public AccountAuthenticationRequest(string accountName, string password) { WriteShort(1); // Packet id. WriteDouble(VersionConfigurations.CLIENT_VERSION); WriteString(accountName); WriteString(SHA256Generator.Calculate(password)); }
public ActionResult Login(LoginModel loginModel) { if (ModelState.IsValid) { try { var senhaEncriptada = SHA256Generator.GetHash(loginModel.Senha); var usuario = Context.Pessoas.FirstOrDefault(p => p.Usuario == loginModel.Usuario && p.Senha == senhaEncriptada); if (usuario != null) { FormsAuthentication.SetAuthCookie(loginModel.Usuario, loginModel.Lembrar); } else { ModelState.AddModelError("", "Usuário ou senha inválidos"); return(View(loginModel)); } return(RedirectToAction("Index", "Home")); } catch { return(View()); } } return(View(loginModel)); }
private void BtnGenerate_Click(object sender, RoutedEventArgs e) { Code = tbxCode.Text; try { if (File.Exists(Filepath)) //Datei löschen, wenn Sie bereits exisitert { File.Delete(Filepath); } TextWriter file = new StreamWriter(Filepath, true); key = SHA256Generator.CreateSHA256(Code); file.WriteLine(key); file.WriteLine(""); file.Close(); MessageBox.Show("Datei auf dem Desktop erstellt", "Erstellt", MessageBoxButton.OK, MessageBoxImage.Information); } catch (Exception ex) { MessageBox.Show("Fehler: " + ex.Message, "Exception", MessageBoxButton.OK, MessageBoxImage.Error); } }
public ActionResult Cadastro(CadastroModel loginModel) { ViewBag.Estabelecimentos = new SelectList(Context.Estabelecimentos.ToList(), "Id", "Nome"); loginModel.TipoUsuario = GetTipoUsuario(); if (loginModel.Tipo == TipoPessoa.Vendedor && loginModel.EstabelecimentoId.GetValueOrDefault(0) == 0) { ModelState.AddModelError("EstabelecimentoId", "O campo Estabelecimento é obrigatório"); } if (ModelState.IsValid) { try { var pessoa = new Pessoa() { //Se tipo for diferente de null, então recebe tipo, se não tipo é cliente Tipo = loginModel.Tipo.HasValue ? loginModel.Tipo.Value : TipoPessoa.Cliente, Nome = loginModel.Nome, Senha = SHA256Generator.GetHash(loginModel.Senha), Usuario = loginModel.Email, EstabelecimentoId = loginModel.EstabelecimentoId }; Context.Pessoas.Add(pessoa); var result = Context.SaveChanges() > 0; if (!User.Identity.IsAuthenticated) { FormsAuthentication.SetAuthCookie(loginModel.Email, false); return(RedirectToAction("Index", "Home")); } else { return(RedirectToAction("Usuarios")); } } catch (DbUpdateException) { ModelState.AddModelError("", "E-mail já cadastrado"); loginModel.Email = ""; return(View(loginModel)); } catch (Exception) { ModelState.AddModelError("", "Não foi possível salvar o cadastro"); return(View(loginModel)); } } return(View(loginModel)); }
public override void OnAuthorization(HttpActionContext actionContext) { base.OnAuthorization(actionContext); var corrID = HttpHelper.GetHeaderValue(Headers.X_VOL_CORRELATION, actionContext.Request.Headers); _logger.Info(String.Format("{0} - Validating Capability Request", corrID)); var content = actionContext.Request.Content.ReadAsStringAsync().Result; var apiContext = new ApiContext(actionContext.Request.Headers); var requestDate = DateTime.Parse(apiContext.Date, null, DateTimeStyles.AssumeUniversal).ToUniversalTime(); var currentDate = DateTime.UtcNow; var diff = (currentDate - requestDate).TotalSeconds; var hash = SHA256Generator.GetHash(AppAuthenticator.Instance.AppAuthInfo.SharedSecret, apiContext.Date, content); if (hash == apiContext.HMACSha256 && diff <= MozuConfig.CapabilityTimeoutInSeconds) { return; } _logger.Debug(String.Format("{0} Unauthorized access : Header Hash - {1}, Computed Hash - {2}, Request Date - {3}", corrID, apiContext.HMACSha256, hash, apiContext.Date)); actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); }
protected override void Seed(Bonificacao.Data.BonificacaoContext context) { if (!context.Pessoas.Any()) { context.Pessoas.Add( new Pessoa() { Usuario = "*****@*****.**", Nome = "Anyelle", Senha = SHA256Generator.GetHash("123456@"), Tipo = TipoPessoa.Administrador }); } if (!context.Configuracoes.Any()) { context.Configuracoes.Add(new Configuracao() { BonusPorLitro = 0.02M, NivelBonificacao = 2 }); } }
