public LoginDomain BuscarPorEmailSenha(string email, string senha) { using (SqlConnection con = new SqlConnection(StringConexao)) { string QuerySelect = "SELECT ID, NOME, EMAIL, SENHA, TIPO_USUARIO FROM USUARIOS WHERE EMAIL = @EMAIL AND SENHA =@SENHA"; using (SqlCommand cmd = new SqlCommand(QuerySelect, con)) { cmd.Parameters.AddWithValue("@EMAIL", email); cmd.Parameters.AddWithValue("@SENHA", senha); con.Open(); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.HasRows) { LoginDomain login = new LoginDomain(); while (sdr.Read()) { login.ID = Convert.ToInt32(sdr["ID"]); login.Email = sdr["EMAIL"].ToString(); login.TipoUsuario = sdr["TIPO_USUARIO"].ToString(); } return(login); } } return(null); } }
public IHttpActionResult PostIsLogin([FromBody] dynamic value) { RetJsonModel result = new RetJsonModel(); try { string UserId = Convert.ToString(value.user_id); //数据校验 RunVerify VD = new RunVerify(); VD.Run(UserId, new VerifyUser()); LoginDomain LD = new LoginDomain(); result = LD.IsLogin(UserId); return(Json(result)); } catch (Exception ex) { //记录失败日志 FunctionHelper.SaveFailLog("Login", "PostIsLogin", "api/login/status", "验证账号是否处在登陆中", Convert.ToString(value), ex.Message.ToString(), "POST"); result.status = 0; result.msg = "数据异常,请重试"; result.time = FunctionHelper.GetTimestamp(); result.data = false; return(Json(result)); } }
public IHttpActionResult GetPermission(string user_id) { RetJsonModel result = new RetJsonModel(); try { LoginDomain LD = new LoginDomain(); //数据校验 RunVerify VD = new RunVerify(); VD.Run(user_id, new VerifyUser()); result = LD.GetRolePermission(user_id); return(Json(result)); } catch (Exception ex) { //记录失败日志 FunctionHelper.SaveFailLog("Login", "GetPermission", "api/login/per", "获取当前账号拥有的权限", "当前登录用户ID:" + user_id, ex.Message.ToString(), "POST"); result.status = 0; result.msg = "数据异常,请重试"; result.time = FunctionHelper.GetTimestamp(); result.data = new List <string>(); return(Json(result)); } }
public static LoginDomain LoginMapper(IDataReader reader) { LoginDomain model = new LoginDomain(); int index = 0; model.Id = reader.GetInt32(index++); model.Email = reader.GetString(index++); model.Salt = reader.GetString(index++); model.Password = reader.GetString(index++); model.ModifiedBy = reader.GetString(index++); return(model); }
public void Update(LoginDomain user) { try { _repository.Update(new User { Email = user.email, Password = user.password }); } catch (Exception e) { Console.WriteLine(e); throw; } }
public LoginDomain UserLogin(string email, string passwordHash) { LoginDomain response = new LoginDomain(); _dataProvider.ExecuteCmd( "Login_Insert", inputParamMapper : delegate(SqlParameterCollection paramList) { paramList.AddWithValue("Email", email); paramList.AddWithValue("Password", passwordHash); }, singleRecordMapper : delegate(IDataReader reader, short set) { response = LoginMapper(reader); }); return(response); }
public void Cadastrar(LoginDomain login) { using (SqlConnection con = new SqlConnection(StringConexao)) { string QueryInsert = "INSERT INTO USUARIOS(EMAIL,SENHA,TIPO_USUARIO) VALUES (@EMAIL,@SENHA,@TIPO_USUARIO)"; using (SqlCommand cmd = new SqlCommand(QueryInsert, con)) { cmd.Parameters.AddWithValue("@EMAIL", login.Email); cmd.Parameters.AddWithValue("@SENHA", login.Senha); cmd.Parameters.AddWithValue("@TIPO_USUARIO", login.TipoUsuario); con.Open(); cmd.ExecuteNonQuery(); } } }
public async Task <string> Login(LoginDto loginDto) { var user = await _authRepository.GetUser(loginDto.Username); if (user == null) { throw new Exception("User not found or password does not match"); } if (!LoginDomain.VerifyPassword(loginDto.Password, user.Password, user.Salt)) { throw new Exception("User not found or password does not match"); } var token = _authRepository.CreateToken(user); return(token); }
public IActionResult Post(LoginDomain usuario) { try { //Chama o repositorio para efetuar o cadastro do usuário LoginRepository.Cadastrar(usuario); //Retorna um status code 200 informando que o usuário foi cadastrado return(Ok(new { mensagem = "Usuário Cadastrado" })); } catch { return(BadRequest()); } }
