Exemplo n.º 1
0
        public AuthModel CreateAuth(SignInModel signInModel)
        {
            var salt = Guid.NewGuid().ToString();

            var password = _hashService.Create(signInModel.Password, salt);

            return(new AuthModel(signInModel.Login, password, salt, Roles.User));
        }
        public SignInModel CreateSignIn(SignInModel signInModel)
        {
            signInModel.Salt = Guid.NewGuid().ToString();

            signInModel.Password = _hashService.Create(signInModel.Password, signInModel.Salt);

            return(signInModel);
        }
Exemplo n.º 3
0
        public SignInModel CreateSignIn(SignInModel signInModel)
        {
            var salt = Guid.NewGuid().ToString();

            return(new SignInModel
            {
                Login = signInModel.Login,
                Salt = salt,
                Password = _hashService.Create(signInModel.Password, salt)
            });
        }
Exemplo n.º 4
0
        public void HashService()
        {
            // arrange
            const string value = nameof(SecurityTests);
            var          salt  = Guid.NewGuid().ToString();
            // act
            var hash1 = _hashService.Create(value, salt);
            var hash2 = _hashService.Create(value, salt);

            // assert
            Assert.NotNull(hash1);
            Assert.Equal(hash1, hash2);
        }
Exemplo n.º 5
0
        public async Task <(Result result, string token)> LoginAsync(string cardId, string pin1)
        {
            // Is the card exist?
            var card = await _context.Cards.Include(c => c.Citizen)
                       .ThenInclude(c => c.HealthInfo)
                       .FirstOrDefaultAsync(c => c.Id == cardId);

            if (card is null)
            {
                return(Result.Failure("محاولة تسجيل دخول غير صحيحة."), null);
            }

            // Is card active?
            if (!card.Active)
            {
                return(Result.Failure("هذه البطاقة معطلة."), null);
            }

            // Is card valid?
            if (card.TerminationDate < _dateTime.Now)
            {
                return(Result.Failure("هذه البطاقة منتهية الصلاحية."), null);
            }

            // Is card locked out
            if (await _userManager.IsLockedOutAsync(card))
            {
                return(Result.Failure("لقد حاولت عدة مرات تم تعطيل الحساب لبضع دقائق حاول في وقت لاحق."), null);
            }

            // Is this a correct PIN?
            var isCorrectPin = card.Pin1Hash == _hashService.Create(pin1, card.Pin1Salt);

            var cardRoles = await _userManager.GetRolesAsync(card);

            if (isCorrectPin)
            {
                var token = _jwtTokenService.Generate(
                    new List <Claim>
                {
                    new Claim("img", Path.Combine(_directoryService.CitizenPhotosRelativePath, card.Citizen.PhotoUrl)),
                    new Claim("firstname", card.Citizen.FullName.FirstName),
                    new Claim("healthId", card.Citizen.HealthInfo.Id)
                }
                    .AddJti()
                    .AddNameIdentifier(card.CitizenId)
                    .AddSub(card.Id)
                    .AddRoles(cardRoles.ToArray())
                    );

                return(Result.Success(), token);
            }

            // try to signin with invalid password to increase lockout on failure counter
            // to enabled lockout account if failed to sign a lot of time
            await _signInManager.PasswordSignInAsync(card, "123", false, true);

            return(Result.Failure("محاولة تسجيل دخول غير صحيحة."), null);
        }
Exemplo n.º 6
0
    public void HashService()
    {
        const string value = nameof(SecurityTests);

        var hash = _hashService.Create(value, Guid.NewGuid().ToString());

        Assert.IsNotNull(hash);
    }
Exemplo n.º 7
0
        public SignInModel CreateSignIn(SignInModel signInModel)
        {
            if (signInModel is null)
            {
                throw new ArgumentNullException(nameof(signInModel));
            }

            var salt = Guid.NewGuid().ToString();

            var password = _hashService.Create(signInModel.Password, salt);

            return(new SignInModel
            {
                Login = signInModel.Login,
                Password = password,
                Salt = salt
            });
        }
        public async Task <IResult <AuthEntity> > AddAsync(AuthModel authModel)
        {
            var validation = new AuthModelValidator().Validate(authModel);

            if (validation.Failed)
            {
                return(Result <AuthEntity> .Fail(validation.Message));
            }

            if (await _authRepository.AnyByLoginAsync(authModel.Login))
            {
                return(Result <AuthEntity> .Fail(Texts.AuthError));
            }

            var authEntity = AuthFactory.Create(authModel);

            var password = _hashService.Create(authEntity.Password, authEntity.Salt);

            authEntity.ChangePassword(password);

            await _authRepository.AddAsync(authEntity);

            return(Result <AuthEntity> .Success(authEntity));
        }
Exemplo n.º 9
0
    public async Task <IResult <Auth> > AddAsync(AuthModel model)
    {
        var validation = new AuthModelValidator().Validation(model);

        if (validation.Failed)
        {
            return(validation.Fail <Auth>());
        }

        if (await _authRepository.AnyByLoginAsync(model.Login))
        {
            return(Result <Auth> .Fail("Login exists!"));
        }

        var auth = _authFactory.Create(model);

        var password = _hashService.Create(auth.Password, auth.Salt);

        auth.UpdatePassword(password);

        await _authRepository.AddAsync(auth);

        return(auth.Success());
    }
Exemplo n.º 10
0
        public async Task <IResult <Auth> > AddAsync(AuthModel model)
        {
            var validation = await new AuthModelValidator().ValidateAsync(model);

            if (validation.Failed)
            {
                return(Result <Auth> .Fail(validation.Message));
            }

            if (await _authRepository.AnyByLoginAsync(model.Login))
            {
                return(Result <Auth> .Fail(Texts.LoginAlreadyExists));
            }

            var auth = AuthFactory.Create(model);

            var password = _hashService.Create(auth.Password, auth.Salt);

            auth.ChangePassword(password);

            await _authRepository.AddAsync(auth);

            return(Result <Auth> .Success(auth));
        }
Exemplo n.º 11
0
        public Guid Execute(RegisterationModel model)
        {
            try
            {
                if (!model.ValidationState.IsValid)
                {
                    throw new ValidationException(BusinessMessages.Add_user_not_valid, model.ValidationState.ValidationResults);
                }

                bool userExist = databaseService.Users.Any(obj => obj.IsActive && obj.Email.ToUpper() == model.Email.Trim().ToUpper());

                if (userExist)
                {
                    throw new BusinessException(BusinessMessages.User_exist, "ContactDuplicated");
                }

                string salt = hashingService.CreateSalt();
                User   user = new User()
                {
                    Id             = Guid.NewGuid(),
                    FirstName      = model.FirstName,
                    LastName       = model.LastName,
                    Email          = model.Email,
                    PhoneNumber    = model.PhoneNumber,
                    PrimaryAddress = model.PrimaryAddress,
                    SecondAddress  = model.SecondAddress,
                    HashPassword   = hashingService.Create(model.Password, salt),
                    Salt           = salt,
                    IsActive       = true,
                    IsDeleted      = false,
                    UserRole       = UserRole.User,
                    CountryId      = model.CountryId,
                    NationalityId  = model.NationalityId
                };
                databaseService.Users.Add(user);
                databaseService.Users.SaveChanges();

                return(user.Id);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }