public IHttpActionResult forgotpas([FromBody] _Mail mail)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Users user = db.users.Where(u => u.email == mail.email).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
//generate password reset token
Random rnd = new Random();
string token = Bcrypt.hash(user.email + DateTime.Now.Hour + DateTime.Now.Millisecond + rnd.Next(999999, 999999));
try
{
user.forgot_last_date = DateTime.Now;
user.password_token = token;
db.SaveChanges();
}
catch (Exception ex)
{
ExceptionThrow.Throw(ex);
}
Mailgun.Send("forgot_password", new Dictionary <string, object>()
{
{ "fullname", user.name + " " + user.lastname }, { "token", token }
}, user.email, "Menkule Şifre Yenileme Talebiniz");
return(Ok());
}
public IHttpActionResult changepas([FromBody] _UserPassword password)
{
if (password.password != password.reply)
{
return(BadRequest());
}
int user_id = Users.GetUserId(User);
string pas = Bcrypt.hash(password.currentpassword);
Users user = db.users.Where(u => u.id == user_id && u.password == pas).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
user.password = Bcrypt.hash(password.password);
try
{
db.SaveChanges();
}
catch (Exception ex)
{
ExceptionThrow.Throw(ex);
}
return(Ok());
}
public IHttpActionResult resetpas([FromBody] _TokenResetPassword _token)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (_token.password != _token.reply)
{
return(BadRequest());
}
Users user = db.users.Where(u => u.password_token == _token.token).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
if (user.forgot_last_date != null)
{
TimeSpan diff = DateTime.Now - Convert.ToDateTime(user.forgot_last_date);
if (diff.TotalHours >= 2)
{
return(BadRequest());
}
}
try
{
user.password = Bcrypt.hash(_token.password);
user.forgot_last_date = null;
user.password_token = null;
db.SaveChanges();
}
catch (Exception ex)
{
ExceptionThrow.Throw(ex);
}
return(Ok());
}
public IHttpActionResult externalConfirm([FromBody] _ExternalConfirm externalConfirmData)
{
int user_id = Users.GetUserId(User);
if (externalConfirmData.password != externalConfirmData.reply)
{
ExceptionThrow.Throw("Şifre tekrarı hatalı.", HttpStatusCode.BadRequest);
}
if (db.users.Any(u => u.gsm == externalConfirmData.gsm))
{
ExceptionThrow.Throw("gsm no kullanılmaktadır.", HttpStatusCode.BadRequest);
}
Users user = db.users.Where(u => u.id == user_id && u.is_external_confirm == false).FirstOrDefault();
if (user == null)
{
ExceptionThrow.Throw("Zaten şifre güncellenmiş", HttpStatusCode.Forbidden);
}
user.gsm = externalConfirmData.gsm;
user.updated_date = DateTime.Now;
user.password = Bcrypt.hash(externalConfirmData.password);
user.is_external_confirm = true;
try
{
db.SaveChanges();
//Send Gsm Activation Code
NetGsm.Send(externalConfirmData.gsm, "menkule.com.tr uyeliginiz ile ilgili onay kodunuz: " + user.gsm_activation_code);
}
catch (Exception ex)
{
ExceptionThrow.Throw(ex);
}
return(Ok());
}
// OAuthAuthorizationServerProvider sınıfının kaynak erişimine izin verebilmek için ilgili GrantResourceOwnerCredentials metotunu override ediyoruz.
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// Kullanıcının access_token alabilmesi için gerekli validation işlemlerini yapıyoruz.
