public void ChangeUserPassword(ChangePasswordDto infos)
{
Logger.LogInformation($"Change password from user {infos.UserName}");
Validate(infos);
using (var context = RepositoriesFactory.CreateContext())
{
var local = this.GetErrorStringLocalizer();
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(infos.UserName);
if (user == null || !user.IsValid)
{
throw new DaOAuthServiceException(local["ChangeUserPasswordUserInvalid"]);
}
if (!EncryptionService.AreEqualsSha256(
String.Concat(Configuration.PasswordSalt, infos.OldPassword), user.Password))
{
throw new DaOAuthServiceException(local["ChangeUserPasswordPasswordInvalid"]);
}
if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal))
{
throw new DaOAuthServiceException(local["ChangeUserPasswordDifferentsNewPasswords"]);
}
if (!infos.NewPassword.IsMatchPasswordPolicy())
{
throw new DaOAuthServiceException(local["ChangeUserPasswordNewPasswordDontMatchPolicy"]);
}
user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword));
userRepo.Update(user);
context.Commit();
}
}
public UserDto GetUser(LoginUserDto credentials)
{
Logger.LogInformation($"Try to log user {credentials.UserName}");
Validate(credentials);
UserDto result = null;
using (var c = RepositoriesFactory.CreateContext())
{
var repo = RepositoriesFactory.GetUserRepository(c);
var user = repo.GetByUserName(credentials.UserName);
if (user != null && user.IsValid && EncryptionService.AreEqualsSha256(
String.Concat(Configuration.PasswordSalt, credentials.Password), user.Password))
{
result = user.ToDto();
Logger.LogInformation($"Log successfull for user {credentials.UserName}");
}
}
return(result);
}
public void SetNewUserPassword(NewPasswordDto infos)
{
Logger.LogInformation($"Define a new password using JWT token {infos.Token}");
Validate(infos);
var local = this.GetErrorStringLocalizer();
var tokenInfos = JwtService.ExtractMailToken(infos.Token);
if (!tokenInfos.IsValid)
{
throw new DaOAuthServiceException(local["SetNewUserPasswordInvalidToken"]);
}
if (!infos.NewPassword.IsMatchPasswordPolicy())
{
throw new DaOAuthServiceException(local["SetNewUserPasswordNewPasswordDontMatchPolicy"]);
}
if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal))
{
throw new DaOAuthServiceException(local["SetNewUserPasswordDifferentsNewPasswords"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(tokenInfos.UserName);
user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword));
userRepo.Update(user);
context.Commit();
}
}
public int CreateUser(CreateUserDto toCreate)
{
Logger.LogInformation($"Try creating a new user {toCreate.UserName}");
IList <ValidationResult> ExtendValidation(CreateUserDto toValidate)
{
var errorResource = this.GetErrorStringLocalizer();
IList <ValidationResult> result = new List <ValidationResult>();
if (!String.IsNullOrEmpty(toCreate.Password) &&
!String.IsNullOrEmpty(toCreate.RepeatPassword) &&
!toCreate.Password.Equals(toCreate.RepeatPassword, StringComparison.Ordinal))
{
result.Add(new ValidationResult(errorResource["CreateUserPasswordDontMatch"]));
}
if (!toValidate.Password.IsMatchPasswordPolicy())
{
result.Add(new ValidationResult(errorResource["CreateUserPasswordPolicyFailed"]));
}
using (var c = RepositoriesFactory.CreateContext())
{
var repo = RepositoriesFactory.GetUserRepository(c);
if (repo.GetByUserName(toCreate.UserName) != null)
{
result.Add(new ValidationResult(String.Format(errorResource["CreateUserUserNameExists"], toCreate.UserName)));
}
if (repo.GetByEmail(toCreate.EMail) != null)
{
result.Add(new ValidationResult(String.Format(errorResource["CreateUserEmailExists"], toCreate.EMail)));
}
}
return(result);
}
Logger.LogInformation(String.Format("Try to create user {0}", toCreate != null ? toCreate.UserName : String.Empty));
Validate(toCreate, ExtendValidation);
var idCreated = 0;
var mailResource = this.GetMailStringLocalizer();
var u = new User()
{
BirthDate = toCreate.BirthDate,
CreationDate = DateTime.Now,
EMail = toCreate.EMail,
FullName = toCreate.FullName,
IsValid = false,
ValidationToken = RandomService.GenerateRandomString(32),
Password = EncryptionService.Sha256Hash(string.Concat(Configuration.PasswordSalt, toCreate.Password)),
UserName = toCreate.UserName
};
using (var c = RepositoriesFactory.CreateContext())
{
var repo = RepositoriesFactory.GetUserRepository(c);
repo.Add(u);
var userRoleRepo = RepositoriesFactory.GetUserRoleRepository(c);
var roleRepo = RepositoriesFactory.GetRoleRepository(c);
var myRole = roleRepo.GetById((int)ERole.USER);
if (myRole != null)
{
userRoleRepo.Add(new UserRole()
{
RoleId = myRole.Id,
UserId = u.Id
});
}
var link = new Uri(String.Format(Configuration.ValidateAccountPageUrl, u.UserName, u.ValidationToken));
MailService.SendEmail(new SendEmailDto()
{
Body = String.Format(mailResource["MailValidateAccountBody"], u.UserName, link.AbsoluteUri),
IsHtml = true,
Receviers = new Dictionary <string, string>()
{
{ u.EMail, u.EMail }
},
Sender = new KeyValuePair <string, string>("*****@*****.**", "no reply"),
Subject = mailResource["MailValidateAccountSubject"]
});
c.Commit();
idCreated = u.Id;
}
return(idCreated);
}