public IActionResult changePassword([FromBody] changePassword changePassword)
{
var message = 0;
try
{
if (changePassword.userId > 0)
{
var user = db.Users.Where(x => x.Id == changePassword.userId &&
x.IsActive == true &&
x.RoleId == 1 &&
x.Otp == changePassword.Otp)
.FirstOrDefault();
var salt = CommonFunctions.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
if (user != null)
{
user.PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunctions.GetBytes(changePassword.Password), salt);
user.PasswordSalt = salt;
db.SaveChanges();
message = 1;
}
}
}
catch (Exception ex)
{
throw ex;
}
return(Ok(message));
}
public IActionResult savePass(int UserId, string password)
{
var message = 0;
try
{
var checkTheif = db.Users.Where(x => x.Id == UserId).FirstOrDefault();
if (checkTheif != null)
{
if (password != null)
{
var salt = CommonFunctions.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
checkTheif.PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunctions.GetBytes(password), salt);
checkTheif.PasswordSalt = salt;
message = 1;
db.SaveChanges();
}
}
}
catch (Exception ex)
{
throw ex;
}
return(Ok(message));
}
public void Should_compute_hash()
{
IHashAlgorithm algorithm = new SHA512HashAlgorithm();
var hash = algorithm.ComputeHash("khurwitz");
Assert.That(hash, Is.EqualTo("n04q+oz8Qqjmc56ohKhbOFVEFNgmROnFIkzya2r+xBiXQKLBMBZAKCT9UDK+3s3x/JbN2HJ5gTSEEVP+ip7NdQ=="));
}
public async Task <IActionResult> RegisterCustomer(RegisterCustomer model)
{
var user = new User();
var salt = CommonFunctions.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
var data = db.Users.Where(x => x.Email == model.Email && x.IsActive == true && x.RoleId == 1).FirstOrDefault();
if (data == null)
{
user = new User()
{
FirstName = model.FirstName,
MiddleName = model.MiddleName,
LastName = model.LastName,
Email = model.Email,
Phone = model.Phone,
PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunctions.GetBytes(model.Password), salt),
PasswordSalt = salt,
RoleId = 1,
IsVerified = true,
IsActive = true,
DateTime = DateTime.Now
};
db.Users.Add(user);
db.SaveChanges();
MailAddress objFrom = new MailAddress(_settings.Value.ADMINEMAIL, "info@eschedule");
MailMessage mailMsg = new MailMessage();
mailMsg.From = objFrom;
var html = System.IO.File.ReadAllText(environment.WebRootPath + "/Template/UserRegister.html");
html = html.Replace("{{userName}}", user.FirstName);
Emailmodel emailmodel = new Emailmodel();
emailmodel.From = "";
emailmodel.To = user.Email;
emailmodel.Subject = " Congratulations, Registered Successfully";
emailmodel.Body = html;
emailmodel.key = "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";
await Example.Execute(emailmodel);
user.ReturnCode = 0;
user.ReturnMessage = "You are registered successfully";
}
else
{
user.ReturnCode = -1;
user.ReturnMessage = "Email is already registered";
}
try
{
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
return(Ok(user));
}
/// <summary>
/// Return an encrypted string
/// </summary>
/// <param name="userId"></param>
/// <param name="password"></param>
/// <param name="encryptionHashType"></param>
/// <param name="sqlConnection"></param>
/// <returns></returns>
public static string GetNewUserPassword(string userId, string password, EncryptionHashAlgorithm encryptionHashType, string sqlConnection)
{
var newpass = string.Empty;
if (encryptionHashType.Equals(EncryptionHashAlgorithm.SHA512))
{
newpass = SHA512HashAlgorithm.ComputeHashSHA512(password);
}
return(newpass);
}
/// <summary>
/// Currently only SHA512
/// </summary>
/// <param name="password"></param>
/// <param name="encryptionHashType"></param>
/// <returns></returns>
public static string GetNewPasswordFromString(string password, EncryptionHashAlgorithm encryptionHashType)
{
var newpass = string.Empty;
if (encryptionHashType.Equals(EncryptionHashAlgorithm.SHA512))
{
newpass = SHA512HashAlgorithm.ComputeHashSHA512(password);
}
return(newpass);
}
public IHttpActionResult PutUserPass(int id, User user)
{
var users = db.Users.Find(id);
var salt = CommonFunction.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