public async Task <bool> Register(RegisterDto registerDto) { try { byte[] passwordHash, salt; if (_authRepository.GetUser(registerDto.Username) != null) { throw new Exception("This username is already registered"); } LoginDomain.CreatePasswordHash(registerDto.Password, out passwordHash, out salt); var user = new User() { Username = registerDto.Username, Password = passwordHash, Salt = salt }; await _authRepository.Register(user); return(true); } catch (Exception ex) { throw ex; } }
public IHttpActionResult PostLogin([FromBody] dynamic value) { RetJsonModel result = new RetJsonModel(); try { string UserId = Convert.ToString(value.user_id); string PassWord = Convert.ToString(value.password); LoginDomain LD = new LoginDomain(); result = LD.Login(UserId, PassWord); return(Json(result)); } catch (Exception ex) { //记录错误日志 FunctionHelper.SaveFailLog("Login", "PostLogin", "api/login/login", "登录接口", Convert.ToString(value), ex.Message.ToString(), "POST"); result.status = 0; result.time = FunctionHelper.GetTimestamp(); result.msg = "登录失败,请重试"; return(Json(result)); } }
public Result <User> Authorize(LoginDomain userData) { var user = _repository.GetByEmail(userData.email); var result = new Result <User>(); if (user.Password == Md5.Generate(userData.password)) { result.Success = true; result.Message = "Authorized."; result.Data = new User { Id = user.Id, Name = user.Name, Email = user.Email }; } else { result.Success = false; result.Message = "Not authorized."; } return(result); }
public Result <IUser> Authorize(LoginDomain userData) { var result = new Result <IUser>(); if (userData.email == "*****@*****.**" && userData.password == "1234567890") { result.Success = true; result.Message = "User authorized."; result.Data = new LoggedUser { Id = 1, Name = userData.email, Credentials = "01|02|09", IsAdmin = false }; } else { result.Success = false; result.Message = "Not authorized."; } return(result); }
private bool IsAccessible(HubDescriptor hubDescriptor, IRequest request) { try { #region Connection validity check // Find request principle. var principle = request.User; // Request has been authenticated before. if (principle != null && principle.Identity != null && principle.Identity.IsAuthenticated) { return(true); } #endregion #region Authentication cookie analyze // Find authentication cookie from the request. var formAuthenticationCookie = request.Cookies[FormsAuthentication.FormsCookieName]; // Invalid form authentication cookie. if (formAuthenticationCookie == null) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("Invalid authentication cookie"); return(false); } //Cookie value is invalid if (string.IsNullOrWhiteSpace(formAuthenticationCookie.Value)) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("Invalid authentication cookie value"); return(false); } #endregion #region Form authentication ticket // Decrypt the authentication cookie value to authentication ticket instance. var formAuthenticationTicket = FormsAuthentication.Decrypt(formAuthenticationCookie.Value); // Ticket is invalid. if (formAuthenticationTicket == null) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("Invalid authentication cookie ticket"); return(false); } // User data is invalid. if (string.IsNullOrWhiteSpace(formAuthenticationTicket.UserData)) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("Invalid authentication cookie user data"); return(false); } #endregion #region IP Address validation // Find the user data in the ticket. var loginViewModel = JsonConvert.DeserializeObject <LoginItem>(formAuthenticationTicket.UserData); // User data is invalid. if (loginViewModel == null) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("Authentication ticket information is invalid."); return(false); } // Find IP Address of request. var requestIpAddress = _loginDomain.FindRequestIpAddress(request.GetHttpContext()); // Cookie doesn't come from the same origin. if (string.IsNullOrEmpty(requestIpAddress) || !requestIpAddress.Equals(loginViewModel.IpAddress)) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error(string.Format("Cookie doesn't come from the same origin as the request (Source: {0} - Target: {1})", loginViewModel.IpAddress, loginViewModel.Password)); return(false); } #endregion #region Passsword // No password is included in cookie. if (string.IsNullOrEmpty(loginViewModel.Password)) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error("No password is included in the cookie."); return(false); } // Find password setting. var passwordSetting = _loginDomain.FindPasswordSetting(loginViewModel.Password); if (passwordSetting == null) { if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error(string.Format("Password {0}", loginViewModel.Password)); return(false); } #endregion #region Terminal // Analyze client ip address. var ips = LoginDomain.AnalyzeIpAddress(requestIpAddress); // Find terminal by searching ip address. var terminal = _loginDomain.FindTerminalFromIpAddress(ips); // No terminal has been found in the request. if (terminal == null) { // Unauthenticated request is allowed to access function. if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error(string.Format("No terminal has been found with IP : {0}", requestIpAddress)); return(false); } // Accessible terminals are defined. // Terminal cannot access to the sensitive hub. if (_accessibleTerminals != null && !_accessibleTerminals.Any(x => x.Equals(terminal.F06_TerminalNo))) { // Unauthenticated request is allowed to access function. if (IsAnonymousAllowed(hubDescriptor)) { return(true); } Logger.Error(string.Format("No terminal has been found with IP : {0}", requestIpAddress)); return(false); } #endregion var claimIdentity = new ClaimsIdentity(null, _loginDomain.AuthenticationClaimName); claimIdentity.AddClaim(new Claim(ClientIdentities.TerminalNo, terminal.F06_TerminalNo)); claimIdentity.AddClaim(new Claim(ClientIdentities.IpAddress, requestIpAddress)); var httpContext = request.GetHttpContext(); httpContext.User = new ClaimsPrincipal(claimIdentity); return(true); } catch (Exception exception) { Logger.Error(exception.Message, exception); return(false); } }
/// <summary> /// This function is for parsing cookie, querying database and decide whether user can access the function or not. /// </summary> /// <param name="authorizationContext"></param> public void OnAuthorization(AuthorizationContext authorizationContext) { #if !UNAUTHORIZED_DEBUG using (var context = new KCSGDbContext()) using (var unitOfWork = new UnitOfWork(context)) { try { var loginDomain = new LoginDomain(unitOfWork); // Initiate authentication result. var authenticationResult = new AuthenticationResult(); #region Authentication cookie & ticket validation var formAuthenticationCookie = authorizationContext.RequestContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName]; if (formAuthenticationCookie == null) { if (IsAnonymousAllowed(authorizationContext)) { return; } FormsAuthentication.SignOut(); authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("Authentication cookie is invalid."); return; } //Cookie value is invalid if (string.IsNullOrWhiteSpace(formAuthenticationCookie.Value)) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("Authentication cookie value is invalid."); return; } // Decrypt the authentication cookie value to authentication ticket instance. var formAuthenticationTicket = FormsAuthentication.Decrypt(formAuthenticationCookie.Value); // Ticket is invalid. if (formAuthenticationTicket == null) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("Authentication ticket is not valid."); return; } // User data is invalid. if (string.IsNullOrWhiteSpace(formAuthenticationTicket.UserData)) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("Authentication ticket's user data is invalid."); return; } #endregion #region IP Address validation // Find the user data in the ticket. var loginViewModel = JsonConvert.DeserializeObject <LoginItem>(formAuthenticationTicket.UserData); // User data is invalid. if (loginViewModel == null) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("Authentication ticket information is invalid."); return; } // Find IP Address of request. var requestIpAddress = loginDomain.FindRequestIpAddress(authorizationContext.HttpContext); // Cookie doesn't come from the same origin. if (string.IsNullOrEmpty(requestIpAddress) || !requestIpAddress.Equals(loginViewModel.IpAddress)) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error(string.Format("Cookie doesn't come from the same origin as the request (Source: {0} - Target: {1})", loginViewModel.IpAddress, loginViewModel.Password)); return; } #endregion #region Passsword // No password is included in cookie. if (string.IsNullOrEmpty(loginViewModel.Password)) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error("No password is included in the