public IHttpActionResult forgotpas([FromBody] _Mail mail) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Users user = db.users.Where(u => u.email == mail.email).FirstOrDefault(); if (user == null) { return(NotFound()); } //generate password reset token Random rnd = new Random(); string token = Bcrypt.hash(user.email + DateTime.Now.Hour + DateTime.Now.Millisecond + rnd.Next(999999, 999999)); try { user.forgot_last_date = DateTime.Now; user.password_token = token; db.SaveChanges(); } catch (Exception ex) { ExceptionThrow.Throw(ex); } Mailgun.Send("forgot_password", new Dictionary <string, object>() { { "fullname", user.name + " " + user.lastname }, { "token", token } }, user.email, "Menkule Şifre Yenileme Talebiniz"); return(Ok()); }
public IHttpActionResult changepas([FromBody] _UserPassword password) { if (password.password != password.reply) { return(BadRequest()); } int user_id = Users.GetUserId(User); string pas = Bcrypt.hash(password.currentpassword); Users user = db.users.Where(u => u.id == user_id && u.password == pas).FirstOrDefault(); if (user == null) { return(NotFound()); } user.password = Bcrypt.hash(password.password); try { db.SaveChanges(); } catch (Exception ex) { ExceptionThrow.Throw(ex); } return(Ok()); }
public IHttpActionResult resetpas([FromBody] _TokenResetPassword _token) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (_token.password != _token.reply) { return(BadRequest()); } Users user = db.users.Where(u => u.password_token == _token.token).FirstOrDefault(); if (user == null) { return(NotFound()); } if (user.forgot_last_date != null) { TimeSpan diff = DateTime.Now - Convert.ToDateTime(user.forgot_last_date); if (diff.TotalHours >= 2) { return(BadRequest()); } } try { user.password = Bcrypt.hash(_token.password); user.forgot_last_date = null; user.password_token = null; db.SaveChanges(); } catch (Exception ex) { ExceptionThrow.Throw(ex); } return(Ok()); }
public IHttpActionResult externalConfirm([FromBody] _ExternalConfirm externalConfirmData) { int user_id = Users.GetUserId(User); if (externalConfirmData.password != externalConfirmData.reply) { ExceptionThrow.Throw("Şifre tekrarı hatalı.", HttpStatusCode.BadRequest); } if (db.users.Any(u => u.gsm == externalConfirmData.gsm)) { ExceptionThrow.Throw("gsm no kullanılmaktadır.", HttpStatusCode.BadRequest); } Users user = db.users.Where(u => u.id == user_id && u.is_external_confirm == false).FirstOrDefault(); if (user == null) { ExceptionThrow.Throw("Zaten şifre güncellenmiş", HttpStatusCode.Forbidden); } user.gsm = externalConfirmData.gsm; user.updated_date = DateTime.Now; user.password = Bcrypt.hash(externalConfirmData.password); user.is_external_confirm = true; try { db.SaveChanges(); //Send Gsm Activation Code NetGsm.Send(externalConfirmData.gsm, "menkule.com.tr uyeliginiz ile ilgili onay kodunuz: " + user.gsm_activation_code); } catch (Exception ex) { ExceptionThrow.Throw(ex); } return(Ok()); }
// OAuthAuthorizationServerProvider sınıfının kaynak erişimine izin verebilmek için ilgili GrantResourceOwnerCredentials metotunu override ediyoruz. public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { // Kullanıcının access_token alabilmesi için gerekli validation işlemlerini yapıyoruz. string pass = Bcrypt.hash(context.Password); Users usr = db.users.Where(u => u.email == context.UserName && u.password == pass).FirstOrDefault(); if (usr == null) { context.SetError("invalid_grant", "Kullanıcı adı veya şifre yanlış."); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("user_id", usr.id.ToString())); //Role eklemek için if (usr.ownershiping) { identity.AddClaim(new Claim(ClaimTypes.Role, "owner")); } context.Validated(identity); }
public async Task <IHttpActionResult> facebookLogin(string provider, string error = null) { string redirectUri = string.Empty; Dictionary <string, string> AccessToken = null; // Validate request if (error != null) { return(BadRequest(Uri.EscapeDataString(error))); } // Exist Identity if (!User.Identity.IsAuthenticated) { return(new ChallengeResult(provider, this)); } // Validate redirect url var redirectUriValidationResult = ValidateClientAndRedirectUri(Request, ref redirectUri); if (!string.IsNullOrWhiteSpace(redirectUriValidationResult)) { return(BadRequest(redirectUriValidationResult)); } // User data from Identity UserFacebook externalLogin = UserFacebook.FromIdentity(User.Identity as