public void EditWithEditWindow(DecryptedPasswordFile file)
{
Helpers.AssertOnUiThread();
using (var window = new EditWindow(file.RelativePath, file.Content, ConfigManager.Config.PasswordStore.PasswordGeneration))
{
if (!window.ShowDialog() ?? true)
{
return;
}
try
{
var newFile = new DecryptedPasswordFile(file.PasswordStore, file.FullPath, window.PasswordContent.Text);
passwordManager.EncryptPassword(newFile, true);
syncService?.EditPassword(newFile.RelativePath);
if (ConfigManager.Config.Notifications.Types.PasswordUpdated)
{
notificationService.Raise($"Password file \"{newFile.FileNameWithoutExtension}\" has been updated.", Severity.Info);
}
}
catch (Exception e)
{
notificationService.ShowErrorWindow($"Unable to save your password (encryption failed): {e.Message}");
// TODO: do we want to show the edit window again here?
}
}
}
private void EditWithEditWindow(DecryptedPasswordFile file)
{
Helpers.AssertOnUiThread();
using (var window = new EditWindow(pathDisplayHelper.GetDisplayPath(file), file.Content, ConfigManager.Config.PasswordStore.PasswordGeneration))
{
if (!window.ShowDialog() ?? true)
{
return;
}
var newFile = new DecryptedPasswordFile(file, window.PasswordContent.Text);
try
{
passwordManager.EncryptPassword(newFile);
syncService?.EditPassword(newFile.FullPath);
if (ConfigManager.Config.Notifications.Types.PasswordUpdated)
{
notificationService.Raise($"Password file \"{newFile.FileNameWithoutExtension}\" has been updated.", Severity.Info);
}
}
catch (GitException e)
{
notificationService.ShowErrorWindow($"Unable to commit your changes: {e.Message}");
EditWithEditWindow(newFile);
}
catch (Exception e)
{
notificationService.ShowErrorWindow($"Unable to save your password (encryption failed): {e.Message}");
EditWithEditWindow(newFile);
}
}
}
public async Task CompleteUser(Guid code, string email, string password, string passwordConfirm)
{
var pending = await _pendingIdentityRepository.GetAsync(code, email);
if (pending is null)
{
_logger.LogWarning($"Pending user not found with code: {code} and email: {email}");
throw new VmsException(Codes.InvalidCredentials, "The account registration has not been made.");
}
//TODO: make sure this check is done on creation of account pending.
//var existing = await _identityRepository.GetByEmailAndRole(email, Roles.);
//if (existing != null)
// throw new VmsException(Codes.EmailInUse, "Their has already been an account created with this email.");
if (password != passwordConfirm)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var pword = _passwordManager.EncryptPassword(password);
var numberCode = await GetCode(pending.BusinessId);
var identity = new Domain.Identity(email, pword.Hash, pword.Salt, pending.Role, pending.BusinessId, numberCode);
await _identityRepository.AddAsync(identity);
await _pendingIdentityRepository.RemoveAsync(pending);
_publisher.PublishEvent(new UserAccountCreated(identity.Id, identity.Email, identity.Code), RequestInfo.Empty);
}
public void CreateNew(Account account)
{
if (UserExists(account.Username))
{
throw new UserAlreadyExistsException();
}
if (InvalidUserName(account.Username))
{
throw new InvalidUsernameException();
}
if (InvalidEmailAddres(account.EmailAddress))
{
throw new InvalidEmailAddressException();
}
var user = new WebSecurityUser();
user.SetDefaultStatistics("system");
// Copy over default stats
account.LastModified = user.Statistics.LastModified.Value;
account.LastLogin = user.Statistics.LastLogin.Value;
account.LastLoginAttempted = user.Statistics.LastLoginAttempted.Value;
account.LastPasswordChanged = user.Statistics.LastPasswordChanged.Value;
account.Password =
_passwordManager.EncryptPassword(account.Password, BCryptEncoder.GenerateSalt(), BCryptEncoder.HashPassword);
_repository.Save(account);
}
public async Task CompleteAdmin(Guid code, string password, string passwordMatch, string email)
{
var pendingIdentity = await _pendingIdentityRepository.GetAsync(code, email);
if (pendingIdentity is null)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var existing = await _identityRepository.GetByEmailAndRole(email, Roles.SystemAdmin);
if (existing != null)
{
throw new VmsException(Codes.EmailInUse, "Their has already been an account created with this email.");
}
if (password != passwordMatch)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var pword = _passwordManager.EncryptPassword(password);
var identity = new Domain.Identity(email, pword.Hash, pword.Salt, Roles.SystemAdmin);
await _identityRepository.AddAsync(identity);
}
public void CreateUser(WebSecurityUser user)
{
var assertions = new List <PolicyAssertion>
{
new PasswordLengthPolicy(),
new PasswordStrengthPolicy(),
new PasswordCharactersPolicy()
};
_policyEnforcer.EnforceUniqueUser(user);
_policyEnforcer.EnforcePasswordPolicies(user, assertions);
user.Username = user.NewUsername;
user.Password = _passwordManager.EncryptPassword(user.NewPassword, BCryptEncoder.GenerateSalt(), BCryptEncoder.HashPassword);
user.SetDefaultStatistics(Authorizer.Username);
_dataProvider.CreateUser(user);
}
private ActionResult RegisterUser(RegisterViewModel model)
{
model.Email = model.Email.ToLower();
lock (_registerUserSyncRoot)
{
var user = _context.Users.Where(x => x.Email == model.Email).AsNoTracking().FirstOrDefault();
if (user == null)
{
var securePassword = _passwordManager.EncryptPassword(model.Password);
user = new User(model.Email, model.FirstName, model.LastName, securePassword.HashedPassword, securePassword.Salt);
_context.Users.Add(user);
_context.SaveChanges();
var loginViewModel = new LoginViewModel();
loginViewModel.ShowMessage(ToastrType.Success, "Sukces", "Twoje konto zostało utworzone. Możesz się zalogować.");
return(View("Login", loginViewModel));
}
}
model.ShowMessage(ToastrType.Error, "Błąd", "Podany email istanieje już w bazie.");
model.Password = model.PasswordConfirmation = string.Empty;
return(View(model));
}
private void CheckSeed(IIdentityRepository repo, IPasswordManager passwordManager, IServiceBusMessagePublisher publisher)
{
//if (repo.GetByEmailAndRole("*****@*****.**", Roles.BusinessAdmin).Result == null)
//{
// var password = passwordManager.EncryptPassword("Test123");
// repo.AddAsync(new Domain.Identity("*****@*****.**", password.Hash, password.Salt, Roles.BusinessAdmin));
//}
//if (repo.GetByEmailAndRole("*****@*****.**", Roles.StandardPortalUser).Result == null)
//{
// var password = passwordManager.EncryptPassword("Test123");
// repo.AddAsync(new Domain.Identity("*****@*****.**", password.Hash, password.Salt, Roles.StandardPortalUser));
//}
if (repo.GetByEmailAndRole("*****@*****.**", Roles.SystemAdmin).Result == null)
{
var password = passwordManager.EncryptPassword("Test123");
repo.AddAsync(new Domain.Identity("*****@*****.**", password.Hash, password.Salt, Roles.SystemAdmin));
}
}