public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword) { Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod()); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new LogicException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = identityCtrl.ExecuteQueryById(login.IdentityId); if (identity != null) { if (ComparePasswords(identity.PasswordHash, CalculateHash(oldPassword)) == false) { throw new LogicException(ErrorType.InvalidPassword); } identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { login.Identity.PasswordHash = CalculateHash(newPassword); } } }
public static async Task ResetForAsync(string sessionToken, string email) { Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod()); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new LogicException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = sessionToken }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.Email.ToLower() == email.ToLower()) .FirstOrDefault(); if (identity == null) { throw new LogicException(ErrorType.InvalidAccount); } identity.AccessFailedCount = 0; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); }
public static async Task ChangePasswordForAsync(string sessionToken, string email, string newPassword) { await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new AuthorizationException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = sessionToken }; var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower()) .ConfigureAwait(false); if (identity == null) { throw new AuthorizationException(ErrorType.InvalidAccount); } identity.AccessFailedCount = 0; identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { var(Hash, Salt) = CreatePasswordHash(newPassword); login.Identity.PasswordHash = Hash; login.Identity.PasswordSalt = Salt; } }
public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword) { await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new AuthorizationException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.Id == login.IdentityId) .ConfigureAwait(false); if (identity != null) { if (VerifyPasswordHash(oldPassword, identity.PasswordHash, identity.PasswordSalt) == false) { throw new AuthorizationException(ErrorType.InvalidPassword); } identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { var(Hash, Salt) = CreatePasswordHash(newPassword); login.Identity.PasswordHash = Hash; login.Identity.PasswordSalt = Salt; } } }
internal static async Task <LoginSession> QueryLoginByEmailAsync(string email, string password) { email.CheckArgument(nameof(email)); password.CheckArgument(nameof(password)); var result = default(LoginSession); var querySession = await QueryAliveSessionAsync(email, password).ConfigureAwait(false); if (querySession == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower()).FirstOrDefault(); if (identity != null && VerifyPasswordHash(password, identity.PasswordHash, identity.PasswordSalt)) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = new LoginSession(); session.Identity = identity; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QuickNSmart)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); var entity = await sessionCtrl.ExecuteInsertAsync(session).ConfigureAwait(false); if (identity.AccessFailedCount > 0) { identity.AccessFailedCount = 0; await identityCtrl.ExecuteUpdateAsync(identity).ConfigureAwait(false); } await sessionCtrl.SaveChangesAsync().ConfigureAwait(false); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } else if (VerifyPasswordHash(password, querySession.PasswordHash, querySession.PasswordSalt)) { result = new LoginSession(); result.CopyProperties(querySession); } return(result); }
internal static async Task <LoginSession> QueryLoginByEmailAsync(string email, string password, string optionalInfo) { email.CheckArgument(nameof(email)); password.CheckArgument(nameof(password)); var result = default(LoginSession); var querySession = await QueryAliveSessionAsync(email, password).ConfigureAwait(false); if (querySession == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = await identityCtrl.GetValidIdentityByEmail(email) .ConfigureAwait(false); if (identity != null && VerifyPasswordHash(password, identity.PasswordHash, identity.PasswordSalt)) { var session = new LoginSession(); using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); session.Identity = identity; session.Roles.AddRange(identity.IdentityXRoles.Select(e => Role.Create(e.Role))); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QnSProjectAward)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); session.OptionalInfo = optionalInfo; var entity = await sessionCtrl.ExecuteInsertEntityAsync(session).ConfigureAwait(false); if (identity.AccessFailedCount > 0) { identity.AccessFailedCount = 0; await identityCtrl.ExecuteUpdateAsync(identity).ConfigureAwait(false); } await sessionCtrl.SaveChangesAsync().ConfigureAwait(false); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } else if (VerifyPasswordHash(password, querySession.PasswordHash, querySession.PasswordSalt)) { result = new LoginSession(); result.CopyProperties(querySession); } return(result); }
public async static Task <ILoginSession> LogonAsync(string jsonWebToken) { jsonWebToken.CheckArgument(nameof(jsonWebToken)); var result = default(LoginSession); if (JsonWebToken.CheckToken(jsonWebToken, out SecurityToken validatedToken)) { if (validatedToken.ValidTo < DateTime.UtcNow) { throw new LogicException(ErrorType.AuthorizationTimeOut); } var jwtValidatedToken = validatedToken as JwtSecurityToken; if (jwtValidatedToken != null) { var email = jwtValidatedToken.Claims.FirstOrDefault(e => e.Type == ClaimTypes.Email); if (email != null && email.Value != null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.EnableJwtAuth == true && e.Email.ToLower() == email.Value.ToString().ToLower()) .ToList() .FirstOrDefault(); if (identity != null) { var login = await QueryLoginAsync(identity.Email, identity.PasswordHash).ConfigureAwait(false); if (login != null) { result = new LoginSession(); result.CopyProperties(login); result.IsRemoteAuth = true; } } } } } else { throw new LogicException(ErrorType.InvalidJsonWebToken); } return(result ?? throw new LogicException(ErrorType.InvalidAccount)); }