ClaimsIdentity); if (externalLogin == null) { return(InternalServerError()); } // Exist user in db Users user = db.users.Where(u => (u.facebook_id == externalLogin.ProviderKey && u.email == externalLogin.Email && u.source == "facebook")).FirstOrDefault(); bool hasRegistered = user != null; // If not identity register to db add new user if (!hasRegistered) { try { // check user e-mail exist validation if (db.users.Any(u => u.email == externalLogin.Email)) { return(Redirect(GenerateErrorRedirect(externalLogin, "e-posta zaten kullanilmakta", redirectUri))); } string password = Users.generatePassword(5, 3); //generate activation code Random rnd = new Random(); string gsm_code = rnd.Next(9999, 999999).ToString(); string email_code = rnd.Next(9999, 999999).ToString(); // disable db validations db.Configuration.ValidateOnSaveEnabled = false; // create user Users userData = new Users { name = externalLogin.FirstName, lastname = externalLogin.LastName, email = externalLogin.Email, facebook_id = externalLogin.ProviderKey, gender = externalLogin.Gender == "male" ? "Bay" : "Bayan", gsm = string.Empty, password = Bcrypt.hash(password), source = "facebook", email_activation_code = email_code, gsm_activation_code = gsm_code, is_external_confirm = false, }; db.users.Add(userData); // save photos byte[] imageData = null; using (var wc = new System.Net.WebClient()) imageData = wc.DownloadData(externalLogin.Photo.Data.Url); MemoryStream photoStreamData = new MemoryStream(imageData); // send cloud var image = new WebImage(photoStreamData); var httpRequest = HttpContext.Current.Request; Images userImage = Cloudinary.upload(image, "users/" + userData.name.ReduceWhitespace().Replace(" ", "-").ToEng() + "-" + userData.lastname.ReduceWhitespace().Replace(" ", "-").ToEng() + "-" + userData.id); if (userImage != null) { db.images.Add(userImage); db.SaveChanges(); userData.image_id = userImage.id; } db.SaveChanges(); // enable db validations db.Configuration.ValidateOnSaveEnabled = false; return(Redirect(GenerateRedirectUrl(AuthBackdoor.auth(userData, Request), externalLogin, hasRegistered, redirectUri))); } catch (Exception ex) { return(Redirect(GenerateErrorRedirect(externalLogin, ex.Message.ToString(), redirectUri))); } } return(Redirect(GenerateRedirectUrl(AuthBackdoor.auth(user, Request), externalLogin, hasRegistered, redirectUri))); }
public IHttpActionResult add([FromBody] Users user) { //validation if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (db.users.Any(u => u.email == user.email)) { ExceptionThrow.Throw("e-posta adresi kullanılmaktadır.", HttpStatusCode.BadRequest); } if (db.users.Any(u => u.gsm == user.gsm)) { ExceptionThrow.Throw("gsm no kullanılmaktadır.", HttpStatusCode.BadRequest); } //generate activation code Random rnd = new Random(); string gsm_code = rnd.Next(9999, 999999).ToString(); string email_code = rnd.Next(9999, 999999).ToString(); //set password bool no_password = user.password == null || user.password.Trim() == ""; string password = no_password ? Users.generatePassword(5, 3) : user.password; //create user Users userData = new Users { name = user.name, lastname = user.lastname, email = user.email, gender = user.gender, gsm = user.gsm, description = user.description, password = Bcrypt.hash(password), source = "web", email_activation_code = email_code, gsm_activation_code = gsm_code }; if (user.identity_no != null) { userData.identity_no = user.identity_no; } //insert user db.users.Add(userData); try { db.SaveChanges(); //If password is random generated if (no_password) { NetGsm.Send(user.gsm, "Menkule.com.tr üyelik şifreniz " + password + " Şifrenizi değiştirmeyi unutmayınız."); } } catch (Exception ex) { ExceptionThrow.Throw(ex); } //Send Gsm Activation Code NetGsm.Send(user.gsm, "menkule.com.tr uyeliginiz ile ilgili onay kodunuz: " + gsm_code); //Send Email Notification Mailgun.Send("register", new Dictionary <string, object>() { { "fullname", user.name + " " + user.lastname } }, user.email, "Üyeliğiniz için teşekkürler"); object token = no_password ? Users.LoginOnBackDoor(user.email, password) : null; return(Ok(new { name = user.name, lastname = user.lastname, email = user.email, gsm = user.gsm, gender = user.gender, photo = "", ownershiping = user.ownershiping, state = user.state, email_state = user.email_state, gsm_state = user.gsm_state, created_date = user.created_date, token = token })); }