public async Task <IActionResult> login([FromQuery] string username, [FromQuery] string password) { Response.Headers.Add("Content-Type", "application/octet-stream"); List <FerrousIdentity> identities = LoadJson <FerrousIdentity>(IDENTITIES_JSON_FILE); FerrousIdentity id = identities.FirstOrDefault(m => m.username.ToLowerInvariant() == username.ToLowerInvariant()); if (PasswordMatches(id, password)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, id.username) }; var claimsIdentity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTime.UtcNow.AddDays(4) }; await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); return(NoContent()); } return(Unauthorized()); }
public static bool hasBuildingAuth(string username, string buildingShortName) { if (staticIdentities == null) { reloadIdentities(); } if (username == String.Empty) { return(false); } FerrousIdentity id = staticIdentities.FirstOrDefault(m => m.username == username); if (id == null) { return(false); } if (id.elevation == (int)ElevationLevels.SuperUser) { return(true); } return(id.locations != null && id.locations.Contains(buildingShortName)); }
public static bool hasPrivilege(string username, ElevationLevels minElevation, PrivilegeList priv = PrivilegeList.NONE) { if (staticIdentities == null) { reloadIdentities(); } if (username == String.Empty) { return(false); } FerrousIdentity id = staticIdentities.FirstOrDefault(m => m.username == username); if (id == null) { return(false); } if (id.elevation <= (int)minElevation) { return(true); } if (priv != PrivilegeList.NONE && id.privileges.Contains((int)priv)) { return(true); } return(false); }
public IActionResult GetUser() { if (!User.Identity.IsAuthenticated) { return(Unauthorized()); } List <FerrousIdentity> identities = LoadJson <FerrousIdentity>(IDENTITIES_JSON_FILE); FerrousIdentity id = identities.FirstOrDefault(m => m.username.ToLower() == User.Identity.Name.ToLower()); id.password = null; id.salt = null; return(new JsonResult(id)); }
public IActionResult PostAllUsers([FromBody] List <FerrousIdentity> users, [FromQuery] String password) { List <FerrousIdentity> identities = LoadJson <FerrousIdentity>(IDENTITIES_JSON_FILE); FerrousIdentity id = identities.FirstOrDefault( m => m.username.ToLowerInvariant() == HttpContext.User.Identity.Name.ToLowerInvariant()); /* Check password */ if (!PasswordMatches(id, password)) { return(Unauthorized()); } /* Form new identities json */ foreach (var i in users) { if (i.username == null || i.username == String.Empty) { return(BadRequest(new { message = "Blank username not allowed" })); } if (i.password != null && i.password != HIDDEN_FIELD && i.password != String.Empty) { i.salt = Utilities.RandomString(2); i.password = Misc.Utilities.SHA.GenerateSHA256String(i.salt + i.password); } else { var cid = identities.FirstOrDefault(m => m.username == i.username); if (cid != null) { i.salt = cid.salt; i.password = cid.password; } else { return(BadRequest(new { message = $"Blank password not allowed for new user {i.username}" })); } } } Utilities.WriteJson(IDENTITIES_JSON_FILE, users); Authorization.reloadIdentities(); return(NoContent()); }
public static bool PasswordMatches(FerrousIdentity id, String password) { return(id != null && id.password == Misc.Utilities.SHA.GenerateSHA256String(id.salt + password)); }