public static DataAccessResponseType AuthenticateUser(string email, string password) { var response = new DataAccessResponseType(); //Verifiy all prameters if (string.IsNullOrEmpty(email)) { response.ErrorMessages.Add("Please include an email."); } if (string.IsNullOrEmpty(password)) { response.ErrorMessages.Add("Please include a password."); } if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password)) { response.isSuccess = false; response.ErrorMessage = "Not all parameters contain a value!"; return(response); } try { //Get user with 'Login' info (username + password) response = PlatformUserManager.GetUserWithLogin(email, password); if (response.isSuccess) { var user = (PlatformUserIdentity)response.ResponseObject; //<-- ResponseObject can be converted to PlatformUser by consuming application //Validate that the user is active if (!user.Active) { response.isSuccess = false; response.ErrorMessages.Add("This user is not active."); } return(response); } else { return(response); } } catch (Exception e) { //Log exception and email platform admins PlatformExceptionsHelper.LogExceptionAndAlertAdmins( e, "attempting to authenticate platform user with email: " + email, System.Reflection.MethodBase.GetCurrentMethod() ); return(new DataAccessResponseType { isSuccess = false, ErrorMessage = e.Message }); } }
public DataAccessResponseType DeletePlatformUserInvitation(string invitationKey, string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(new DataAccessResponseType { isSuccess = false, ErrorMessage = requestResponseType.requestMessage }); } #endregion return(PlatformUserManager.DeleteInvitation(invitationKey)); }
public List <PlatformPasswordResetClaim> GetLostPasswordClaims(string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(null); } #endregion return(PlatformUserManager.GetPasswordClaims()); }
public DataAccessResponseType DeletePlatformUser(string userId, string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(new DataAccessResponseType { isSuccess = false, ErrorMessage = requestResponseType.requestMessage }); } #endregion var user = PlatformUserManager.GetUser(userId); var result = PlatformUserManager.DeleteUser(userId); #region Log Platform Activity if (result.isSuccess) { try { PlatformLogManager.LogActivity( CategoryType.PlatformUser, ActivityType.PlatformUser_Deleted, "User deleted", requesterName + " deleted " + user.FullName + "'s account", null, null, requesterId, requesterName, requesterEmail ); } catch { } } #endregion return(result); }
public DataAccessResponseType ResetLostPassword(string passwordClaimKey, string newPassword, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.ResetPassword(passwordClaimKey, newPassword)); }
// Mostly used to keep views in sync with latest user role & properties (WCF clients cannot consume Identity versions) public PlatformUser GetPlatformUser(string userId, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.GetUser(userId)); }
public PlatformInvitation GetPlatformUserInvitation(string invitationKey, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.GetInvitation(invitationKey)); }
public DataAccessResponseType ClaimLostPassword(string email, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.ClaimLostPassword(email)); }
public DataAccessResponseType RegisterInvitedPlatformUser(string email, string firstName, string lastName, string password, string role, string invitationKey, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.CreatePlatformUser(email, firstName, lastName, password, role, invitationKey)); }
public DataAccessResponseType ResendPlatformUserInvitation(string invitationKey, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } return(PlatformUserManager.ResendInvitation(invitationKey)); }
public DataAccessResponseType UpdatePlatformUserPassword(string email, string currentPassword, string newPassword, string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(new DataAccessResponseType { isSuccess = false, ErrorMessage = requestResponseType.requestMessage }); } #endregion var result = PlatformUserManager.ChangePassword(email, currentPassword, newPassword); #region Log Platform Activity if (result.isSuccess) { try { PlatformLogManager.LogActivity( CategoryType.PlatformUser, ActivityType.PlatformUser_Invited, "Password changed", requesterName + " has updated their password", null, null, requesterId, requesterName, requesterEmail ); } catch { } } #endregion return(result); }