users.PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunction.GetBytes(user.Password), salt);
users.PasswordSalt = salt;
users.UpdatedOn = System.DateTime.UtcNow;
users.Password = user.Password;
db.SaveChanges();
return(Ok(true));
}
public IHttpActionResult PutUser(int id, User user)
{
var pageName = Request.RequestUri.LocalPath.getRouteName();
Object obj = null;
var UserId = 0;
if (Request.Headers.Contains("Email"))
{
var email = ((string[])(Request.Headers.GetValues("Email")))[0].ToString();
UserId = db.Users.Where(x => x.IsActive == true && x.Email.Contains(email)).FirstOrDefault().Id;
}
var model = db.Users.Find(id);
model.FirstName = user.FirstName;
model.MiddleName = user.MiddleName;
model.LastName = user.LastName;
model.Email = user.Email;
model.Phone = user.Phone;
model.RoleID = user.RoleID;
model.IsActive = true; model.UpdatedOn = System.DateTime.UtcNow;
model.IsVerified = user.IsVerified;
if (user.Password != null)
{
var salt = CommonFunction.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
user.PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunction.GetBytes(user.Password), salt);
user.PasswordSalt = salt;
// db.Entry(user).State = EntityState.Modified;
}
try
{
db.SaveChanges();
}
catch (Exception ex) { obj = ex; }
finally
{
if (obj == null)
{
var logTable = Newtonsoft.Json.JsonConvert.SerializeObject(model, new JsonSerializerSettings()
{
PreserveReferencesHandling = PreserveReferencesHandling.Objects,
Formatting = Formatting.Indented
});
var flag = model.CreateLog(pageName, logTable, UserId);
}
}
return(Ok(true));
}
/// <summary>
/// Check against DB if password is ok fof userLogin
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="encryptionHashType"></param>
/// <param name="sqlConnection"></param>
/// <returns></returns>
public static bool CheckUserPassword(string username, string password, EncryptionHashAlgorithm encryptionHashType, string sqlConnection)
{
var strSql = @"
SELECT
UserPass
FROM dbo.[User]
WHERE
UserLogin = @UserLogin";
var paramsToSP = new SqlParameter[] { new SqlParameter("@UserLogin", username) };
var dbhash = Softcanon.DAL.SqlApiSqlClient.GetStringRecordValue(strSql, paramsToSP, sqlConnection, 60);
if (encryptionHashType.Equals(EncryptionHashAlgorithm.SHA512))
{
return(SHA512HashAlgorithm.VerifyHashSHA512(password, dbhash));
}
return(false);
}
/// <summary>
/// Save a new password to DB for userId
/// </summary>
/// <param name="userId"></param>
/// <param name="password"></param>
/// <param name="encryptionHashType"></param>
/// <param name="sqlConnection"></param>
public static void SaveNewUserPassword(string userId, string password, EncryptionHashAlgorithm encryptionHashType, string sqlConnection)
{
var newpass = string.Empty;
if (encryptionHashType.Equals(EncryptionHashAlgorithm.SHA512))
{
newpass = SHA512HashAlgorithm.ComputeHashSHA512(password);
}
var strSql = @"
UPDATE dbo.[User] SET
Password = @UserPass
WHERE
User_ID = @UserId
";
var paramsToSP = new SqlParameter[] { new SqlParameter("@UserPass", password)
, new SqlParameter("@UserId", userId) };
Softcanon.DAL.SqlApiSqlClient.ExecuteSqlString(strSql, paramsToSP, sqlConnection, 60);
}
public IHttpActionResult PostUser(User user)
{
User model = new DAL.User();
var salt = CommonFunction.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
model.PasswordSalt = salt;
model.PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunction.GetBytes(user.Password), salt);
model.FirstName = user.FirstName;
model.MiddleName = user.MiddleName;
model.LastName = user.LastName;
model.IsVerified = user.IsVerified;
model.Password = user.Password;
model.Phone = user.Phone;
model.RoleID = user.RoleID;
model.BranchID = user.BranchID;
model.Email = user.Email;
model.IsActive = true;
model.CreatedOn = System.DateTime.UtcNow;
model.UpdatedOn = System.DateTime.UtcNow;
db.Users.Add(model);
db.SaveChanges();
return(Ok(true));
}
/// <summary>
/// Return SHA512 encoded string
/// </summary>
/// <param name="password"></param>
/// <param name="encryptionHashType"></param>
/// <returns></returns>
