public AuthenticationControllerTest()
        {
            defaultAdminPassword = new Password(DefaultAdminPasswordString);
            var dataModule = new CloudCoreDataModule();
            IoC.Initialize();
            IoC.ScanModule(dataModule);
            IoC.AdditionalConfiguration(dataModule);

            //var mailMan = MockHelper.CreateSimpleGenericMock<IMailMan>();
            //apiController = new AuthenticationController(Repository.Instance, new InMemoryCacheProvider(new CachePolicyFake()), mailMan);
            MockAuthContext(apiController);
            CloudCoreDB.Context.Cloudcore_UserPasswordUpdate(0, defaultAdminPassword.CreatePasswordHash(0));
            FakeIdentity(1, 0);
        }
Exemplo n.º 2
0
        public static bool Login(string username, string password, bool rememberMe, bool requiresInternal, bool requiresExternal)
        {
            var dbContext = CloudCoreDB.Context;

            if (HttpContext.Current.Request.IsAuthenticated)
            {
                throw new DuplicateLoginException("You are already logged in. Please sign out first before another login attempt is made.");
            }

            if (!string.IsNullOrWhiteSpace(username) && !string.IsNullOrWhiteSpace(password))
            {
                Cloudcore_User user = dbContext.Cloudcore_User.Where(r => r.Login == username || r.Email == username).SingleOrDefault();

                if (user != null)
                {
                    var encryptedPassword = new Password(password);

                    if (user.UserId != 0 && !encryptedPassword.Compare(user.UserId, user.PasswordHash))
                    {
                        throw new LoginException("The user name or password provided is incorrect.");
                    }
                }
                else
                {
                    throw new LoginException("The user name or password provided is incorrect.");
                }


                if (!user.IntAccess && !user.ExtAccess)
                {
                    throw new LoginException("Could not log you in. Your user account is not active.");
                }


                if ((requiresInternal && user.IntAccess == false) || (requiresExternal && user.ExtAccess == false))
                {
                    throw new LoginException("You are not authorized to access this part of the system.");
                }

                CreateIdentity(user);
                DateTime? lastlogin = DateTime.Now;
                dbContext.Cloudcore_LoginUpdate(user.UserId, CloudCore.Core.Modules.Environment.ApplicationId, ref lastlogin);
                return true;
            }
            else
            {
                throw new LoginException("The user name or password provided is incorrect.");
            }
        }
Exemplo n.º 3
0
        public ApiToken Login([FromBody]UserAuthorization data)
        {
            var user = (from u in CloudCoreDB.Context.Cloudcore_User
                        where (u.Login == data.UserName)
                        select u).SingleOrDefault();

            if (user == null)
            {
                throw new SecurityException("User does not exist or username is invalid.");
            }

            if (!(user.ExtAccess || user.IntAccess))
            {
                throw new SecurityException("User is not enabled for access to this system.");
            }

            string hashedPassword = new Password(data.Password).CreatePasswordHash((int)user.UserId);

            if (user.PasswordHash != hashedPassword)
            {
                throw new SecurityException("Invalid username or password.");
            }

            return CreateSecretToken(ApiCaller.ApplicationId, (int)user.UserId, "USER_TOKEN_KEY");
        }
Exemplo n.º 4
0
 public static string CreatePasswordHash(int userid, string password)
 {
     var pword = new Password(password);
     return pword.CreatePasswordHash(userid);
 }