public List <ReturnUser> GetUsers() { List <ReturnUser> users = new List <ReturnUser>(); try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand(SQL_GET_USERS, conn); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { ReturnUser user = GetReturnUserFromReader(rdr); users.Add(user); } } return(users); } catch (SqlException ex) { throw; } }
public decimal GetMyBalance(int userID) { ReturnUser access = new ReturnUser(); decimal myBalance = 0; try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("SELECT balance FROM accounts WHERE user_id = @user_id;", conn); cmd.Parameters.AddWithValue("@user_id", userID); SqlDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { myBalance = Convert.ToDecimal(reader["balance"]); } return(myBalance); } } catch (SqlException ex) { throw; } }
//returning a user profile. We could add this info to the db and pull it from returnUser public ReturnUser GetUserProfile(int id, ReturnUser returnUser) { try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); string sqlText = "SELECT username, role, name from user where user_id = @user_id"; SqlCommand cmd = new SqlCommand(sqlText, conn); cmd.Parameters.AddWithValue("@user_id", id); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { returnUser.Username = Convert.ToString(reader["username"]); returnUser.Role = Convert.ToString(reader["role"]); returnUser.Name = Convert.ToString(reader["name"]); } return(returnUser); } } catch (Exception) { throw; } }
public IActionResult Authenticate(LoginUser userParam) { // Default to bad username/password message IActionResult result = BadRequest(new { message = "Username or password is incorrect" }); // Get the user by username User user = userDAO.GetUser(userParam.Username); // If we found a user and the password hash matches if (user != null && passwordHasher.VerifyHashMatch(user.PasswordHash, userParam.Password, user.Salt)) { // Create an authentication token string token = tokenGenerator.GenerateToken(user.UserId, user.Username /*, user.Role*/); // Create a ReturnUser object to return to the client ReturnUser retUser = new ReturnUser() { UserId = user.UserId, Username = user.Username, /*Role = user.Role,*/ Token = token }; // Switch to 200 OK result = Ok(retUser); } return(result); }
public IActionResult Authenticate(LoginUser userParam) { // Get the user by username User user = userDao.GetUser(userParam.Username); // If no user was found or it was a password mismatch, return a generic bad request. if (user == null || !passwordHasher.VerifyHashMatch(user.PasswordHash, userParam.Password, user.Salt)) { return(BadRequest(new { message = "Username or password is incorrect" })); } // Create an authentication token string token = tokenGenerator.GenerateToken(user.Id, user.Username, user.Role); // Create a ReturnUser object to return to the client ReturnUser retUser = new ReturnUser() { Id = user.Id, Username = user.Username, Role = user.Role, Token = token }; return(Ok(retUser)); }
public List <ReturnUser> GetUsers(string username) { username = $"%{username}%"; List <ReturnUser> users = new List <ReturnUser>(); try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand(SQL_GET_USERS_FILTERED, conn); cmd.Parameters.AddWithValue("@username", username); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { ReturnUser user = GetReturnUserFromReader(rdr); users.Add(user); } } return(users); } catch (SqlException ex) { throw; } }
public IActionResult Authenticate(LoginUser userParam) { // Default to bad username/password message IActionResult result = BadRequest(new { message = "Username or password is incorrect" }); // Get the user by username User user = userDao.GetUser(userParam.Username); // If we found a user and the password hash matches // TODO 03: Note: we do not store password, we store a hash, so that's how we compare. if (user != null && passwordHasher.VerifyHashMatch(user.PasswordHash, userParam.Password, user.Salt)) { // Create an authentication token string token = tokenGenerator.GenerateToken(user.Id, user.Username, user.Role); // Create a ReturnUser object to return to the client ReturnUser retUser = new ReturnUser() { Id = user.Id, Username = user.Username, Role = user.Role, Token = token }; // Switch to 200 OK result = Ok(retUser); } // TODO 04: After we return a token, take a look at it on http://jwt.io return(result); }
