public IActionResult Login([FromBody] UserLoginDTO userLoginDto) { try { User user = _eyadtakDbContext.Users.FirstOrDefault(x => x.UserEmail == userLoginDto.Email); if (user == null || Encription.Decrypt(user?.Password, "SecretCode_hamed") != userLoginDto.Password) { return(Ok(new { message = "Wrong Email or Password", ErrorHappen = true })); } if (!user.Active) { return(Ok(new { message = "Your account is not active yet, please check your email", ErrorHappen = true })); } List <int> abilitiesIds = _eyadtakDbContext.Users_Roles.Where(x => x.UserId == user.UserId).Include(x => x.Role).SelectMany(x => x.Role.Role_Ability).Select(x => x.Ability.AbilityId).ToList(); string token = _jwt.GenerateToken(user.UserId); return(Ok(new { Token = token, AbilitiesIds = abilitiesIds, userName = user.UserName, userEmail = user.UserEmail, ErrorHappen = false })); } catch (Exception e) { return(Ok(new { message = "Something went wrong", ErrorHappen = true })); throw e; } }
public IActionResult ChangePassword([FromBody] ChangePasswordDTO changePasswordDTO) { try { int userId = (int)this.HttpContext.Items["userId"]; User userToChangeHisPassword = _eyadtakDbContext.Users.FirstOrDefault(x => x.UserId == userId); userToChangeHisPassword.Password = Encription.Decrypt(userToChangeHisPassword.Password, "SecretCode_hamed"); if (userToChangeHisPassword.Password != changePasswordDTO.OldPassword) { return(Ok(new { message = "Old password is wrong", ErrorHappen = true })); } if (changePasswordDTO.NewPassword.Length < 5) { return(Ok(new { message = "New password can't be less than 5 char", ErrorHappen = true })); } userToChangeHisPassword.Password = Encription.Encrypt(changePasswordDTO.NewPassword, "SecretCode_hamed"); _eyadtakDbContext.Users.Update(userToChangeHisPassword); _eyadtakDbContext.SaveChanges(); return(Ok(new { message = "Password Changed Successfully", ErrorHappen = false })); } catch (Exception e) { return(Ok(new { message = "Something went wrong", ErrorHappen = true })); throw e; } }
private bool CorrectPassword(string password) { string OriginalPassword = Encription.Decrypt(user.Password, "SecretCode_hamed"); if (OriginalPassword != password) { return(false); } return(true); }
/// <summary> /// Decodes an encrypted string. /// </summary> /// <param name="source">The string to decode.</param> /// <returns>The decoded string.</returns> private static string Decode(string source) { var result = string.Empty; if (!string.IsNullOrEmpty(source) && !string.IsNullOrWhiteSpace(source)) { var encription = new Encription(); result = encription.Decrypt(source); } return(result); }
public ActionResult ChangePassword([FromBody] ChangePasswordDto changePasswordDto) { User user = userData.GetUser(HttpContext); user.Password = Encription.Decrypt(user.Password, "SecretCode_hamed"); if (user.Password != changePasswordDto.OldPassword) { return(Json(new { statusCode = ResponseStatus.ValidationError, responseMessage = ValidationMessages.IncorrectPassword })); } if (changePasswordDto.NewPassword.Length < 5) { return(Json(new { statusCode = ResponseStatus.ValidationError, responseMessage = ValidationMessages.ShortPassword })); } user.Password = Encription.Encrypt(changePasswordDto.NewPassword, "SecretCode_hamed"); db.Users.Update(user); db.SaveChanges(); userData.SetUser(HttpContext, user); return(Json(new { statusCode = ResponseStatus.Success })); }
//public SecurityFactorys(ICBSEntities context) //{ // this.context = context; //} public LogInStatus CheckLogIn(LogOnModel entity) { LogInStatus _LogInStatus = new LogInStatus(); Dictionary <string, string> list = new Dictionary <string, string>(); Encription encription = new Encription(); try { _loginStatusFactory = new LoginStatusFactory(); _userFactory = new UserFactory(); //var data = _userFactory.GetAll().ToList(); //TBLA_USER_INFORMATION tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.IsActive == true && x.TBLB_COMPANY.Code.ToLower() == entity.Company.ToLower()).FirstOrDefault(); SEC_UserInformation tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.CompanyID == entity.CompanyID && x.BranchID == entity.BranchID && x.IsActive == true).FirstOrDefault(); if (tblUserInformation != null) { SEC_LoginStatus logInStatus = _loginStatusFactory.FindBy(x => x.UserID == tblUserInformation.ID).FirstOrDefault(); if (logInStatus != null) { if (logInStatus.ForcedLogOutStatus == true) { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "The Page is Under maintenance"; } else { _userPasswordFactory = new UserPasswordFactory(); SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault(); if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim())) { { list.Add("UserId", tblUserInformation.ID.ToString()); list.Add("UserName", tblUserInformation.UserName); list.Add("Name", tblUserInformation.UserFullName); list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString()); list.Add("UserCompany", tblUserInformation.CompanyID.ToString()); list.Add("UserBranch", tblUserInformation.BranchID.ToString()); _LogInStatus.IsAllowed = true; _LogInStatus.Status = list; _LogInStatus.Message = "Login Successfully"; } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "Password or User Name does not match"; } } } else { _userPasswordFactory = new UserPasswordFactory(); SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault(); if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim())) { { list.Add("UserId", tblUserInformation.ID.ToString()); list.Add("UserName", tblUserInformation.UserName); list.Add("Name", tblUserInformation.UserFullName); list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString()); list.Add("UserCompany", tblUserInformation.CompanyID.ToString()); list.Add("UserBranch", tblUserInformation.BranchID.ToString()); _LogInStatus.IsAllowed = true; _LogInStatus.Status = list; _LogInStatus.Message = "Login Successfully"; } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "Password or User Name not matching"; } } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "User are not exist"; } return(_LogInStatus); } catch (Exception ex) { throw ex; } }
private static void Main() { Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); try { // System.IO.Path.GetDirectoryName(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile) // load config file using xmldocument XmlDocument xmlDoc = new XmlDocument(); // load from iScada.config situated where app.config should be xmlDoc.Load(System.IO.Path.GetDirectoryName(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile) + "\\iScada.config"); // traverse to the path XmlNode node = xmlDoc.SelectSingleNode("configuration/userSettings/iScada.Properties.Settings/setting[@name='cnStr']/value"); if (node != null) { string str = node.InnerText; if (str != String.Empty) { // connection string exist, store it in global variable and load main form //string will be of following format //server= localhost;port= 3306;userid= root;password= root;persistsecurityinfo=True;database=iscada;allowuservariables=True //break all individual part and decrypt password and recreate the string string[] conn = str.Split(';'); string server = conn[0].Substring(7, conn[0].Length - 7).Trim(); string port = conn[1].Substring(5, conn[1].Length - 5).Trim(); string userId = conn[2].Substring(7, conn[2].Length - 7).Trim(); string password = conn[3].Substring(9, conn[3].Length - 9).Trim(); password = Encription.Decrypt(password); str = "server= " + server + ";" + "port= " + port + ";" + "userid= " + userId + ";" + "password= "******";" + "persistsecurityinfo=True;database=iscada;allowuservariables=True"; //store to global variable Globals.ConnectionString = str; Application.Run(new frmMain()); } else { // connection string does not exist, load config form frmConnStr f = new frmConnStr(); Application.Run(f); if (f.Result) { Application.Run(new frmMain()); } else { Application.Exit(); } } } else { MessageBox.Show("Critical error: Configuration file missing.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); Application.Exit(); } } catch (System.IO.FileNotFoundException e) { int line = (new StackTrace(e, true)).GetFrame(0).GetFileLineNumber(); MessageBox.Show("Critical error: Configuration file missing. " + line.ToString(), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); Application.Exit(); } catch (Exception ex) { MessageBox.Show("Error:" + ex.ToString(), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); Application.Exit(); } }