public void Seed()
{
var encryptor = new HashPasswordEncryptor();
var admiRole = new Role(Guid.NewGuid(), "Administrator");
var basicRole = new Role(Guid.NewGuid(), "Basic");
var userEmailLogin = new UserEmailLogin("Test User", "*****@*****.**", encryptor.Encrypt("password"), "615-555-1212");
userEmailLogin.AddRol(basicRole);
var administratorUser = new UserEmailLogin("Admin User", "*****@*****.**", encryptor.Encrypt("password"),
"123");
administratorUser.AddRol(admiRole);
administratorUser.AddRol(basicRole);
var userAbility = new UserAbility("Developer");
_session.Save(userAbility);
userEmailLogin.AddAbility(userAbility);
_session.Save(admiRole);
_session.Save(basicRole);
_session.Save(userEmailLogin);
_session.Save(administratorUser);
}
public async Task <IActionResult> AuthByEmail([FromBody] UserEmailLogin userEmailLogin)
{
// Is the email data valid?
if (string.IsNullOrEmpty(userEmailLogin?.Email) || string.IsNullOrEmpty(userEmailLogin.Password))
{
return(BadRequest("User authentication data was null or empty."));
}
// Pull the users data from the DB
var dbUser = await m_CoreDbContext.Users
.Where(dbu => dbu.Email == userEmailLogin.Email && dbu.Password == userEmailLogin.Password)
.SingleOrDefaultAsync();
if (dbUser != null)
{
var response = new UserAuthPair
{
UserId = dbUser.UserId,
AuthToken = dbUser.AuthToken
};
return(Ok(response));
}
return(BadRequest("Could not authenticate user by email."));
}
public async Task Handle(IUserSession userIssuingCommand, StartPasswordResetProcess command)
{
UserEmailLogin user = await _readOnlyRepository.First <UserEmailLogin>(x => x.Email == command.Email);
Guid tokenId = _idGenerator.Generate();
await _tokenRepo.Create(new PasswordResetToken(tokenId, user.Id, _timeProvider.Now()));
NotifyObservers(new PasswordResetTokenCreated(tokenId, user.Id));
}
public void Handle(IUserSession userIssuingCommand, CreateEmailLoginUser command)
{
var userCreated = new UserEmailLogin(command.Name, command.Email, command.EncryptedPassword,
command.PhoneNumber);
command.abilities.ToList().ForEach(x => userCreated.AddAbility(_readOnlyRepository.GetById <UserAbility>(x.Id)));
var userSaved = _writeableRepository.Create(userCreated);
NotifyObservers(new UserEmailCreated(userSaved.Id, command.Email, command.Name, command.PhoneNumber));
}
public Cliente iniciaSesionEmail(UserEmailLogin cli)
{
var cliente = GetCorreo(cli.Email);
if (cliente != null)
{
if (cliente.contraseña.Equals(cli.Password))
{
return(cliente);
}
}
return(null);
}
public Admin iniciaSesionEmail(UserEmailLogin cli)
{
var admin = GetCorreo(cli.Email);
if (admin != null)
{
if (admin.contraseña.Equals(cli.Password))
{
return(admin);
}
}
return(null);
}
public Taller iniciaSesionEmail(UserEmailLogin model)
{
var taller = GetCorreo(model.Email);
if (taller != null)
{
if (taller.contraseña.Equals(model.Password))
{
return(taller);
}
}
return(null);
}
public async Task Handle(IUserSession userIssuingCommand, ResetPassword command)
{
PasswordResetToken passwordResetToken = await _tokenReadRepo.GetById(command.ResetPasswordToken);
UserEmailLogin user = await _repo.GetById <UserEmailLogin>(passwordResetToken.UserId);
user.ChangePassword(command.EncryptedPassword);
await _repo.Update(user);
await _tokenReadRepo.Delete(command.ResetPasswordToken);
NotifyObservers(new PasswordReset(passwordResetToken.UserId));
}
public IActionResult LoginEmail(UserEmailLogin obj)
{
IActionResult response = Unauthorized();
var userC = _clienteService.iniciaSesionEmail(obj);
var userT = _tallerService.iniciaSesionEmail(obj);
if (userC != null)
{
var tokenString = GenerateJSONWebToken(userC);
response = Ok(new { tokenString });
}
if (userT != null)
{
var tokenString = GenerateJSONWebToken(userT);
response = Ok(new { tokenString });
}
return(response);
}
public async Task Handle(IUserSession userIssuingCommand, CreateEmailLoginUser command)
{
var userCreated = new UserEmailLogin(Guid.NewGuid(), command.Name, command.Email, command.EncryptedPassword,
command.PhoneNumber);
foreach (UserAbility ability in command.Abilities)
{
UserAbility userAbility = await _abilityReadRepo.GetById(ability.Id);
userCreated.AddAbility(userAbility);
}
Role basicRole = await _roleReadRepo.First(x => x.Description == "Basic");