public static string GetNewPasswordFromString(string password)
{
return(SHA512HashAlgorithm.ComputeHashSHA512(password));
}
public async Task <User> RegisterVendor(RegisterVendor model)
{
JsonResult response = null;
var user = new User();
var salt = CommonFunctions.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
var data = db.Users.Where(x => (x.Email == model.Email || x.Company.Name == model.Company) && x.IsActive == true && x.RoleId == 2).Include(x => x.Company).FirstOrDefault();
if (data == null)
{
try {
//state
var states = db.States.Where(x => x.IsActive == true).ToList();
if (model.State != null)
{
var state = states.Where(x => x.Name.ToLower().Trim().Equals(model.State.ToLower().Trim())).FirstOrDefault();
if (state != null)
{
model.StateId = state.Id;
}
else
{
var enter = new State();
enter.IsActive = true;
enter.Name = model.State;
enter.CountryId = Convert.ToInt32(model.CountryId);
db.States.Add(enter);
db.SaveChanges();
model.StateId = enter.Id;
}
}
user = new User()
{
FirstName = model.FirstName,
MiddleName = model.MiddleName,
LastName = model.LastName,
DisplayName = model.DisplayName,
UserName = model.UserName,
Address = model.Address,
City = model.City,
CountryId = model.CountryId,
StateId = model.StateId,
Email = model.Email,
Phone = model.Phone,
PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunctions.GetBytes(model.Password), salt),
PasswordSalt = salt,
RoleId = 2,
IsVerified = true,
IsActive = true,
FacebookId = model.FacebookId,
TwitterId = model.TwitterId,
GenderId = model.GenderId,
LanguageId = model.LanguageId,
PostalCode = model.PostalCode,
DOB = model.DOB,
VendorId = "Pistis_sno_" + model.Company,
RFC = model.RFC
};
if (model.Image != null && model.Image != "")
{
var imageResponse = await S3Service.UploadObject(model.Image);
response = new JsonResult(new object());
if (imageResponse.Success)
{
user.Image = $"https://pistis.s3.us-east-2.amazonaws.com/{imageResponse.FileName}";
}
}
var com = new Company();
if (model.Logo != null && model.Logo != "")
{
var imageResponse = await S3Service.UploadObject(model.Logo);
response = new JsonResult(new object());
if (imageResponse.Success)
{
com.Logo = $"https://pistis.s3.us-east-2.amazonaws.com/{imageResponse.FileName}";
}
}
com.IsActive = true;
com.Name = model.Company;
db.Companies.Add(com);
db.SaveChanges();
user.CompanyId = com.Id;
db.Users.Add(user);
db.SaveChanges();
var proof = new Models.VendorIDProof();
if (model.IdProof != null && model.IdProof != "")
{
var imageResponse = await S3Service.UploadObject(model.IdProof);
response = new JsonResult(new object());
if (imageResponse.Success)
{
proof.Proof = $"https://pistis.s3.us-east-2.amazonaws.com/{imageResponse.FileName}";
proof.UserId = user.Id;
proof.IsActive = true;
db.VendorIDProof.Add(proof);
db.SaveChanges();
}
}
//email
if (user.Id != 0)
{
MailAddress objFrom = new MailAddress(_settings.Value.ADMINEMAIL, "info@eschedule");
MailMessage mailMsg = new MailMessage();
mailMsg.From = objFrom;
var html = System.IO.File.ReadAllText(environment.WebRootPath + "/Template/vendorRegister.html");
html = html.Replace("{{userName}}", user.FirstName);
Emailmodel emailmodel = new Emailmodel();
emailmodel.From = "";
emailmodel.To = user.Email;
emailmodel.Subject = " Congratulations, Registered Successfully";
emailmodel.Body = html;
emailmodel.key = "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";
await Example.Execute(emailmodel);
}
var result = new User();
result.ReturnCode = 0;
result.ReturnMessage = "You are registered successfully";
return(result);
}
catch (Exception ex)
{
user.ReturnCode = -1;
user.ReturnMessage = ex.Message;
return(user);
}
}
else
{
user.ReturnCode = -1;
if (data.Email == model.Email)
{
user.ReturnMessage = "Email is already registered";
}
else if (data.Company.Name == model.Company)
{
user.ReturnMessage = "Company is already registered";
}
else
{
user.ReturnMessage = "Something went Wrong";
}
return(user);
}
}
public IActionResult registerForCheckout(RegisterCustomer model)
{
var user = new User();
var salt = CommonFunctions.CreateSalt(64); //Generate a cryptographic random number.
