// POST api/register public HttpResponseMessage Post(AuthenticationModel value) { try { using (var ctx = new Entities()) { UserAccount ua = ctx.UserAccounts.Where(i => i.Email == value.Email).FirstOrDefault(); /* Check if user isn't registered yet. */ if (ua == null) { /* Create the new user and salt the password. */ ua = new UserAccount() { Email = value.Email, RegisterDate = DateTime.Now }; ua.Password = Authentication.MakePassword(ua, value.Password); ctx.UserAccounts.Add(ua); /* Save changes. */ if (ctx.SaveChanges() != 0) { Mail.SendRegisterTokenMail(ua); return new HttpResponseMessage(HttpStatusCode.Created); } else { return new HttpResponseMessage(HttpStatusCode.InternalServerError); } } return new HttpResponseMessage(HttpStatusCode.Conflict); } } catch { return new HttpResponseMessage(HttpStatusCode.InternalServerError); } }
public static string MakeToken(UserAccount user, string action, DateTime? expires = null) { if (expires == null) { expires = DateTime.UtcNow.AddDays(1); } string data = String.Format("UserId:{0},Email:{1},Action:{2},Expires:{3:yyyyMMddHHmmss}" , user.UserID, user.Email, action, expires); string token = Crypt.EncryptString(data); byte[] buf = Encoding.UTF8.GetBytes(token); token = String.Empty; buf.ToList().ForEach(i => token += i.ToString("X2")); return token; }
public TeamUser(UserAccount item) { this.Id = item.UserID; this.DisplayName = item.GetDisplayName(); }
private UserNameModel(UserAccount user) { this.UserID = user.UserID; this.DisplayName = user.GetDisplayName(); }
/// <summary> /// Creates a new ticket for a forms authentication cookie. /// </summary> /// <param name="user"></param> /// <param name="remember"></param> /// <returns></returns> private static string MakeAuthCookie(UserAccount user, bool remember) { AuthCookieModel data = new AuthCookieModel() { UserID = user.UserID, Email = user.Email, UserTheme = (user.UserProfile != null ? user.UserProfile.UserTheme : null), RememberMe = remember }; data.FullName = (user.UserProfile != null && user.UserProfile.FullName != null && user.UserProfile.FullName.Trim().Length != 0) ? user.UserProfile.FullName : user.Email.Substring(0, user.Email.IndexOf('@')); var json = new JavaScriptSerializer().Serialize(data); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, data.FullName, DateTime.Now, DateTime.Now.AddMinutes(240) , data.RememberMe, json, FormsAuthentication.FormsCookiePath); return FormsAuthentication.Encrypt(ticket); }
/// <summary> /// Validates the existing password of a given user. /// </summary> /// <param name="user"></param> /// <param name="password"></param> /// <returns></returns> public static bool ValidatePassword(UserAccount user, string password) { byte[] input = MakePassword(user, password); return input.CompareTo(user.Password); }
/// <summary> /// Make a salted password for the given user. /// </summary> /// <param name="user"></param> /// <param name="password"></param> /// <returns></returns> public static byte[] MakePassword(UserAccount user, string password) { string s = Salt; s = s.Replace("{Email}", user.Email); s = s.Replace("{Password}", password); using (SHA256 sha = new SHA256Managed()) { byte[] buf = Encoding.UTF8.GetBytes(s); return sha.ComputeHash(buf); } }
public static void SendRegisterTokenMail(UserAccount user) { string token = Mail.MakeToken(user, "REGISTER"); Dictionary<string, string> values = new Dictionary<string, string>(); values.Add("SetupLink", Mail.FullUrl("~/")); values.Add("LogoUrl", Mail.FullUrl("~/Content/logo_email.png")); values.Add("TokenLink", String.Format("{0}{1}", Mail.FullUrl("~/Account/Confirm?token="), token)); Mail.SendMail(user.Email, "Mail.ConfirmAccountCreation", values); }
public static void SendNewPasswordTokenMail(UserAccount user) { string token = Mail.MakeToken(user, "CHGPASS", DateTime.Now.AddHours(1)); Dictionary<string, string> values = new Dictionary<string, string>(); values.Add("SetupLink", Mail.FullUrl("~/")); values.Add("LogoUrl", Mail.FullUrl("~/Content/logo_email.png")); values.Add("IP", GetIPAddress()); values.Add("Data", DateTime.UtcNow.ToString("dd/MM/yyyy")); values.Add("Hora", DateTime.UtcNow.ToString("HH:mm:ss")); values.Add("TokenLink", String.Format("{0}{1}", Mail.FullUrl("~/Account/LostPassword?token="), token)); Mail.SendMail(user.Email, "Mail.LostPassword", values); }