public DataAccessResponseType CreatePlatformUser(string email, string firstName, string lastName, string password, string roleName, string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(new DataAccessResponseType { isSuccess = false, ErrorMessage = requestResponseType.requestMessage }); } #endregion var result = PlatformUserManager.CreatePlatformUser(email, firstName, lastName, password, roleName); #region Log Platform Activity if (result.isSuccess) { try { PlatformLogManager.LogActivity( CategoryType.PlatformUser, ActivityType.PlatformUser_Created, "User created", requesterName + " created new user: '******'", null, null, requesterId, requesterName, requesterEmail ); } catch { } } #endregion return(result); }
/// <summary> /// Used to get updated claims information on the username. /// Can be used when an action is denyed by attempting to check if updated claim will allow the action. /// You may also choose a frequency to check for updated claims on the client side. /// </summary> /// <param name="userName"></param> /// <returns></returns> public ClaimsIdentity GetClaimsIdentity(string userName, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } var platformUserIdentity = PlatformUserManager.GetUserIdentity(userName); System.Security.Claims.ClaimsIdentity identity = PlatformUserManager.GetUserClaimsIdentity( platformUserIdentity, DefaultAuthenticationTypes.ApplicationCookie); //<-- Uses a cookie for the local web application return(identity); }
public string GetLostPasswordClaim(string passwordClaimKey, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } try { return(PlatformUserManager.GetPasswordClaim(passwordClaimKey).Email); } catch { return(null); } }
public static string SharedClientKey = "[Config_SharedClientKey]"; //<-- Used to verify calls for WCF service methods NOT tied to a user login. public static RequestResponseType ValidateRequest(string requesterId, RequesterType requsterType, out string requesterName, out string requesterEmail, string lowestRoleRequirementPlatform = null, string lowestRoleRequirementAccount = null, bool requiresAccountOwner = false, bool ignoreAccountActiveState = false) { var response = new RequestResponseType(); requesterName = string.Empty; requesterEmail = string.Empty; #region validate request if (string.IsNullOrEmpty(requesterId)) { return(new RequestResponseType { isApproved = false, requestMessage = "A valid RequesterID must be used with this action" }); } /* * if (requsterType == null) * { * return new RequestResponseType { isApproved = false, requestMessage = "A RequesterType must be used with this action" }; * }*/ #endregion switch (requsterType) { //Request is exempt from further validation case RequesterType.Exempt: { response.isApproved = true; response.requestMessage = "This request is exempt from validation."; #region get the requester info for the out object for logging purposes in WCF services try { var requestUser = AccountUserManager.GetUser(requesterId); if (requestUser != null) { requesterName = requestUser.FirstName; requesterEmail = requestUser.Email; } else { var plaformUser = PlatformUserManager.GetUser(requesterId); requesterName = plaformUser.FirstName; requesterEmail = plaformUser.Email; } } catch { var requestUser = PlatformUserManager.GetUser(requesterId); requesterName = requestUser.FirstName; requesterEmail = requestUser.Email; } #endregion break; } //validate request for a PlatformUser: case RequesterType.PlatformUser: { if (lowestRoleRequirementPlatform != null) { //userRole = PlatformUserManager.GetUserRole(requesterId); var platformUser = PlatformUserManager.GetUser(requesterId); requesterName = platformUser.FirstName; requesterEmail = platformUser.Email; //userRole = AccountUserManager.GetUserRole(requesterId); //Check requester Active state: if (!platformUser.Active) { response.isApproved = false; response.requestMessage = "You must be an active platform user to make this request."; //immediatley return the failed result return(response); } //Check requester role: response.isApproved = Internal.RoleChecker.IsRoleAllowed(requsterType, platformUser.Role, lowestRoleRequirementPlatform); if (response.isApproved) { response.requestMessage = "This request is valid."; } else { response.requestMessage = "This request is not valid for this platform user role."; } } else { response.isApproved = false; response.requestMessage = "This request is not valid for platform users"; } break; } //Validate request(s) for an AccountUser: case RequesterType.AccountUser: { var accountUser = AccountUserManager.GetUser(requesterId); requesterName = accountUser.FirstName; requesterEmail = accountUser.Email; var account = AccountManager.GetAccount(accountUser.AccountID.ToString(), true, AccountManager.AccountIdentificationType.AccountID); //Ensure that the account is Active (and Active state is not ignored): if (!ignoreAccountActiveState && !account.Active) { response.isApproved = false; response.requestMessage = "This account is not currently active."; //Immediately return the failed result return(response); } if (!account.Provisioned) { response.isApproved = false; response.requestMessage = "This account is not yet provisioned."; //Immediately return the failed result return(response); } /* * //Ensure that the account is Active (and Active state is not ignored): * if (!ignoreAccountActiveState && !AccountManager.IsAccountActive(accountUser.AccountID.ToString())) * { * response.isApproved = false; * response.requestMessage = "This account is not currently active."; * //Immediately return the failed result * return response; * } * */ if (requiresAccountOwner) { //Check if the user is an account owner if (accountUser.AccountOwner) { response.isApproved = true; response.requestMessage = "This request is valid."; } else { response.isApproved = false; response.requestMessage = "Only account owners can make this request or update."; //Immediately return the failed result return(response); } } else if (lowestRoleRequirementAccount != null) { //Check requester Active state: if (!accountUser.Active) { response.isApproved = false; response.requestMessage = "You must be an active account user to make this request."; //Immediately return the failed result return(response); } //Check requester role: response.isApproved = Internal.RoleChecker.IsRoleAllowed(requsterType, accountUser.Role, lowestRoleRequirementAccount); if (response.isApproved) { response.requestMessage = "This request is valid."; } else { response.requestMessage = "This request is not valid for this account user role."; //immediatly return the failed result return(response); } } else { response.isApproved = false; response.requestMessage = "This request is not valid for account users"; //immediatly return the failed result return(response); } break; } default: { response.isApproved = false; response.requestMessage = "Cannot validate this request with the parameters given."; break; } } return(response); }
public AuthenticationResponse Authenticate(string email, string password, string ipAddress, string origin, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } var authResponse = new AuthenticationResponse(); //From here you may log the fact that the user has authenticated at this time (if this is something you wish to track) //login.IP; <-- IP address for logging purposes var result = PlatformSecurityManager.AuthenticateUser(email, password); authResponse.isSuccess = result.isSuccess; authResponse.ErrorMessage = result.ErrorMessage; if (result.isSuccess) { //Get the IdentityUser from the ResponseObject: var platformUserIdentity = (PlatformUserIdentity)result.ResponseObject; //Convert to non Identity version & add to response object: authResponse.PlatformUser = PlatformUserManager.TransformPlatformUserIdentityToPlatformUser(platformUserIdentity); //Get Claims based identity for the user System.Security.Claims.ClaimsIdentity identity = PlatformUserManager.GetUserClaimsIdentity( platformUserIdentity, DefaultAuthenticationTypes.ApplicationCookie); //<-- Uses a cookie for the local web application // You can add to claims thusly: //identity.AddClaim(new Claim(ClaimTypes.Name, "Name")); authResponse.ClaimsIdentity = identity; #region Log Platform user Activity (AuthenticationPassed) try { PlatformLogManager.LogActivity( CategoryType.Authentication, ActivityType.Authentication_Passed, "Successfull log in.", authResponse.PlatformUser.FirstName + " successfully logged in.", null, null, authResponse.PlatformUser.Id, authResponse.PlatformUser.FirstName, authResponse.PlatformUser.Email, ipAddress, origin); } catch { } #endregion } else { #region Log Platform User Activity (AuthenticationFailed) try { PlatformLogManager.LogActivity( CategoryType.Authentication, ActivityType.Authentication_Failed, "An attempt to log into the platform admin with email '" + email + "' has failed.", result.ErrorMessage, null, null, "Unknown", "Unknown", email, ipAddress, origin); } catch { } #endregion } return(authResponse); }
