public Task LogAuthRecord(string userId, HttpContext httpContext, bool success, string appId) { if (httpContext.AllowTrack() || success == false) { var log = new AuditLogLocal { UserId = userId, IPAddress = httpContext.Connection.RemoteIpAddress.ToString(), Success = success, AppId = appId }; _dbContext.AuditLogs.Add(log); return(_dbContext.SaveChangesAsync()); } else { var log = new AuditLogLocal { UserId = userId, IPAddress = "Unknown(because of `dnt` policy)", Success = success, AppId = appId }; _dbContext.AuditLogs.Add(log); return(_dbContext.SaveChangesAsync()); } }
public async Task <IActionResult> EmailConfirmed(EmailConfirmViewModel model) { var user = await _dbContext .Users .Include(t => t.Emails) .SingleOrDefaultAsync(t => t.Id == model.UserId); if (user == null) { return(NotFound()); } var mailObject = await _dbContext .UserEmails .SingleOrDefaultAsync(t => t.ValidateToken == model.Code); if (mailObject == null || mailObject.OwnerId != user.Id) { return(NotFound()); } if (!mailObject.Validated) { _logger.LogWarning($"The email object with address: {mailObject.EmailAddress} was already validated but the user was still trying to validate it!"); } mailObject.Validated = true; mailObject.ValidateToken = string.Empty; await _dbContext.SaveChangesAsync(); return(View()); }
public async Task <IActionResult> CreateAccountAndBind(SignInViewModel model) { var app = (await _apiService.AppInfoAsync(model.AppId)).App; bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.UserDetail.Email.ToLower()); if (exists) { ModelState.AddModelError(string.Empty, $"An user with email '{model.UserDetail.Email}' already exists!"); model.AppImageUrl = app.IconPath; model.CanFindAnAccountWithEmail = false; model.Provider = _authProviders.SingleOrDefault(t => t.GetName().ToLower() == model.ProviderName.ToLower()); return(View(nameof(SignIn), model)); } var user = new GatewayUser { UserName = model.UserDetail.Email + $".from.{model.ProviderName}.com", Email = model.UserDetail.Email, NickName = model.UserDetail.Name, PreferedLanguage = model.PreferedLanguage, IconFilePath = Values.DefaultImagePath, RegisterIPAddress = HttpContext.Connection.RemoteIpAddress.ToString() }; var result = await _userManager.CreateAsync(user); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.UserDetail.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N") }; _dbContext.UserEmails.Add(primaryMail); await _dbContext.SaveChangesAsync(); var link = new ThirdPartyAccount { OwnerId = user.Id, ProviderName = model.ProviderName, OpenId = model.UserDetail.Id }; _dbContext.ThirdPartyAccounts.Add(link); await _dbContext.SaveChangesAsync(); await _signInManager.SignInAsync(user, isPersistent : true); await _authLogger.LogAuthRecord(user.Id, HttpContext, true, model.AppId); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation)); } else { model.AppImageUrl = app.IconPath; model.CanFindAnAccountWithEmail = await _dbContext.UserEmails.AnyAsync(t => t.EmailAddress.ToLower() == model.UserDetail.Email.ToLower()); model.Provider = _authProviders.SingleOrDefault(t => t.GetName().ToLower() == model.ProviderName.ToLower()); ModelState.AddModelError(string.Empty, result.Errors.First().Description); return(View(nameof(SignIn), model)); } }
public async Task <IActionResult> CreateAccountAndBind(SignInViewModel model) { if (string.IsNullOrWhiteSpace(model.UserDetail.Email)) { model.UserDetail.Email = model.UserDetail.Name + $"@from.{model.ProviderName}.com"; } bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.UserDetail.Email.ToLower()); if (exists) { // TODO: Handle. throw new AiurAPIModelException(ErrorType.HasDoneAlready, $"An user with email '{model.UserDetail.Email}' already exists!"); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; var user = new GatewayUser { UserName = model.UserDetail.Email + $".from.{model.ProviderName}.com", Email = model.UserDetail.Email, NickName = model.UserDetail.Name, PreferedLanguage = model.PreferedLanguage, IconFilePath = Values.DefaultImagePath, RegisterIPAddress = HttpContext.Connection.RemoteIpAddress.ToString() }; var result = await _userManager.CreateAsync(user); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.UserDetail.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N") }; _dbContext.UserEmails.Add(primaryMail); await _dbContext.SaveChangesAsync(); var link = new ThirdPartyAccount { OwnerId = user.Id, ProviderName = model.ProviderName, OpenId = model.UserDetail.Id }; _dbContext.ThirdPartyAccounts.Add(link); await _dbContext.SaveChangesAsync(); await _signInManager.SignInAsync(user, isPersistent : true); await _authLogger.LogAuthRecord(user.Id, HttpContext, true, model.AppId); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation)); } else { // TODO: Handle throw new AiurAPIModelException(ErrorType.HasDoneAlready, result.Errors.First().Description); } }
