Exemplo n.º 1
0
        public async Task <ActionResult> LoginConfirm(LoginVM loginVM)
        {
            // if some the hacking actions with form or someione don't use JS
            if (!ModelState.IsValid)
            {
                ModelState.AddModelError(String.Empty, "Invalid token");
                return(View(new LoginVM()
                {
                    Login = loginVM.Login
                }));
            }

            User user = await dbContext.Users.Where(u => loginVM.Login == u.Login).FirstOrDefaultAsync();

            if (user == null)
            {
                ModelState.AddModelError(String.Empty, "User not found");
                return(View(new LoginVM()
                {
                    Login = loginVM.Login
                }));
            }

            byte[] password = Encoding.Unicode.GetBytes(user.Salt + loginVM.Password);

            string hash = CryptoService.ComputeMD5Hash(password).ToHexString();

            if (user.Password != hash)
            {
                ModelState.AddModelError(String.Empty, "Incorrect login or/and pass");
                return(View(new LoginVM()
                {
                    Login = loginVM.Login
                }));
            }

            IEnumerable <string> userRoles = user.Roles.Select(role => role.Name);

            Session["User"]     = user;
            Session["Roles"]    = userRoles;
            Session["isAdmin"]  = userRoles.Contains("Admin");
            Session["UserMenu"] = MenuProvider.BuildMenu(userRoles);

            return(Redirect(Url.Content("~/")));
        }
Exemplo n.º 2
0
        public async Task <ActionResult> RegisterConfirm(RegisterVM registerModel)
        {
            // if some the hacking actions with form. Or someone disable JS?
            if (!ModelState.IsValid)
            {
                ModelState.AddModelError(String.Empty, "Invalid token");

                return(View(registerModel));
            }
            // check for already registred
            if (await dbContext.Users.Where(u => registerModel.Login == u.Login).CountAsync() > 0)
            {
                ModelState.AddModelError(String.Empty, "Login is already taken(and pass maybe too?)");
                return(View(registerModel));
            }

            string salt = CryptoService.GetRandomBytes(AppConstants.PASSOWORD_SALT_LENGTH).ToHexString();

            byte[] password = Encoding.Unicode.GetBytes(salt + registerModel.Password);

            string hash = CryptoService.ComputeMD5Hash(password).ToHexString();

            User newUser = new User()
            {
                Login    = registerModel.Login,
                Password = hash,
                Salt     = salt
            };

            newUser.Roles.Add(await dbContext.UserRoles.Where(role => role.Name == "Authenticated").FirstAsync());

            dbContext.Users.Add(newUser);
            await dbContext.SaveChangesAsync();

            return(RedirectToAction("Login"));
        }
Exemplo n.º 3
0
        internal static async Task <byte[]> CreatePasswordAsync(string userId, byte[] salt, string password)
        {
            var passwd = PreparePassword(userId, salt, password);

            return(CryptoService.ComputeMD5Hash(await CryptoService.EncryptAsync(passwd)));
        }
Exemplo n.º 4
0
        protected override void Seed(MusicPortalDbContext context)
        {
            Genre ambientGenre = new Genre()
            {
                Name = "Ambient"
            };
            Genre hiphopGenre = new Genre()
            {
                Name = "Hip-Hop"
            };
            Genre instrumentalGenre = new Genre()
            {
                Name = "Instrumental"
            };
            Genre soundtrackGenre = new Genre()
            {
                Name = "Soundtrack"
            };
            Genre pianoGenre = new Genre()
            {
                Name = "Piano"
            };

            context.Genres.AddRange(new List <Genre>()
            {
                ambientGenre,
                hiphopGenre,
                instrumentalGenre,
                soundtrackGenre,
                pianoGenre,
                new Genre()
                {
                    Name = "Alternative"
                },
                new Genre()
                {
                    Name = "Blues"
                },
                new Genre()
                {
                    Name = "Background"
                },
                new Genre()
                {
                    Name = "Chanson"
                },
                new Genre()
                {
                    Name = "Classical"
                },
                new Genre()
                {
                    Name = "Club"
                },
                new Genre()
                {
                    Name = "Country"
                },
                new Genre()
                {
                    Name = "Dance"
                },
                new Genre()
                {
                    Name = "Disco"
                },
                new Genre()
                {
                    Name = "Drum & Bass"
                },
                new Genre()
                {
                    Name = "Electro"
                },
                new Genre()
                {
                    Name = "Folk"
                },
                new Genre()
                {
                    Name = "Funk"
                },
                new Genre()
                {
                    Name = "Hardcore"
                },
                new Genre()
                {
                    Name = "House"
                },
                new Genre()
                {
                    Name = "Industrial"
                },
                new Genre()
                {
                    Name = "Jazz"
                },
                new Genre()
                {
                    Name = "Metal"
                },
                new Genre()
                {
                    Name = "Minimal"
                },
                new Genre()
                {
                    Name = "Pop-Rock"
                },
                new Genre()
                {
                    Name = "Punk"
                },
                new Genre()
                {
                    Name = "Rap"
                },
                new Genre()
                {
                    Name = "Reggae"
                },
                new Genre()
                {
                    Name = "Retro"
                },
                new Genre()
                {
                    Name = "R&B"
                },
                new Genre()
                {
                    Name = "Rock"
                },
                new Genre()
                {
                    Name = "Soul"
                },
                new Genre()
                {
                    Name = "Techno"
                },
                new Genre()
                {
                    Name = "Trance"
                }
            });


            UserRole authorized = new UserRole()
            {
                Name = "Admin"
            };
            UserRole admin = new UserRole()
            {
                Name = "Authorized"
            };

            context.UserRoles.AddRange(new List <UserRole>()
            {
                authorized,
                admin,
                new UserRole()
                {
                    Name = "Authenticated"
                }
            });

            var salt = CryptoService.GetRandomBytes(AppConstants.PASSOWORD_SALT_LENGTH).ToHexString();

            context.Users.Add(new User()
            {
                Login    = "******",
                Password = CryptoService.ComputeMD5Hash(Encoding.Unicode.GetBytes((salt + "admin"))).ToHexString(),
                Salt     = salt,
                Roles    = new List <UserRole>()
                {
                    authorized, admin
                }
            });

            context.Songs.Add(new Song()
            {
                Name     = "Lo-fi chill cover OST",
                FileName = "ba814cc1-5de9-494c-b46e-c171e5fec6ab.mp3",
                Genres   = new List <Genre>()
                {
                    ambientGenre, hiphopGenre, soundtrackGenre
                }
            });

            context.Songs.Add(new Song()
            {
                Name     = "After Dark piano cover",
                FileName = "ceas4cc1-5de9-494c-b46e-c171e5feceas.mp3",
                Genres   = new List <Genre>()
                {
                    instrumentalGenre, pianoGenre
                }
            });

            context.SaveChanges();

            base.Seed(context);
        }
Exemplo n.º 5
0
        internal static byte[] CreatePassword(string userId, byte[] salt, string password)
        {
            var passwd = PreparePassword(userId, salt, password);

            return(CryptoService.ComputeMD5Hash(CryptoService.Encrypt(passwd)));
        }