private ReturnUser GetReturnUserFromReader(SqlDataReader reader) { ReturnUser user = new ReturnUser(); user.UserId = Convert.ToInt32(reader["user_id"]); user.Username = Convert.ToString(reader["username"]); user.Role = Convert.ToString(reader["user_role"]); return(user); }
private async void LoginButton_Click(object sender, Windows.UI.Xaml.RoutedEventArgs e) { //_navigationFacade.NavigateToMainPage(); //this.Frame.Navigate(typeof(MainPage)); string username = UsernameTextBox.Text; string password = PassWordPasswordBox.Password; ReturnUser user = new ReturnUser(); user.Password = password; user.Username = username; RequestToApi(user); }
public ActionResult <ReturnUser> GetReturnUser(string username) { ReturnUser user = new ReturnUser(); user = this.accountDAO.GetReturnUser(username); if (user == null) { return(NotFound()); } return(Ok(user)); }
private ReturnUser GetReturnUserFromReader(SqlDataReader reader) { ReturnUser u = new ReturnUser() { UserId = Convert.ToInt32(reader["user_id"]), Username = Convert.ToString(reader["username"]), Role = Convert.ToString(reader["user_role"]), //Extra stuff we added FirstName = Convert.ToString(reader["FirstName"]), LastName = Convert.ToString(reader["LastName"]), Email = Convert.ToString(reader["Email"]), PhoneNumber = Convert.ToString(reader["PhoneNumber"]) }; return(u); }
public async Task <object> Login([FromBody] LoginDto model) { var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, false); if (result.Succeeded) { var appUser = _userManager.Users.SingleOrDefault(r => r.Email == model.Email); var loggedInUser = new ReturnUser { Email = model.Email, Token = await GenerateJwtToken(model.Email, appUser) }; return(Json(loggedInUser)); } throw new ApplicationException("UNKNOWN_ERROR"); }
public async void RequestToApi(ReturnUser user) { //request POST to api using (var client = new HttpClient()) { var resourceLoader = ResourceLoader.GetForCurrentView(); client.BaseAddress = new Uri(resourceLoader.GetString("ServerURL")); client.DefaultRequestHeaders.Accept.Clear(); client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); // New code: try { HttpResponseMessage response = await client.PostAsJsonAsync("api/Users/info", user); if (response.IsSuccessStatusCode) { //UserInfo info = await response.Content.ReadAsAsync<UserInfo>(); //encode password user.Password = Base64Encode(user.Password); //write to file "user.json" await SerelizeDataToJson(user, "user"); // To do: Login to home page this.Frame.Navigate(typeof(MainPage)); } else { ErrorProviderTextBlock.Text = "Incorrect username or password!"; ErrorProviderTextBlock.Visibility = Visibility.Visible; } } catch (HttpRequestException) { var dialog = new MessageDialog("Can not connect to server!", "Message"); //dialog.Commands.Add(new UICommand("Yes") { Id = 0 }); //dialog.Commands.Add(new UICommand("No") { Id = 1 }); await dialog.ShowAsync(); } } }
public static async Task <string> SerelizeDataToJson(ReturnUser user, string filename) { try { var folder = Windows.Storage.ApplicationData.Current.LocalFolder; var file = await folder.CreateFileAsync(filename + ".json", Windows.Storage.CreationCollisionOption.ReplaceExisting); var data = await file.OpenStreamForWriteAsync(); using (StreamWriter r = new StreamWriter(data)) { var serelizedfile = JsonConvert.SerializeObject(user); r.Write(serelizedfile); } return(filename); } catch (Exception e) { throw e; } }
public ReturnUser GetUserById(int id) { using (SqlConnection conn = new SqlConnection(connectionString)) { ReturnUser user = new ReturnUser(); conn.Open(); string sqlQuery = @"SELECT * from users where user_id = @userId"; SqlCommand cmd = new SqlCommand(sqlQuery, conn); cmd.Parameters.AddWithValue("@userid", id); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { user = new ReturnUser(); user.UserId = Convert.ToInt32(rdr["user_id"]); user.Username = Convert.ToString(rdr["username"]); } return(user); } }
public List <ReturnUser> ListOfUsers() { List <ReturnUser> returnUsers = new List <ReturnUser>(); using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("SELECT users.user_id, users.username, accounts.account_id, accounts.balance FROM users JOIN accounts ON users.user_id = accounts.user_id", conn); // cmd.Parameters.AddWithValue("@user_id", userId); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { ReturnUser user = GetUserFromReader(reader); returnUsers.Add(user); } } return(returnUsers); }