cookie."); return; } // Find password setting. var passwordSetting = loginDomain.FindPasswordSetting(loginViewModel.Password); if (passwordSetting == null) { if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error(string.Format("Password {0}", loginViewModel.Password)); return; } // Find the password level. authenticationResult.PasswordLevel = passwordSetting.F16_PswdLevel; #endregion #region Terminal // Analyze client ip address. var ips = loginDomain.AnalyzeIpAddress(requestIpAddress); // Find terminal by searching ip address. var terminal = loginDomain.FindTerminalFromIpAddress(ips); // No terminal has been found in the request. if (terminal == null) { // Unauthenticated request is allowed to access function. if (IsAnonymousAllowed(authorizationContext)) { return; } // Sign the user out to clear the cookie. FormsAuthentication.SignOut(); // Treat the request as unauthorized. authorizationContext.Result = new HttpUnauthorizedResult(); Log.Error(string.Format("No terminal has been found with IP : {0}", requestIpAddress)); return; } // Update authentication result. authenticationResult.TerminalNo = terminal.F06_TerminalNo; #endregion #region Cookie authentication // Find the current system time on the server. var systemTime = DateTime.Now; // Login is successful, save the information in the cookie for future use. formAuthenticationTicket = new FormsAuthenticationTicket(1, loginDomain.AuthenticationTicketName, systemTime, systemTime.AddMinutes(30), true, JsonConvert.SerializeObject(loginViewModel)); // Initialize cookie contain the authorization ticket. var httpCookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(formAuthenticationTicket)); authorizationContext.HttpContext.Response.Cookies.Add(httpCookie); // Set credential for the HttpContext. var claimIdentity = new ClaimsIdentity(null, loginDomain.AuthenticationClaimName); claimIdentity.AddClaim(new Claim(ClientIdentities.TerminalNo, authenticationResult.TerminalNo)); claimIdentity.AddClaim(new Claim(ClientIdentities.IpAddress, requestIpAddress)); claimIdentity.AddClaim(new Claim(ClientIdentities.PasswordLevel, authenticationResult.PasswordLevel)); #endregion #region Accessible screens // Find list of accessible screens by using terminal functions & functions management. var availableScreens = loginDomain.FindAccessibleScreens(authenticationResult.TerminalNo, authenticationResult.PasswordLevel); // No screen has been found. if (availableScreens == null || availableScreens.Count < 1) { // Unauthenticated request is allowed to access function. if (IsAnonymousAllowed(authorizationContext)) { return; } // Treat the request as forbidden. authorizationContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); Log.Error(string.Format("No available screen has been found for terminal {0}", authenticationResult.TerminalNo)); return; } // Update available screens list to the terminal. authenticationResult.AccessibleScreens = availableScreens; // Identity update. claimIdentity.AddClaim(new Claim(ClientIdentities.AccessibleScreens, string.Join(",", authenticationResult.AccessibleScreens))); if (_screens != null) { claimIdentity.AddClaim(new Claim(ClientIdentities.AccessingScreen, string.Join(",", _screens))); } var claimsPrincipal = new ClaimsPrincipal(claimIdentity); authorizationContext.HttpContext.User = claimsPrincipal; // At least one screen has been specified to the target controller/action. if (_screens != null && _screens.Length > 0) { // Check whether terminal can access to screen or not. var isScreenAccessible = availableScreens.Any(x => _screens.Any(y => x.Equals(y))); if (!isScreenAccessible) { // Treat the request as forbidden. authorizationContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden); Log.Error(string.Format("Terminal {0} cannot access to screens : {1}", authenticationResult.TerminalNo, string.Join(",", _screens))); } } // Access of terminal to screen is locked. if (IsAccessLocked(terminal.F06_TerminalNo)) { var urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext); authorizationContext.Result = new RedirectResult(urlHelper.Action("Index", "Home", new { Area = "", @isLockScreen = true })); } #endregion } catch (UnauthorizedAccessException) { authorizationContext.Result = new HttpStatusCodeResult(HttpStatusCode.Unauthorized); } } #elif UNAUTHORIZED_DEBUG #endif }