userCreated.AddRole(basicRole);
User userSaved = await _userRepo.Create(userCreated);
NotifyObservers(new UserEmailCreated(userSaved.Id, command.Email, command.Name, command.PhoneNumber));
}
public async Task <IActionResult> LinkEmail(string userId, [FromBody] UserEmailLogin userEmailLogin)
{
if (string.IsNullOrEmpty(userId))
{
return(BadRequest("UserId was null or empty."));
}
if (string.IsNullOrEmpty(userEmailLogin?.Email) || string.IsNullOrEmpty(userEmailLogin.Password))
{
return(BadRequest("User email data was null or empty."));
}
// If the claimant userId matches the request userId, we allow the update
if (!this.IsClaimantUserId(userId))
{
return(BadRequest("UserId was invalid for this request."));
}
// Pull the users data from the DB
var dbUser = await m_CoreDbContext.Users
.Where(dbu => dbu.UserId == userId)
.SingleOrDefaultAsync();
if (dbUser != null)
{
dbUser.Email = userEmailLogin.Email;
dbUser.Password = userEmailLogin.Password;
await m_CoreDbContext.SaveChangesAsync();
var response = new RequestResult
{
Content = "Successfully updated email.",
StatusCode = 0
};
return(Ok(response));
}
return(BadRequest("Could not link email to user."));
}
public LoginModule(IPasswordEncryptor passwordEncryptor, IUserRepository readOnlyRepository,
IUserRepository userRepo, ITokenFactory tokenFactory, IMenuProvider menuProvider)
{
Post["/login", true] =
async(a, ct) =>
{
var loginInfo = this.Bind <LoginRequest>();
if (loginInfo.Email == null)
{
throw new UserInputPropertyMissingException("Email");
}
if (loginInfo.Password == null)
{
throw new UserInputPropertyMissingException("Password");
}
EncryptedPassword encryptedPassword = passwordEncryptor.Encrypt(loginInfo.Password);
try
{
UserEmailLogin user =
await userRepo.First <UserEmailLogin>(
x =>
x.Email == loginInfo.Email &&
x.EncryptedPassword == encryptedPassword.Password);
if (!user.IsActive)
{
throw new DisableUserAccountException();
}
string jwtoken = tokenFactory.Create(user);
return(new SuccessfulLoginResponse <string>(jwtoken));
}
catch (ItemNotFoundException <UserEmailLogin> )
{
throw new UnauthorizedAccessException(
"Invalid email address or password. Please try again.");
}
catch (DisableUserAccountException)
{
throw new UnauthorizedAccessException(
"Your account has been disabled. Please contact your administrator for help.");
}
};
Post["/login/facebook", true] =
async(a, ct) =>
{
var loginInfo = this.Bind <LoginSocialRequest>();
if (loginInfo.Email == null)
{
throw new UserInputPropertyMissingException("Email");
}
if (loginInfo.Id == null)
{
throw new UserInputPropertyMissingException("Social Id");
}
try
{
UserFacebookLogin user =
await userRepo.First <UserFacebookLogin>(
x =>
x.Email == loginInfo.Email &&
x.FacebookId == loginInfo.Id);
if (!user.IsActive)
{
throw new DisableUserAccountException();
}
string jwtoken = tokenFactory.Create(user);
return(new SuccessfulLoginResponse <string>(jwtoken));
}
catch (ItemNotFoundException <UserEmailLogin> )
{
throw new UnauthorizedAccessException(
"Invalid facebook user, you need to register first.");
}
catch (DisableUserAccountException)
{
throw new UnauthorizedAccessException(
"Your account has been disabled. Please contact your administrator for help.");
}
};
Get["/roles"] =
_ =>
{
this.RequiresAuthentication();
return(Response.AsJson(menuProvider.getAllFeatures()));
};
Post["/login/google", true] =
async(a, ct) =>
{
var loginInfo = this.Bind <LoginSocialRequest>();
if (loginInfo.Email == null)
{
throw new UserInputPropertyMissingException("Email");
}
if (loginInfo.Id == null)
{
throw new UserInputPropertyMissingException("Social Id");
}
try
{
UserGoogleLogin user =
await userRepo.First <UserGoogleLogin>(
x =>
x.Email == loginInfo.Email &&
x.GoogleId == loginInfo.Id);
if (!user.IsActive)
{
throw new DisableUserAccountException();
}
string jwtoken = tokenFactory.Create(user);
return(new SuccessfulLoginResponse <string>(jwtoken));
}
catch (ItemNotFoundException <UserEmailLogin> )
{
throw new UnauthorizedAccessException(
"Invalid google user, you need to register first.");
}
catch (DisableUserAccountException)
{
throw new UnauthorizedAccessException(
"Your account has been disabled. Please contact your administrator for help.");
}
};
}
