Exemplo n.º 1
0
        public string ValidateCredentials(string username, string password)
        {
            try
            {
                var user = App.dbcontext.Users.FirstOrDefault(a => a.Username == username.Trim());
                if (user != null)
                {
                    if (CryptoProvider.ValidatePassword(password, user.Password))
                    {
                        App.LoggedInUser = user;

                        user.LockCounter = 0;
                        App.dbcontext.SaveChanges();

                        return(string.Empty);
                    }
                    else
                    {
                        user.LockCounter++;

                        if (user.LockCounter >= 3)
                        {
                            user.IsLocked = true;
                            App.dbcontext.SaveChanges();

                            return("Your account is locked due to too many failed login attempts");
                        }

                        App.dbcontext.SaveChanges();
                    }
                }

                return("Invalid credentials");
            }
            catch (Exception ex)
            {
                var logNumber = Logger.Log(nameof(GetAllUsers), new Dictionary <string, object>
                {
                    { LogConsts.Exception, ex }
                });

                ex.Data.Add(nameof(logNumber), logNumber);
                throw ex;
            }
        }
Exemplo n.º 2
0
        public string UpdateUser(User user, string auditEvent = null)
        {
            try
            {
                var existinguser = App.dbcontext.Users.FirstOrDefault(a => a.Username == user.Username.Trim());
                if (existinguser == null || existinguser.UserId == user.UserId)
                {
                    user.UpdatedBy   = App.LoggedInUser.UserId;
                    user.UpdatedDt   = DateTime.Now;
                    user.Password    = CryptoProvider.HashPassword(user.Password);
                    user.LockCounter = App.LoggedInUser.LockCounter;

                    Audit audit = new Audit
                    {
                        RecordId    = user.UserId,
                        Type        = AuditTypes.User.ToString(),
                        Description = auditEvent,
                        UpdatedBy   = App.LoggedInUser.UserId,
                        UpdatedDt   = DateTime.Now
                    };

                    App.dbcontext.Audits.Add(audit);
                    App.dbcontext.SaveChanges();
                }
                else
                {
                    return(Messages.UsernameTaken);
                }
            }
            catch (Exception ex)
            {
                var logNumber = Logger.Log(nameof(UpdateUser), new Dictionary <string, object>
                {
                    { LogConsts.Exception, ex }
                });

                ex.Data.Add(nameof(logNumber), logNumber);
                throw ex;
            }

            return(null);
        }
Exemplo n.º 3
0
        public string CreateUser(User user, string auditEvent = null)
        {
            try
            {
                var existinguser = App.dbcontext.Users.FirstOrDefault(a => a.Username == user.Username.Trim());
                if (existinguser == null)
                {
                    user.CreatedBy             = App.LoggedInUser.UserId;
                    user.CreatedDt             = DateTime.Now;
                    user.UserId                = Guid.NewGuid().ToString();
                    user.RequirePasswordChange = true;
                    user.Password              = string.IsNullOrEmpty(user.Password) ? CryptoProvider.HashPassword(UsersConsts.DefaultTempPassword) : CryptoProvider.HashPassword(user.Password);

                    App.dbcontext.Users.Add(user);

                    Audit audit = new Audit
                    {
                        RecordId    = user.UserId,
                        Type        = AuditTypes.User.ToString(),
                        Description = auditEvent,
                        UpdatedBy   = App.LoggedInUser.UserId,
                        UpdatedDt   = DateTime.Now
                    };

                    App.dbcontext.Audits.Add(audit);
                    App.dbcontext.SaveChanges();
                }
                else
                {
                    return(Messages.UsernameTaken);
                }
            }
            catch (Exception ex)
            {
                var logNumber = Logger.Log(nameof(CreateUser), new Dictionary <string, object>
                {
                    { LogConsts.Exception, ex }
                });

                ex.Data.Add(nameof(logNumber), logNumber);
                throw ex;
            }

            return(string.Empty);
        }