public async Task GrantTargetApp(GatewayUser user, string appId) { if (!await HasAuthorizedApp(user, appId)) { var appGrant = new AppGrant { AppID = appId, GatewayUserId = user.Id }; _dbContext.LocalAppGrant.Add(appGrant); await _dbContext.SaveChangesAsync(); } }
public async void TestFindById() { // Arrange var options = new DbContextOptionsBuilder <GatewayDbContext>().UseInMemoryDatabase("gateway_test_findbyid"); var db = new GatewayDbContext(options.Options); // db.RemoveRange(db.Gateways); // await db.SaveChangesAsync(); var gateway = new Gateway { Id = 1, Name = "BBB", IPv4 = "192.168.4.12", SerialNumber = "sdsd" }; var data = new List <Gateway> { gateway, new Gateway { Id = 2, Name = "ZZZ", IPv4 = "127.0.0.1", SerialNumber = "qwe123" }, new Gateway { Id = 3, Name = "asd", IPv4 = "127.0.0.1", SerialNumber = "qdsfs" }, }.AsQueryable(); db.AddRange(data); await db.SaveChangesAsync(); var repo = new GatewayRepository(db); // Act var result = await repo.FindById(1); // Assert Assert.Equal("BBB", result.Name); }
public Task ClearTimeOutOAuthPack(GatewayDbContext dbContext) { var outDateTime = DateTime.UtcNow - TimeSpan.FromDays(1); var outDateTime2 = DateTime.UtcNow - TimeSpan.FromMinutes(20); dbContext.OAuthPack.Delete(t => t.UseTime < outDateTime); dbContext.OAuthPack.Delete(t => t.CreateTime < outDateTime2); return(dbContext.SaveChangesAsync()); }
public async Task <IActionResult> DropGrants([Required] string accessToken) { var appid = await _tokenManager.ValidateAccessToken(accessToken); _dbContext.LocalAppGrant.Delete(t => t.AppID == appid); await _dbContext.SaveChangesAsync(); return(this.Protocol(ErrorType.Success, "Successfully droped all users granted!")); }
public async Task <IActionResult> Register(RegisterViewModel model) { if (!_captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(string.Empty, "Invalid captacha code!"); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (!ModelState.IsValid) { model.Recover(app.AppName, app.IconPath); return(View(model)); } bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.Email.ToLower()); if (exists) { ModelState.AddModelError(string.Empty, $"An user with email '{model.Email}' already exists!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var user = new GatewayUser { UserName = model.Email, Email = model.Email, NickName = model.Email.Split('@')[0], PreferedLanguage = model.PreferedLanguage, IconFilePath = Values.DefaultImagePath, RegisterIPAddress = HttpContext.Connection.RemoteIpAddress.ToString() }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N") }; _dbContext.UserEmails.Add(primaryMail); await _dbContext.SaveChangesAsync(); // Send him an confirmation email here: await _emailSender.SendConfirmation(user.Id, primaryMail.EmailAddress, primaryMail.ValidateToken); await _authLogger.LogAuthRecord(user.Id, HttpContext.Connection.RemoteIpAddress.ToString(), true, app.AppId); await _signInManager.SignInAsync(user, isPersistent : true); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation)); } AddErrors(result); model.Recover(app.AppName, app.IconPath); return(View(model)); }
public async Task<JsonResult> ChangeProfile(ChangeProfileAddressModel model) { var user = await _grantChecker.EnsureGranted(model.AccessToken, model.OpenId, t => t.ChangeBasicInfo); user.NickName = model.NewNickName; user.IconFilePath = model.NewIconFilePathName; user.Bio = model.NewBio; await _dbContext.SaveChangesAsync(); return Json(new AiurProtocol { Code = ErrorType.Success, Message = "Successfully changed this user's profile!" }); }
public Task LogAuthRecord(string userId, string ip, bool success, string appId) { var log = new AuditLogLocal { UserId = userId, IPAddress = ip, Success = success, AppId = appId }; _dbContext.AuditLogs.Add(log); return(_dbContext.SaveChangesAsync()); }
