Exemplo n.º 1
0
        public dynamic UserChangePassword(dynamic data)
        {
            var user = new User
            {
                id       = data.user_id,
                password = data.password,
                email    = "*****@*****.**" // always validates
            };

            var val = new UserValidator();
            var validationResult = val.Validate(user, ruleSet: "emailandpwd");

            if (validationResult.IsValid)
            {
                var     pwd = Crypto.EncryptStringAes(user.password, Config.encryptKey);
                dynamic res =
                    GetAccountsDbConnection()
                    .Execute(
                        "update users set password='******',pwd=@pwd where id=@id",
                        new
                {
                    user.id,
                    pwd
                });
            }

            return(new
            {
                validationResult
            });
        }
Exemplo n.º 2
0
        public dynamic UserSignInTry(dynamic data)
        {
            try
            {
                var anon_user = new User
                {
                    email    = data.email.ToString(),
                    password = data.password.ToString()
                };

                var val = new UserValidator();
                var validationResult = val.Validate(anon_user, ruleSet: "emailandpwd");

                if (!validationResult.IsValid)
                {
                    return new { validationResult }
                }
                ;

                var validator = new SignInValidator(GetAccountsDbConnection());
                validationResult = validator.Validate(anon_user);

                if (validationResult.IsValid)
                {
                    dynamic account =
                        GetAccountsDbConnection()
                        .Query <dynamic>("select id,display_name,pwd from users where email=@email;", new
                    {
                        data.email
                    }).Single();

                    // add ticket
                    var ticket =
                        Guid.NewGuid()
                        .ToString()
                        .Replace("{", string.Empty)
                        .Replace("}", string.Empty)
                        .Replace("-", string.Empty)
                        .ToUpperInvariant()
                        .Substring(0, 16);

                    var clearTicket = "delete from tickets where user_id = @user_id;";
                    var addticket   =
                        "insert into tickets (user_id, date_expires, access_id) values (@user_id, @date_expires, @access_id);";
                    dynamic user_id = account.id;

                    GetAccountsDbConnection().Execute(clearTicket + addticket, new
                    {
                        user_id,
                        date_expires = DateTime.UtcNow.AddDays(30),
                        access_id    = ticket
                    });

                    SetCookie("IsLoggedIn", "1");
                    SetCookie("UserName", account.display_name.ToString());
                    SetCookie("Auth", ticket);
                    SetCookie("UserId", account.id.ToString());

                    // http://www.codeproject.com/Articles/408306/Understanding-and-Implementing-ASP-NET-Custom-Form

                    var signed_in = true;
                    return(new
                    {
                        validationResult,
                        account,
                        signed_in
                    });
                }

                return(new
                {
                    validationResult
                });
            }
            catch (Exception ex)
            {
                Debug.Print(ex.ToString());
                throw ex;
            }
        }
Exemplo n.º 3
0
        public dynamic UserAdd(dynamic data)
        {
            var anon_user = new User
            {
                display_name = data.display_name.ToString(),
                email        = data.email.ToString(),
                password     = data.password.ToString()
            };

            try
            {
                var val = new UserValidator();
                var validationResult = val.Validate(anon_user, ruleSet: "emailandpwd,displayname");

                if (!validationResult.IsValid)
                {
                    return new { validationResult }
                }
                ;

                var validator = new UserAddValidator(GetAccountsDbConnection());
                validationResult = validator.Validate(anon_user);

                if (validationResult.IsValid)
                {
                    var pwd = Crypto.EncryptStringAes(anon_user.password, Config.encryptKey);

                    data.password = "******";
                    dynamic res =
                        GetAccountsDbConnection()
                        .Query <dynamic>(
                            "insert into users (email,display_name,date_created,pwd,password) values (@email,@display_name,UTC_TIMESTAMP(),@pwd,'v2');select last_insert_id() as newid;",
                            new
                    {
                        anon_user.email,
                        anon_user.display_name,
                        pwd
                    }).Single();

                    var stringToEncrypt = JsonConvert.SerializeObject(new
                    {
                        user_id = res.newid
                    });
                    var encrypted = Crypto.EncryptStringAes(stringToEncrypt, Config.encryptKey);

                    var domain = "www.tekphoria.co.uk";

                    if (Config.IsDevMachine)
                    {
                        data.email = "*****@*****.**";
                        domain     = "localhost:1001";
                    }

                    var handler = new EmailHandler();
                    handler.SendMailTest(new EmailArgs
                    {
                        To      = data.email,
                        Subject = string.Format("Account Verification for {0}", domain),
                        Body    =
                            string.Format("Click <a href='http://{0}/account/verify?k={1}'>here</a> to verify account.",
                                          domain, encrypted),
                        IsHtml = true
                    });

                    return(new
                    {
                        validationResult,
                        id = res.newid
                    });
                }


                return(new
                {
                    validationResult
                });
            }
            catch (Exception ex)
            {
                Debug.Write(ex);
                throw;
            }
        }