>(builder =>
{
builder.HasKey(value => value.Guid);
builder.HasIndex(e => new { e.Name, e.AssociatedClassId }).IsUnique();
builder.HasOne(pca => pca.AssociatedClass)
.WithMany(pc => pc.ProductClassAttributes)
.HasForeignKey(attribute => attribute.AssociatedClassId);
builder.HasMany(pca => pca.AttributeValues)
.WithOne(attributeValue => attributeValue.ProductClassAttribute)
.HasForeignKey(attribute => attribute.ProductClassAttributeId);
builder.Property(attribute => attribute.Mandatory).IsRequired().HasDefaultValue(false);
builder.Property(attribute => attribute.ValueDataType).IsRequired().HasDefaultValue(ValueDataType.Text);
});
modelBuilder.Entity <ProductClassEntity>(builder => { builder.HasKey(value => value.Name); });
modelBuilder.Entity <ProductEntity>(builder => { builder.HasKey(value => value.Guid); });
modelBuilder.Entity <MeasureUnitEntity>(builder =>
{
builder.HasKey(value => value.Guid);
builder.Property(unit => unit.Name).IsRequired();
builder.Property(unit => unit.ShortName).IsRequired();
});
modelBuilder.Entity <MeasureUnitConversionEntity>(builder =>
{
builder.HasKey(value => new { value.FromId, value.ToId });
builder.HasOne(value => value.From)
.WithMany(unit => unit.Conversions)
.HasForeignKey(value => value.FromId);
});
modelBuilder.Entity <ValueChangeRequestEntity>(builder =>
{
builder.HasKey(value => value.Guid);
builder.HasOne(value => value.Sender)
.WithMany(user => user.ChangeRequests)
.HasForeignKey(value => value.SenderId);
builder.HasOne(value => value.AttributeValue)
.WithMany(value => value.ChangeRequests)
.HasForeignKey(request => request.ProductClassAttributeValueId);
});
modelBuilder.Entity <ProductProductClassEntity>(builder =>
{
builder.HasKey(ppc => new { ppc.ProductId, ppc.ProductClassId });
builder.HasOne(ppc => ppc.Product)
.WithMany(product => product.ProductProductClasses)
.HasForeignKey(ppc => ppc.ProductId);
builder.HasOne(ppc => ppc.ProductClass)
.WithMany(pc => pc.ProductProductClasses)
.HasForeignKey(ppc => ppc.ProductClassId);
});
modelBuilder.Entity <SellerEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasMany(seller => seller.Products)
.WithOne(product => product.Seller)
.HasForeignKey(product => product.SellerId)
.IsRequired(false);
builder.HasOne(entity => entity.Address)
.WithOne()
.HasForeignKey <SellerEntity>(entity => entity.AddressId)
.IsRequired();
builder.HasMany(entity => entity.Users)
.WithOne(entity => entity.Seller)
.HasForeignKey(user => user.SellerId);
builder.Property(entity => entity.SellerName).IsRequired();
});
modelBuilder.Entity <OrderEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasOne(entity => entity.Customer)
.WithMany(user => user.Orders)
.HasForeignKey(entity => entity.CustomerId)
.IsRequired();
builder.HasOne(entity => entity.Product)
.WithMany(product => product.Orders)
.HasForeignKey(entity => entity.ProductId)
.IsRequired();
builder.HasOne(entity => entity.Address)
.WithOne()
.HasForeignKey <OrderEntity>(order => order.AddressId);
builder.HasMany(entity => entity.Modifiers)
.WithOne(modifier => modifier.Order)
.HasForeignKey(modifier => modifier.OrderId);
builder.Property(entity => entity.Quantity).IsRequired();
});
modelBuilder.Entity <OrderTransactionEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasOne(entity => entity.Order)
.WithMany(order => order.Transactions)
.HasForeignKey(entity => entity.OrderId);
builder.HasOne(entity => entity.Currency)
.WithMany()
.HasForeignKey(entity => entity.CurrencyId);
});
modelBuilder.Entity <BillModifierEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasDiscriminator();
});
modelBuilder.Entity <SellerBillModifierEntity>(builder =>
{
builder.HasOne(entity => entity.Product)
.WithOne(product => product.Discount)
.HasForeignKey <SellerBillModifierEntity>(entity => entity.ProductId);
builder.HasOne(entity => entity.Seller)
.WithMany(seller => seller.Discounts)
.HasForeignKey(entity => entity.OwnerId);
});
modelBuilder.Entity <UserBillModifierEntity>(builder =>
{
builder.HasOne(entity => entity.User)
.WithMany(seller => seller.Discounts)
.HasForeignKey(entity => entity.OwnerId);
});
modelBuilder.Entity <BillModifierEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasDiscriminator();
});
modelBuilder.Entity <CurrencyEntity>(builder =>
{
builder.HasKey(entity => entity.Guid);
builder.HasData(new CurrencyEntity
{
Guid = Guid.NewGuid(),
Abbreviation = "USD",
CountryCode = "840",
CurrencySign = "$",
Name = "United States Dollar"
});
});
modelBuilder.Entity <AddressEntity>().HasKey(entity => entity.Guid);
modelBuilder.Entity <OrderToBillModifier>().HasKey(entity => new { entity.OrderId, entity.BillModifierId });
modelBuilder.Entity <UserDeviceLoginEntity>(builder =>
builder.HasKey(userDeviceLogin => userDeviceLogin.Guid));
}