// Future performance update: have client upload image to intermediary storage, submit location with imag eid for WCF processing (similar to other imageing solutions) public DataAccessResponseType UpdatePlatformUserProfilePhoto(string userId, byte[] imageByteArray, string requesterId, RequesterType requesterType, string sharedClientKey) { // Ensure the clients are certified. if (sharedClientKey != Sahara.Core.Platform.Requests.RequestManager.SharedClientKey) { return(null); } #region Validate Request var requesterName = string.Empty; var requesterEmail = string.Empty; var requestResponseType = RequestManager.ValidateRequest(requesterId, requesterType, out requesterName, out requesterEmail, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin, null); if (!requestResponseType.isApproved) { //Request is not approved, send results: return(new DataAccessResponseType { isSuccess = false, ErrorMessage = requestResponseType.requestMessage }); } #endregion var result = PlatformUserManager.UpdateProfilePhoto(userId, imageByteArray); #region Log Platoform Activity if (result.isSuccess) { try { var logDescription = string.Empty; if (userId == requesterId) { logDescription = requesterName + " has updated their profile photo"; } else { var user = PlatformUserManager.GetUser(userId); logDescription = requesterName + " updated " + user.FullName + "'s profile photo"; } PlatformLogManager.LogActivity( CategoryType.PlatformUser, ActivityType.PlatformUser_Edited, "Photo updated", logDescription, null, null, requesterId, requesterName, requesterEmail ); } catch { } } #endregion return(result); }
public static DataAccessResponseType ProvisionPlatform(string FirstName, string LastName, string Email, string password) { // Begin timing task Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); DataAccessResponseType response = new DataAccessResponseType(); if (!isPlatformInitialized()) { //Generate Databases & Schemas PlatformInitialization platformInitialization = new PlatformInitialization(); response = platformInitialization.InitializePlatform(); if (response.isSuccess) { try { //Create initial Platform User & Assign to SuperAdmin Role var createUserResult = PlatformUserManager.CreatePlatformUser(Email, FirstName, LastName, password, Sahara.Core.Settings.Platform.Users.Authorization.Roles.SuperAdmin); if (createUserResult.isSuccess) { //Replicate Payment Plans to Stripe Account: //StripeInitialization.SeedPaymentPlans(); var stripePlansResponse = PaymentPlanManager.DuplicatePlansToStripe(); if (!stripePlansResponse.isSuccess) { response.isSuccess = false; response.ErrorMessage = "An error occured when creating Stripe plans"; return(response); } /*====================================== * Create AccountPartition Document Database * ========================================*/ /* Retired ------------------*/ //var client = Sahara.Core.Settings.Azure.DocumentDB.DocumentClients.AccountDocumentClient; var databasename = Sahara.Core.Settings.Azure.DocumentDB.AccountPartitionDatabaseId; Database accountDatabase = Sahara.Core.Settings.Azure.DocumentDbClients.AccountDocumentClient.CreateDatabaseQuery().Where(db => db.Id == databasename).ToArray().FirstOrDefault(); if (accountDatabase == null) { //Create if not exists accountDatabase = Sahara.Core.Settings.Azure.DocumentDbClients.AccountDocumentClient.CreateDatabaseAsync(new Database { Id = databasename }).Result; } /*====================================== * Clear all logs () * ========================================*/ //PlatformLogManager.ClearLogs(); /*====================================== * Log Initilization of Platform * ========================================*/ stopwatch.Stop(); PlatformLogManager.LogActivity( CategoryType.Platform, ActivityType.Platform_Initialized, "Platform initilized by: " + FirstName + " " + LastName + " (" + Email + ")", "Initialization took " + String.Format("{0:0,0.00}", TimeSpan.FromMilliseconds(stopwatch.ElapsedMilliseconds).TotalMinutes) + " minute(s) to complete" ); response.isSuccess = true; response.SuccessMessage = "Platform has been successfully initialized and '" + Email + "' has been registered as the initial platform administrator."; } } catch (Exception e) { response.isSuccess = false; response.ErrorMessage = e.Message; try { response.ErrorMessages.Add(e.InnerException.Message); } catch { } } } return(response); } else { response.isSuccess = false; response.ErrorMessage = "Platform is already initialized."; response.ErrorMessages.Add("If you are attempting to create a new installation on this envionemnt: You must first clear all platfrom components manually."); return(response); } }
internal DataAccessResponseType InitializePlatform() { DataAccessResponseType response = new DataAccessResponseType(); /*====================================== * CREATE DATABASES * ========================================*/ //Create Platform Database: DatabaseModel platformDatabase = new DatabaseModel(); platformDatabase.DatabaseTier = DatabaseTier.Basic; platformDatabase.DatabaseName = "Platform"; platformDatabase.DatabaseSize = MaxSize_Basic._2GB; Sql.Scripts.Create.CreateDatabase(platformDatabase, Sahara.Core.Settings.Azure.Databases.DatabaseConnections.MasterSqlConnection); //Create Accounts Database: DatabaseModel accountsDatabase = new DatabaseModel(); accountsDatabase.DatabaseTier = DatabaseTier.Basic; accountsDatabase.DatabaseName = "Accounts"; accountsDatabase.DatabaseSize = MaxSize_Basic._2GB; Sql.Scripts.Create.CreateDatabase(accountsDatabase, Sahara.Core.Settings.Azure.Databases.DatabaseConnections.MasterSqlConnection); /*====================================== * Schema & Tables & Seed * ========================================*/ //Run Schema for Accounts on Accounts DB: var accountDBInitialization = new Sql.Scripts.AccountsDB.Initialization.Initialization(); accountDBInitialization.InitializeAccountsDB(Sahara.Core.Settings.Azure.Databases.DatabaseConnections.AccountsSqlConnection); //using (Sahara.Core.Settings.Azure.Databases.DatabaseConnections.AccountsSqlConnection) //{ //} //Run Schema for Platform on Platform DB: var platformDBInitialization = new Sql.Scripts.PlatformDB.Initialization.Initialization(); platformDBInitialization.InitializePlatformDB(Sahara.Core.Settings.Azure.Databases.DatabaseConnections.PlatformSqlConnection); /*====================================== * Create Initial Platform Roles * ========================================*/ var createPlatformRolesResult = PlatformUserManager.CreateRoles(Sahara.Core.Settings.Platform.Users.Authorization.Roles.GetRoles()).Result; /*====================================== * Create Initial AccountUser Roles * ========================================*/ var createAccountRolesResult = AccountUserManager.CreateRoles(Sahara.Core.Settings.Accounts.Users.Authorization.Roles.GetRoles()).Result; /*===================================== * Initialize Available Themes * ========================================*/ #region Create Default Theme(s) ThemesManager.CreateTheme(new ThemeModel { Name = "Light", Font = "segoe", Colors = new ThemeColorsModel { Background = "FFFFFF", BackgroundGradianetTop = "FFFFFF", BackgroundGradientBottom = "DEDEDE", Shadow = "858585", Highlight = "000000", Foreground = "000000", Overlay = "3D3D3D", Trim = "5E5E5E" } }); ThemesManager.CreateTheme(new ThemeModel { Name = "Charcoal", Font = "segoe", Colors = new ThemeColorsModel { Background = "000000", BackgroundGradianetTop = "000000", BackgroundGradientBottom = "4A4A4A", Shadow = "A8A8A8", Highlight = "D9D9D9", Foreground = "FFFFFF", Overlay = "828282", Trim = "4D4D4D" } }); ThemesManager.CreateTheme(new ThemeModel { Name = "Cyan", Font = "segoe", Colors = new ThemeColorsModel { Background = "9DD9ED", BackgroundGradianetTop = "9DD9ED", BackgroundGradientBottom = "4F94AB", Shadow = "1D4E5E", Highlight = "CFF3FF", Foreground = "1D4E5E", Overlay = "A18F28", Trim = "FF8800" } }); #endregion response.isSuccess = true; return(response); }