// Metod för att uppdatera kontoinformation, tar emot ett objekt av en användare public bool UpdateAccountInfo(ReturnUser UpdatedAccountInfo) { // Hitta rätt användare i databasen var user = db.Users.Where(x => x.ID == UpdatedAccountInfo.ID).FirstOrDefault(); // Kolla om användarnamnet redan finns i databasen, man ska inte kunna byta till ett användarnamn som redan finns Users userUsername = (from x in db.Users where x.Username == UpdatedAccountInfo.Username select x).FirstOrDefault(); // Om en användare hittas if (user != null) { // Om användarnamnet inte är upptaget if (userUsername == null) { // Användarobjektet får värdena av det objekt vi skickade in i metoden, alltså den uppdaterade kontoinformationen user.Email = UpdatedAccountInfo.Email; user.Username = UpdatedAccountInfo.Username; user.Firstname = UpdatedAccountInfo.Firstname; user.Surname = UpdatedAccountInfo.Surname; db.SaveChanges(); return(true); } // Om användarnamnet är upptaget else { return(false); } } else { return(false); } }
public List <ReturnUser> GetListOfUsers() { List <ReturnUser> listOfUsers = new List <ReturnUser>(); using (SqlConnection conn = new SqlConnection(ConnectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("SELECT username, user_id FROM users;", conn); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { ReturnUser user = new ReturnUser(); user.Username = Convert.ToString(reader["username"]); user.UserId = Convert.ToInt32(reader["user_id"]); listOfUsers.Add(user); } } return(listOfUsers); }
public List <ReturnUser> GetUsersForTransfer() { List <ReturnUser> allUsers = new List <ReturnUser>(); using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); string sqlCommand = @"SELECT * FROM users"; SqlCommand cmd = new SqlCommand(sqlCommand, conn); SqlDataReader rdr = cmd.ExecuteReader(); while (rdr.Read()) { ReturnUser user = new ReturnUser(); user.UserId = Convert.ToInt32(rdr["user_id"]); user.Username = Convert.ToString(rdr["username"]); allUsers.Add(user); } } return(allUsers); }
public async Task <object> Register([FromBody] RegisterDto model) { var user = new IdentityUser { UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { await _signInManager.SignInAsync(user, false); var registeredUser = new ReturnUser { Email = model.Email, Token = await GenerateJwtToken(model.Email, user) }; return(Json(registeredUser)); } throw new ApplicationException("UNKNOWN_ERROR"); }
public ActionResult CheckLogin(string userid, string password) { //--------------------------------------------------------------------- if (Request.HttpMethod == "GET") { return(RedirectToAction("Login")); } //check validation. string errorNotify = ""; if (String.IsNullOrEmpty(userid)) { errorNotify = " Nhập tên đăng nhập/Input UserName."; } if (String.IsNullOrEmpty(password)) { errorNotify += " Nhập mật khẩu/Input password."; } if (!String.IsNullOrEmpty(errorNotify)) { ViewBag.error = errorNotify; return(RedirectToAction("Login")); } var passwordMd5 = SMCommon.MD5Endcoding(password.Trim()).ToLower(); ReturnUser returnUser = (new UserDB()).CheckLogin(userid.Trim(), passwordMd5); if (returnUser.Code == "01") { errorNotify += " Tên đăng nhập hoặc mật khẩu không đúng/UserName or Password is incorrect!"; } if (returnUser.Code == "99") { errorNotify += " Kiểm tra lại đường truyền/Check connection."; } if (!String.IsNullOrEmpty(errorNotify)) { ViewBag.error = " Lỗi đăng nhập/Error Login: "******"Login")); } //Validation is successful. if (returnUser.Code == "00") // exist user. { User user = returnUser.lstUser[0]; MyShareInfo.ID = user.ID; MyShareInfo.UserName = user.UserName; MyShareInfo.PassWord = user.PassWord; MyShareInfo.FullName = user.FullName; MyShareInfo.MobileNumber = user.MobileNumber; MyShareInfo.FactoryID = user.FactoryID; MyShareInfo.RoleID = user.RoleID; //Session["UserLogin"] = user; Session["UserID"] = user.ID; Session["UserName"] = user.UserName; Session["FactoryID"] = user.FactoryID; #region dynamic menu by userid MenuDB menuDB = new MenuDB(); User currentUser = new User() { ID = Convert.ToInt32(Session["UserID"].ToString()) }; ReturnMenuRole returnMenuRole = menuDB.GetMenusByUserID(currentUser); var menuViewModel = new MenuViewModel { returnMenuRole = returnMenuRole, user = currentUser }; Session["MenuPermission"] = menuViewModel; #endregion //Permission Session["UserPermission"] = (new UserDB()).ListAllControllerName_PermissionByUserID(user.ID); return(RedirectToAction("Index")); } return(RedirectToAction("Login")); }