var hashAlgorithm = new SHA512HashAlgorithm();
var data = db.Users.Where(x => x.Email == model.Email && x.IsActive == true && x.RoleId == 1).FirstOrDefault();
if (data == null)
{
user = new User()
{
FirstName = model.FirstName,
MiddleName = model.MiddleName,
LastName = model.LastName,
Email = model.Email,
Phone = model.Phone,
PasswordHash = hashAlgorithm.GenerateSaltedHash(CommonFunctions.GetBytes(model.Password), salt),
PasswordSalt = salt,
RoleId = 1,
IsVerified = true,
IsActive = true,
DateTime = DateTime.Now
};
db.Users.Add(user);
db.SaveChanges();
MailAddress objFrom = new MailAddress(_settings.Value.ADMINEMAIL, "info@eschedule");
MailMessage mailMsg = new MailMessage();
mailMsg.From = objFrom;
var html = System.IO.File.ReadAllText(environment.WebRootPath + "/Template/UserRegister.html");
html = html.Replace("{{userName}}", user.FirstName);
Emailmodel emailmodel = new Emailmodel();
emailmodel.From = "";
emailmodel.To = user.Email;
emailmodel.Subject = " Congratulations, Registered Successfully";
emailmodel.Body = html;
emailmodel.key = "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";
Example.Execute(emailmodel);
//login code
LoginModel model1 = new LoginModel();
var user1 = db.Users.Where(x => x.Email == user.Email && x.IsVerified == true && x.IsActive == true).Include(x => x.Role).FirstOrDefault();
if (user1 != null)
{
var newsIsSucbribed = db.Newsletters.Where(x => (x.Email.Trim() == user1.Email.Trim() && x.IsSubscribed == true) || (x.UserId == user1.Id && x.IsSubscribed == true)).FirstOrDefault();
if (newsIsSucbribed != null)
{
model1.IsSubscribed = 1;
}
else
{
model1.IsSubscribed = 0;
}
var result = true;
if (result)
{
// JWT Token
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create(_configuration.GetValue <string>("JwtSecretKey")))
.AddIssuer(_configuration.GetValue <string>("JwtIssuer"))
.AddAudience(_configuration.GetValue <string>("JwtAudience"))
.AddExpiry(60)
.AddClaim("Name", user.Email)
.AddRole(user.Role.Name)
.Build();
var _refreshTokenObj = new RefreshTokens
{
Email = user.Email,
Refreshtoken = Guid.NewGuid().ToString(),
Revoked = false,
};
db.RefreshTokens.Add(_refreshTokenObj);
db.SaveChanges();
model1.Token = token.Value;
model1.refreshToken = _refreshTokenObj.Refreshtoken;
model1.username = user.FirstName;
model1.roleId = user1.RoleId;
model1.success = true;
model1.id = user1.Id;
model1.message = "login Successful";
//}
}
else
{
if (user.Email.ToString().Trim() == user.Email.ToString().Trim())
{
model1.success = false;
model1.message = "Invalid password!";
}
else
{
model1.success = false;
model1.message = "Invalid email address!";
}
}
}
//login code end
user.ReturnCode = 0;
user.ReturnMessage = "You are registered successfully";
}
else
{
user.ReturnCode = -1;
user.ReturnMessage = "Email is already registered";
}
try
{
}
catch (Exception ex)
{
throw;
}
var res = new ResponseModel();
res.ReturnCode = user.ReturnCode;
res.ReturnMessage = user.ReturnMessage;
res.Id = user.Id;
res.FirstName = user.FirstName;
res.RoleId = user.RoleId;
return(Ok(res));
}
public static bool ValidateUser(byte[] passwordHash, byte[] passwordSalt, string password)
{
var hashAlgorithm = new SHA512HashAlgorithm();
return(CompareByteArrays(passwordHash, hashAlgorithm.GenerateSaltedHash(GetBytes(password), passwordSalt)));
}