public AccountAuthenticationRequest(string accountName, string password) { WriteShort(1); // Packet id. WriteString(accountName); WriteString(SHA256Generator.Calculate(password)); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); if (!ConfigurationAuth.IsRequestValid(filterContext.HttpContext.Request)) { throw new SecurityException("Unauthorized"); } var request = filterContext.RequestContext.HttpContext.Request; var apiContext = new ApiContext(request.Headers); //try to load from headers if (apiContext.TenantId == 0) { //try to load from body apiContext = new ApiContext(request.Form); } if (apiContext.TenantId == 0) //if not found load from query string { var tenantId = request.QueryString.Get("tenantId"); if (String.IsNullOrEmpty(tenantId)) { filterContext.HttpContext.Response.StatusCode = 401; filterContext.HttpContext.Response.End(); } apiContext = new ApiContext(int.Parse(tenantId)); } var requestUri = filterContext.HttpContext.Request.Path.Split('/'); string path = "/" + requestUri[1] + "/" + apiContext.TenantId.ToString(); filterContext.HttpContext.Response.Cookies.Add(GetCookie("subNavLink", (String.IsNullOrEmpty(apiContext.UserId) ? "0" : "1"), path)); try { var tenantResource = new TenantResource(); var tenant = Task.Factory.StartNew(() => tenantResource.GetTenantAsync(apiContext.TenantId).Result, TaskCreationOptions.LongRunning).Result; } catch (ApiException exc) { _logger.Error(exc); filterContext.HttpContext.Response.StatusCode = 401; filterContext.HttpContext.Response.End(); } string cookieToken; string formToken; AntiForgery.GetTokens(null, out cookieToken, out formToken); filterContext.HttpContext.Response.Cookies.Add(GetCookie("formToken", HttpUtility.UrlEncode(formToken), path)); filterContext.HttpContext.Response.Cookies.Add(GetCookie("cookieToken", HttpUtility.UrlEncode(cookieToken), path)); filterContext.HttpContext.Response.Cookies.Add(GetCookie("tenantId", apiContext.TenantId.ToString(), path)); filterContext.HttpContext.Response.Cookies.Add(GetCookie(Headers.X_VOL_RETURN_URL, HttpUtility.UrlEncode(apiContext.ReturnUrl), path)); if (!string.IsNullOrEmpty(apiContext.UserId)) { filterContext.HttpContext.Response.Cookies.Add(GetCookie(Headers.USERID, apiContext.UserId, path)); } else { filterContext.HttpContext.Response.Cookies.Remove(Headers.USERID); } var hashString = string.Concat(apiContext.TenantId.ToString(), cookieToken, formToken); if (!string.IsNullOrEmpty(apiContext.UserId)) { _logger.Info("Adding userid to hash :" + apiContext.UserId); hashString = string.Concat(hashString, apiContext.UserId); } var hash = SHA256Generator.GetHash(string.Empty, hashString); _logger.Info("Computed Hash : " + hash); filterContext.HttpContext.Response.Cookies.Add(GetCookie("hash", HttpUtility.UrlEncode(hash), path)); }
private async void Process(Object workItemState) { //create http objects used to read request var request = _context.Request; var response = _context.Response; //get file path to use as comparison and determine when to take action on event //load headers into apicontext var apiContext = new ApiContext(request.Headers); //read request into stream var jsonRequest = string.Empty; request.InputStream.Position = 0; using (var inputStream = new StreamReader(request.InputStream)) { jsonRequest = inputStream.ReadToEnd(); } response.Clear(); response.ClearHeaders(); _log.Debug(String.Format("CorrelationId:{0},Headers : {1}", apiContext.CorrelationId, HttpHelper.GetAllheaders(request.Headers))); _log.Debug(String.Format("CorrelationId:{0},Processing event : {1}", apiContext.CorrelationId, jsonRequest)); var requestDate = DateTime.Parse(apiContext.Date, null, DateTimeStyles.AssumeUniversal).ToUniversalTime(); var currentDate = DateTime.UtcNow; _log.Info(String.Format("Current DateTime : {0}", currentDate)); _log.Info(String.Format("Request DateTime : {0}", requestDate)); var diff = (currentDate - requestDate).TotalSeconds; if (SHA256Generator.GetHash(AppAuthenticator.Instance.AppAuthInfo.SharedSecret, apiContext.Date, jsonRequest) != apiContext.HMACSha256 || diff > MozuConfig.EventTimeoutInSeconds) { _log.Error(String.Format("CorrelationId:{0},Could not validate security token , request header HMACSHA256 : {1}", apiContext.CorrelationId, apiContext.HMACSha256)); response.StatusCode = 403; } else { try { var eventPayload = JsonConvert.DeserializeObject <Event>(jsonRequest); if (string.IsNullOrEmpty(eventPayload.Id) && !String.IsNullOrEmpty(eventPayload.EventId)) { eventPayload.Id = Guid.Parse(eventPayload.EventId).ToString("N"); } var eventService = _eventServiceFactory.GetEventService(); if (string.IsNullOrEmpty(apiContext.CorrelationId)) { apiContext.CorrelationId = eventPayload.CorrelationId; } await eventService.ProcessEventAsync(apiContext, eventPayload); _log.Info(string.Format("CorrelationId:{0},Event processing done , EventId : {1}", apiContext.CorrelationId, eventPayload.Id)); response.StatusCode = 200; response.StatusDescription = "OK"; } catch (Exception exc) { response.StatusCode = 500; response.StatusDescription = "Event Process Error"; //response.StatusDescription = exc.Message; response.ContentType = _context.Request.ContentType; _log.Error(exc.Message, exc); //if (exc.InnerException != null) // response.Write(JsonConvert.SerializeObject(exc.InnerException)); //else dynamic jsonExc = new JObject(); jsonExc.message = exc.Message; //jsonExc.exc = exc; response.Write(JsonConvert.SerializeObject(jsonExc)); } } response.Flush(); _completed = true; _callback(this); }