string pass = Bcrypt.hash(context.Password);
Users usr = db.users.Where(u => u.email == context.UserName && u.password == pass).FirstOrDefault();
if (usr == null)
{
context.SetError("invalid_grant", "Kullanıcı adı veya şifre yanlış.");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("user_id", usr.id.ToString()));
//Role eklemek için
if (usr.ownershiping)
{
identity.AddClaim(new Claim(ClaimTypes.Role, "owner"));
}
context.Validated(identity);
}
public async Task <IHttpActionResult> facebookLogin(string provider, string error = null)
{
string redirectUri = string.Empty;
Dictionary <string, string> AccessToken = null;
// Validate request
if (error != null)
{
return(BadRequest(Uri.EscapeDataString(error)));
}
// Exist Identity
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
// Validate redirect url
var redirectUriValidationResult = ValidateClientAndRedirectUri(Request, ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
// User data from Identity
UserFacebook externalLogin = UserFacebook.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
// Exist user in db
Users user = db.users.Where(u => (u.facebook_id == externalLogin.ProviderKey && u.email == externalLogin.Email && u.source == "facebook")).FirstOrDefault();
bool hasRegistered = user != null;
// If not identity register to db add new user
if (!hasRegistered)
{
try
{
// check user e-mail exist validation
if (db.users.Any(u => u.email == externalLogin.Email))
{
return(Redirect(GenerateErrorRedirect(externalLogin, "e-posta zaten kullanilmakta", redirectUri)));
}
string password = Users.generatePassword(5, 3);
//generate activation code
Random rnd = new Random();
string gsm_code = rnd.Next(9999, 999999).ToString();
string email_code = rnd.Next(9999, 999999).ToString();
// disable db validations
db.Configuration.ValidateOnSaveEnabled = false;
// create user
Users userData = new Users
{
name = externalLogin.FirstName,
lastname = externalLogin.LastName,
email = externalLogin.Email,
facebook_id = externalLogin.ProviderKey,
gender = externalLogin.Gender == "male" ? "Bay" : "Bayan",
gsm = string.Empty,
password = Bcrypt.hash(password),
source = "facebook",
email_activation_code = email_code,
gsm_activation_code = gsm_code,
is_external_confirm = false,
};
db.users.Add(userData);
// save photos
byte[] imageData = null;
using (var wc = new System.Net.WebClient())
imageData = wc.DownloadData(externalLogin.Photo.Data.Url);
MemoryStream photoStreamData = new MemoryStream(imageData);
// send cloud
var image = new WebImage(photoStreamData);
var httpRequest = HttpContext.Current.Request;
Images userImage = Cloudinary.upload(image, "users/" + userData.name.ReduceWhitespace().Replace(" ", "-").ToEng() + "-" + userData.lastname.ReduceWhitespace().Replace(" ", "-").ToEng() + "-" + userData.id);
if (userImage != null)
{
db.images.Add(userImage);
db.SaveChanges();
userData.image_id = userImage.id;
}
db.SaveChanges();
// enable db validations
db.Configuration.ValidateOnSaveEnabled = false;
return(Redirect(GenerateRedirectUrl(AuthBackdoor.auth(userData, Request), externalLogin, hasRegistered, redirectUri)));
}
catch (Exception ex)
{
return(Redirect(GenerateErrorRedirect(externalLogin, ex.Message.ToString(), redirectUri)));
}
}
return(Redirect(GenerateRedirectUrl(AuthBackdoor.auth(user, Request), externalLogin, hasRegistered, redirectUri)));
}
public IHttpActionResult add([FromBody] Users user)
{
//validation
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (db.users.Any(u => u.email == user.email))
{
ExceptionThrow.Throw("e-posta adresi kullanılmaktadır.", HttpStatusCode.BadRequest);
}
if (db.users.Any(u => u.gsm == user.gsm))
{
ExceptionThrow.Throw("gsm no kullanılmaktadır.", HttpStatusCode.BadRequest);
}
//generate activation code
Random rnd = new Random();
string gsm_code = rnd.Next(9999, 999999).ToString();
string email_code = rnd.Next(9999, 999999).ToString();
//set password
bool no_password = user.password == null || user.password.Trim() == "";
string password = no_password ? Users.generatePassword(5, 3) : user.password;
//create user
Users userData = new Users
{
name = user.name,
lastname = user.lastname,
email = user.email,
gender = user.gender,
gsm = user.gsm,
description = user.description,
password = Bcrypt.hash(password),
source = "web",
email_activation_code = email_code,
gsm_activation_code = gsm_code
};
if (user.identity_no != null)
{
userData.identity_no = user.identity_no;
}
//insert user
db.users.Add(userData);
try
{
db.SaveChanges();
//If password is random generated
if (no_password)
{
NetGsm.Send(user.gsm, "Menkule.com.tr üyelik şifreniz " + password + " Şifrenizi değiştirmeyi unutmayınız.");
}
}
catch (Exception ex)
{
ExceptionThrow.Throw(ex);
}
//Send Gsm Activation Code
NetGsm.Send(user.gsm, "menkule.com.tr uyeliginiz ile ilgili onay kodunuz: " + gsm_code);
//Send Email Notification
Mailgun.Send("register", new Dictionary <string, object>()
{
{ "fullname", user.name + " " + user.lastname }
}, user.email, "Üyeliğiniz için teşekkürler");
object token = no_password ? Users.LoginOnBackDoor(user.email, password) : null;
return(Ok(new
{
name = user.name,
lastname = user.lastname,
email = user.email,
gsm = user.gsm,
gender = user.gender,
photo = "",
ownershiping = user.ownershiping,
state = user.state,
email_state = user.email_state,
gsm_state = user.gsm_state,
created_date = user.created_date,
token = token
}));
}
