示例#1
0
        /// <summary>
        /// Starts a new session for the user by validating their username and password
        /// credentials.
        /// </summary>
        public bool StartSession(string username, string password, out string token, out DateTime expiration)
        {
            SqlGenerator sqlGen = new SqlGenerator(SqlGenerator.SqlTypes.Select, "User");

            sqlGen.AddField("*");
            sqlGen.AddWhereParameter("User", "UserName", username, SqlWhereComparison.SqlComparer.Equal);

            System.Data.DataTable dt = Adocls.FetchDataTable(sqlGen, modelDataBindings.DatabaseName);

            if (dt.Rows.Count > 0)
            {
                if (dt.Rows[0]["HashPassword"].ToString() == CryptoHelper.ComputeHash(password, dt.Rows[0]["SALT"].ToString()))
                {
                    string   sessionKey     = Guid.NewGuid().ToString("N");
                    DateTime sessionExpires = DateTime.Now.AddMinutes(C_SESSION_LIFESPAN);

                    SqlGenerator sqlGenUpdate = new SqlGenerator(SqlGenerator.SqlTypes.Update, "User");
                    sqlGenUpdate.AddField("AuthGUID", "User", sessionKey);
                    sqlGenUpdate.AddField("AuthDate", "User", sessionExpires);
                    sqlGenUpdate.AddWhereParameter("User", "User_Key", dt.Rows[0]["User_Key"].ToString(), SqlWhereComparison.SqlComparer.Equal);

                    Adocls.ExecuteSql(sqlGenUpdate, true, modelDataBindings.DatabaseName);

                    token      = sessionKey;
                    expiration = sessionExpires;

                    return(true);
                }
            }

            token      = null;
            expiration = DateTime.MinValue;
            return(false);
        }
示例#2
0
        private AuthUserInformationModel BuildAuthUserInformationModel(DataTable userInfoTable)
        {
            // Get basic user information from the databases
            AuthUserInformationModel userInfo = new AuthUserInformationModel();

            userInfo.UserKey    = userInfoTable.Rows[0]["User_Key"].ToString();
            userInfo.OldUserKey = userInfoTable.Rows[0]["SecurityUser_Key"].ToString();
            userInfo.Username   = userInfoTable.Rows[0]["UserName"].ToString();
            userInfo.FullName   = userInfo.Username.Split('@')[0]; // TODO: This should be changed to use the real Full Name of the users
            userInfo.RoleLookup = new Dictionary <string, int>();

            // Lookup roles for this current user
            SqlGenerator sqlGenLevels = new SqlGenerator(SqlGenerator.SqlTypes.Select, "UserRight", true);

            sqlGenLevels.AddTable("SecurityObject", SqlGenerator.SqlJoins.Inner, "SecurityObject_Key");
            sqlGenLevels.AddField("ObjectTitle", "SecurityObject");
            sqlGenLevels.AddField("SecurityLevel", "UserRight");
            sqlGenLevels.AddWhereParameter("UserRight", "SecurityUser_Key", userInfo.OldUserKey, SqlWhereComparison.SqlComparer.Equal);

            // Loop through all of our role levels and assign them to our AuthUserInformationModel.RoleLookup dictionarys
            using (SqlDataReader r = Adocls.FetchDataReader(sqlGenLevels, "UserDatabase"))
            {
                while (r.Read())
                {
                    userInfo.RoleLookup.Add((string)r["ObjectTitle"], (byte)r["SecurityLevel"]);
                }
            }

            return(userInfo);
        }
示例#3
0
        /// <summary>
        /// Validate a session GUID string with the database to make sure a session exists
        /// for this GUID.s
        /// </summary>
        public bool ValidateSessionKey(string sessionGuid)
        {
            SqlGenerator sqlGen = new SqlGenerator(SqlGenerator.SqlTypes.Select, "User");

            sqlGen.AddField("User_Key");
            sqlGen.AddWhereParameter("User", "AuthGUID", sessionGuid, SqlWhereComparison.SqlComparer.Equal);

            return(Adocls.FetchValueString(sqlGen, "UserDatabase").ToString().Length > 0);
        }
示例#4
0
        /// <summary>
        /// Get AuthUserInformationModel using the session GUID string
        /// </summary>
        public AuthUserInformationModel GetAuthUserInformation(string sessionGuid)
        {
            try
            {
                SqlGenerator sqlGenUser = new SqlGenerator(SqlGenerator.SqlTypes.Select, "User");
                sqlGenUser.AddField("*");
                sqlGenUser.AddWhereParameter("User", "AuthGUID", sessionGuid, SqlWhereComparison.SqlComparer.Equal);
                sqlGenUser.AddWhereParameter("User", "AuthDate", DateTime.Now, SqlWhereComparison.SqlComparer.GreaterThan | SqlWhereComparison.SqlComparer.Equal);

                // TODO: Optimize this to use reader instead of data table
                DataTable dt = Adocls.FetchDataTable(sqlGenUser, "UserDatabase");

                return(BuildAuthUserInformationModel(dt));
            }
            catch { return(null); }
        }
        public T Create(T model)
        {
            SqlGenerator sqlgen = new SqlGenerator(SqlGenerator.SqlTypes.Insert, modelDataBindings.TableName);

            Type         t       = typeof(T);
            PropertyInfo keyProp = t.GetProperty(modelDataBindings.KeyFieldName, BindingFlags.Public | BindingFlags.Instance);

            // Set a unique key for this model
            string newKey = Adocls.GetUniqueKey();

            keyProp.SetValue(model, newKey);

            sqlgen.InsertFromModel <T>(model);
            sqlgen.DoNotFullyQualifyFields = true;

            ModelBase.InsertModel <T>(model, modelDataBindings.DatabaseName, sqlgen);

            return(model);
        }
示例#6
0
        /// <summary>
        /// Get AuthUserInformationmodel using the email and active state of the user account
        /// </summary>
        public AuthUserInformationModel GetAuthUserInformation(string email, bool activeFlag)
        {
            try
            {
                SqlGenerator sqlGen = new SqlGenerator(SqlGenerator.SqlTypes.Select, "User");
                sqlGen.AddField("*");
                sqlGen.AddWhereParameter("User", "UserName", email, SqlWhereComparison.SqlComparer.Equal);
                sqlGen.AddWhereParameter("User", "Active", activeFlag.ToString(), SqlWhereComparison.SqlComparer.Equal);

                // TODO: Should transition this to a data reader
                DataTable dt = Adocls.FetchDataTable(sqlGen, "UserDatabase");

                return(BuildAuthUserInformationModel(dt));
            }
            catch (Exception)
            {
            }

            return(null);
        }