// Metod för att skapa ny användare, tar ett användarobjekt som inparameter och returnerar ett nytt objekt med användarens uppgifter public ReturnUser CreateUser(NewUser NewUser) { // Kolla i databasen om E-mail och användarnamn redan finns, om inte, gå vidare och skapa användaren Users EmailCheck = (from x in db.Users where x.Email.ToUpper() == NewUser.Email.ToUpper() select x).FirstOrDefault(); Users UsernameCheck = (from x in db.Users where x.Username.ToUpper() == NewUser.Username.ToUpper() select x).FirstOrDefault(); var LoggUser = new Users // Dettta är loggning av objektet NewUser. { Email = NewUser.Email, Username = NewUser.Username, Firstname = NewUser.Firstname, Surname = NewUser.Surname, Password = NewUser.Password, }; var jsonPerson = JsonConvert.SerializeObject(LoggUser); Log.Information(jsonPerson); // Om inget E-mail eller användarnamn kan hittas if (EmailCheck == null & UsernameCheck == null) { // Hashing av lösenord med tillhörande salt byte[] salt; new RNGCryptoServiceProvider().GetBytes(salt = new byte[16]); var pass = new Rfc2898DeriveBytes(NewUser.Password, salt, 1000); byte[] passwordHash = pass.GetBytes(20); byte[] total = new byte[36]; Array.Copy(salt, 0, total, 0, 16); Array.Copy(passwordHash, 0, total, 16, 20); string savedPassword = Convert.ToBase64String(total); /* * Här skapas ett nytt användarobjekt som används av resterande servicar. * Eftersom endast vår service skall hantera lösenord behöver vill vi inte skicka med lösenord till andra, varför detta objekt skapas. */ ReturnUser returUser = new ReturnUser(); // Det nya objektet tilldelas värdena från användarens inmatade uppgifter returUser.Email = NewUser.Email; returUser.Username = NewUser.Username; returUser.Firstname = NewUser.Firstname; returUser.Surname = NewUser.Surname; // Nytt objekt som sparas i databasen, innehållande samtliga användaruppgifter Users CompleteUser = new Users(); CompleteUser.Email = NewUser.Email; CompleteUser.Firstname = NewUser.Firstname; CompleteUser.Surname = NewUser.Surname; CompleteUser.Username = NewUser.Username; // Lösenordet får värdet av det tidigare hashade lösenordet, eftersom det är detta som skall sparas i databasen CompleteUser.Password = savedPassword; // Status-Id blir automatiskt 1, som innebär aktiv CompleteUser.StatusID = 1; // Role-Id 3 innebär vanlig användare CompleteUser.RoleID = 3; // Det nya användarobjektet läggs till i databasen db.Users.Add(CompleteUser); db.SaveChanges(); // Säkerställ att det användar-id vi har överensstämmer med andra servicars Id, vilket minimerar risken för att olika användare visas upp returUser.ID = CompleteUser.ID; return(returUser); } // Om E-mail och användarnamn redan finns i databasen else { return(null); } }
private static void MenuSelection() { int menuSelection = -1; while (menuSelection != 0) { Console.WriteLine(""); Console.WriteLine("Welcome to TEnmo! Please make a selection: "); Console.WriteLine("1: View your current balance"); Console.WriteLine("2: View your past transfers"); Console.WriteLine("3: View your pending requests"); Console.WriteLine("4: Send TE bucks"); Console.WriteLine("5: Request TE bucks"); Console.WriteLine("6: Log in as different user"); Console.WriteLine("0: Exit"); Console.WriteLine("---------"); Console.Write("Please choose an option: "); if (!int.TryParse(Console.ReadLine(), out menuSelection)) { Console.WriteLine("Invalid input. Please enter only a number."); menuSelection = -1; } else if (menuSelection == 1) { string output; IRestResponse <decimal> response = accountService.GetBalance(); if (response.StatusCode == System.Net.HttpStatusCode.OK) { output = $"Balance: {response.Data:c}"; } else { output = "Unable to reach server."; } Console.WriteLine(output); } else if (menuSelection == 2) { //view your past transfers List <Transfer> transferList = accountService.GetPreviousTransfers(); if (transferList != null) { List <ReturnUser> userList = accountService.GetListOfUsers(); //get username if (userList != null) { bool pending = false; consoleService.PrintPreviousTransfers(transferList, userList, pending); Transfer selectedTransfer = consoleService.ValidateTransferDetailsChoice(transferList, pending); if (selectedTransfer != null) { consoleService.PrintTransferDetails(selectedTransfer, userList); } else { Console.WriteLine("Couldn't get transfer details."); } } else { Console.WriteLine("Couldn't retreive User List while getting past transfers."); } } else { Console.WriteLine("Couldn't get list of past transfers."); } } else if (menuSelection == 3) { //view your pending requests List <Transfer> transferList = accountService.GetPreviousTransfers(); if (transferList != null) { List <ReturnUser> userList = accountService.GetListOfUsers(); if (userList != null) { bool pending = true; consoleService.PrintPreviousTransfers(transferList, userList, pending); Transfer selectedTransfer = consoleService.ValidateTransferDetailsChoice(transferList, pending); if (selectedTransfer != null) { IRestResponse <decimal> response = accountService.GetBalance(); if (response.StatusCode != System.Net.HttpStatusCode.OK) { Console.WriteLine("Unable to reach server."); } decimal balance = response.Data; int userChoice = consoleService.ValidateApproveOrReject(selectedTransfer.amount, balance); bool approved = userChoice == 1 ? true : false; if (userChoice == 1 || userChoice == 2) { //approve accountService.UpdateTransfer(selectedTransfer, approved); } } else { Console.WriteLine("Couldn't get transfer details."); } } else { Console.WriteLine("Couldn't retreive User List while getting past transfers."); } } else { Console.WriteLine("Couldn't get list of past transfers."); } } else if (menuSelection == 4) { //sending TE Bucks IRestResponse <decimal> response = accountService.GetBalance(); if (response.StatusCode == System.Net.HttpStatusCode.OK) { decimal balance = response.Data; //GetUserFromListOfUsers(list of users) List <ReturnUser> userList = accountService.GetListOfUsers(); if (userList.Count != 0) { //pass the user list to Console Service(listOfUsers) => This displays the list of users, prompts of a selection, returns the selected user ReturnUser transferToThisUser = consoleService.GetValidUserFromList(userList, true); if (transferToThisUser != null) { //verifytransferamount(fromUser) decimal transferAmount = consoleService.GetValidTransferAmount(balance); if (transferAmount != 0) { //send te bucks to specified user Transfer transfer = consoleService.PopulateTransfer("Send", "Approved", transferToThisUser.UserId, UserService.GetUserId(), transferAmount); accountService.MakeTransfer(transfer); } } else { Console.WriteLine("Unable to retreive User from List of Users while making a transfer"); } } else { Console.WriteLine("Unable to get User List while making a transfer."); } } else { Console.WriteLine("Unable to get balance."); } } else if (menuSelection == 5) { //request TE bucks IRestResponse <decimal> response = accountService.GetBalance(); if (response.StatusCode == System.Net.HttpStatusCode.OK) { //GetUserFromListOfUsers(list of users) List <ReturnUser> userList = accountService.GetListOfUsers(); if (userList.Count != 0) { //pass the user list to Console Service(listOfUsers) => This displays the list of users, prompts of a selection, returns the selected user ReturnUser requestFromThisUser = consoleService.GetValidUserFromList(userList, false); if (requestFromThisUser != null) { //verifytransferamount(fromUser) decimal transferAmount = consoleService.GetValidTransferAmount(); if (transferAmount != 0) { //send te bucks to specified user Transfer transfer = consoleService.PopulateTransfer("Request", "Pending", UserService.GetUserId(), requestFromThisUser.UserId, transferAmount); accountService.MakeTransfer(transfer); } } else { Console.WriteLine("Unable to retreive User from List of Users while making a request"); } } else { Console.WriteLine("Unable to get User List while making a request."); } } else { Console.WriteLine("Unable to get balance."); } } else if (menuSelection == 6) { Console.WriteLine(""); UserService.SetLogin(new API_User()); //wipe out previous login info Run(); //return to entry point } else { Console.WriteLine("Goodbye!"); Environment.Exit(0); } } }
// check balance is greater than 0, deduct transfer amount from sender, deposit trasnfer amt to receiver public bool BalanceIsSufficient(string username, decimal amtToTransfer) { ReturnUser user = GetReturnUser(username); return(user.AccountBalance >= amtToTransfer); }