internal static async Task <LoginSession> QueryLoginAsync(string email, byte[] calculatedHash) { email.CheckArgument(nameof(email)); calculatedHash.CheckArgument(nameof(calculatedHash)); var result = await QueryAliveSessionAsync(email, calculatedHash).ConfigureAwait(false); if (result == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower() && e.PasswordHash == calculatedHash).FirstOrDefault(); if (identity != null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = new LoginSession(); session.IdentityId = identity.Id; session.Name = identity.Name; session.Email = identity.Email; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); var entity = await sessionCtrl.ExecuteInsertAsync(session).ConfigureAwait(false); if (identity.AccessFailedCount > 0) { identity.AccessFailedCount = 0; await identityCtrl.ExecuteUpdateAsync(identity).ConfigureAwait(false); } await sessionCtrl.SaveChangesAsync().ConfigureAwait(false); result = new LoginSession(); result.CopyProperties(session); result.Name = identity.Name; result.Email = identity.Email; result.Roles.AddRange(session.Roles); result.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QnSHolidayCalendar)), }.Union(result.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); LoginSessions.Add(result); } } return(result); }
internal static async Task <LoginSession> QueryAliveSessionAsync(string email, byte[] calculatedHash) { email.CheckArgument(nameof(email)); calculatedHash.CheckArgument(nameof(calculatedHash)); LoginSession result = LoginSessions.FirstOrDefault(e => e.IsActive && e.Email.Equals(email, StringComparison.CurrentCultureIgnoreCase) && e.PasswordHash == calculatedHash); if (result == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower() && e.PasswordHash == calculatedHash).FirstOrDefault(); if (identity != null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = sessionCtrl.ExecuteQuery(e => e.LogoutTime == null && e.IdentityId == identity.Id) .ToList() .FirstOrDefault(e => e.IsActive); if (session != null) { result = new LoginSession(); result.CopyProperties(session); result.Identity = new Identity(); result.Identity.CopyProperties(identity); result.Name = identity.Name; result.Email = identity.Email; result.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); result.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), }.Union(result.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); LoginSessions.Add(result); } } } return(result); }
internal static async Task <LoginSession> QueryAliveSessionAsync(string email, string password) { email.CheckArgument(nameof(email)); password.CheckArgument(nameof(password)); var result = LoginSessions.FirstOrDefault(e => e.IsActive && e.Email.Equals(email, StringComparison.CurrentCultureIgnoreCase)); if (result == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower()) .ConfigureAwait(false); if (identity != null && VerifyPasswordHash(password, identity.PasswordHash, identity.PasswordSalt)) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = await sessionCtrl.ExecuteFirstOrDefaultAsync(e => e.LogoutTime == null && e.IdentityId == identity.Id) .ConfigureAwait(false); if (session != null && session.IsActive) { session.Identity = identity; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QnSProjectAward)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } } return(result); }
internal static async Task <LoginSession> QueryAliveSessionAsync(string sessionToken) { LoginSession result = LoginSessions.FirstOrDefault(ls => ls.IsActive && ls.SessionToken.Equals(sessionToken)); if (result == null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var session = sessionCtrl.ExecuteQuery(e => e.SessionToken.Equals(sessionToken)) .ToList() .FirstOrDefault(e => e.IsActive); if (session != null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(sessionCtrl); var identity = identityCtrl.ExecuteQuery(e => e.Id == session.IdentityId).FirstOrDefault(); if (identity != null) { session.Name = identity.Name; session.Email = identity.Email; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QuickNSmart)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } } return(result); }
public static Contracts.Client.IControllerAccess <I> Create <I>(object sharedController) where I : Contracts.IIdentifiable { Contracts.Client.IControllerAccess <I> result; if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Language.ITranslation)) { result = new Controllers.Persistence.Language.TranslationController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Data.IBinaryData)) { result = new Controllers.Persistence.Data.BinaryDataController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Configuration.IIdentitySetting)) { result = new Controllers.Persistence.Configuration.IdentitySettingController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Configuration.ISetting)) { result = new Controllers.Persistence.Configuration.SettingController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.App.IAward)) { result = new Controllers.Persistence.App.AwardController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.App.IJuror)) { result = new Controllers.Persistence.App.JurorController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.App.IMember)) { result = new Controllers.Persistence.App.MemberController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.App.IProject)) { result = new Controllers.Persistence.App.ProjectController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.App.IRating)) { result = new Controllers.Persistence.App.RatingController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IAccess)) { result = new Controllers.Persistence.Account.AccessController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IActionLog)) { result = new Controllers.Persistence.Account.ActionLogController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IIdentity)) { result = new Controllers.Persistence.Account.IdentityController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IIdentityXRole)) { result = new Controllers.Persistence.Account.IdentityXRoleController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.ILoginSession)) { result = new Controllers.Persistence.Account.LoginSessionController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IRole)) { result = new Controllers.Persistence.Account.RoleController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Persistence.Account.IUser)) { result = new Controllers.Persistence.Account.UserController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Business.Account.IAppAccess)) { result = new Controllers.Business.Account.AppAccessController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else if (typeof(I) == typeof(QnSProjectAward.Contracts.Business.Account.IIdentityUser)) { result = new Controllers.Business.Account.IdentityUserController(sharedController as Controllers.ControllerObject) as Contracts.Client.IControllerAccess <I>; } else { throw new Logic.Modules.Exception.LogicException(Modules.Exception.ErrorType.InvalidControllerType); } return(result); }