public async Task <AuthoriseResponse> AuthoriseTransaction(AuthoriseRequest request) { var user = RouteData.GetUser(); var cardNumber = new CardNumber(request.CardNumber); var stopwatch = new Stopwatch(); stopwatch.Start(); var response = await _cardAuthoriser.AuthoriseAsync(request); stopwatch.Stop(); response.ProcessingTimeMs = Convert.ToInt32(stopwatch.ElapsedMilliseconds); var transaction = Transaction.Create(response, cardNumber, user); _dbContext.Transactions.Add(transaction); await _dbContext.SaveChangesAsync(); return(response); }
public async Task <IActionResult> CodeToOpenId(CodeToOpenIdAddressModel model) { var appId = await _tokenManager.ValidateAccessToken(model.AccessToken); var targetPack = await _dbContext .OAuthPack .SingleOrDefaultAsync(t => t.Code == model.Code); if (targetPack == null) { return(this.Protocol(ErrorType.WrongKey, "The code doesn't exists in our database.")); } // Use time is more than 10 seconds from now. if (targetPack.UseTime != DateTime.MinValue && targetPack.UseTime + TimeSpan.FromSeconds(10) < DateTime.UtcNow) { return(this.Protocol(ErrorType.HasDoneAlready, "Code is used already!")); } if (targetPack.ApplyAppId != appId) { return(this.Protocol(ErrorType.Unauthorized, "The app granted code is not the app granting access token!")); } var capp = (await _apiService.AppInfoAsync(targetPack.ApplyAppId)).App; if (!capp.ViewOpenId) { return(this.Protocol(ErrorType.Unauthorized, "The app doesn't have view open id permission.")); } targetPack.UseTime = DateTime.UtcNow; await _dbContext.SaveChangesAsync(); var viewModel = new CodeToOpenIdViewModel { OpenId = targetPack.UserId, Scope = "scope", Message = "Successfully get user openid", Code = ErrorType.Success }; return(Json(viewModel)); }
public async void TestFindById() { // Arrange var options = new DbContextOptionsBuilder <GatewayDbContext>().UseInMemoryDatabase("device_test_findbyid"); var db = new GatewayDbContext(options.Options); var gateway = new Gateway { Id = 1, Name = "ZZZ", IPv4 = "127.0.0.1", SerialNumber = "qwe123" }; var device = new Device { Id = 1, CreatedDate = new DateTime(), Status = Status.Online, UID = 1, Vendor = "Vendor", Gateway = gateway }; db.Add(device); await db.SaveChangesAsync(); var repo = new DeviceRepository(db); // Act var result = await repo.FindById(1); // Assert Assert.Equal(1, result.UID); }
public async Task <IActionResult> Register(RegisterViewModel model) { if (!_allowRegistering) { return(Unauthorized()); } if (!_captcha.Validate(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(string.Empty, "Invalid captcha code!"); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (!ModelState.IsValid) { model.Recover(app.AppName, app.IconPath); return(View(model)); } bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.Email.ToLower()); if (exists) { ModelState.AddModelError(string.Empty, $"An user with email '{model.Email}' already exists!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var countStart = DateTime.UtcNow - TimeSpan.FromDays(1); var requestIp = HttpContext.Connection.RemoteIpAddress?.ToString(); if (await _dbContext.Users .Where(t => t.RegisterIPAddress == requestIp) .Where(t => t.AccountCreateTime > countStart) .CountAsync() > 5) { ModelState.AddModelError(string.Empty, "You can't create more than 5 accounts in one day!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var user = new GatewayUser { UserName = model.Email, Email = model.Email, NickName = model.Email.Split('@')[0], PreferedLanguage = model.PreferedLanguage, IconFilePath = AuthValues.DefaultImagePath, RegisterIPAddress = requestIp }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N"), LastSendTime = DateTime.UtcNow }; await _dbContext.UserEmails.AddAsync(primaryMail); await _dbContext.SaveChangesAsync(); // Send him an confirmation email here: _cannonService.FireAsync <ConfirmationEmailSender>(async(sender) => { await sender.SendConfirmation(user.Id, primaryMail.EmailAddress, primaryMail.ValidateToken); }); await _authLogger.LogAuthRecord(user.Id, HttpContext, true, app.AppId); await _signInManager.SignInAsync(user, isPersistent : true); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation, app.TrustedApp)); } AddErrors(result); model.Recover(app.AppName, app.IconPath); return(View(model)); }
public Task ClearTimeOutOAuthPack(GatewayDbContext dbContext) { dbContext.OAuthPack.Delete(t => t.UseTime + new TimeSpan(1, 0, 0, 0) < DateTime.UtcNow); dbContext.OAuthPack.Delete(t => !t.IsAlive); return(dbContext.SaveChangesAsync()); }