public async Task GetUserByEmailAndPasswordTest() { DbContextOptions <ATZBDbContext> options = new DbContextOptionsBuilder <ATZBDbContext>() .UseInMemoryDatabase(databaseName: Guid.NewGuid().ToString()) .Options; ATZBDbContext context = new ATZBDbContext(options); UserService userService = new UserService(context); PasswordHasherService passwordHasherService = new PasswordHasherService(); string emailForTest = "*****@*****.**"; string passwordForTest = "testpassword1"; var passwordHashed = await passwordHasherService.HashPasswordAsync(passwordForTest); ATZBUser expectedUser = new ATZBUser() { Email = emailForTest , PasswordHash = passwordHashed.Key , PasswordSalt = passwordHashed.Value }; SeedDbWithUsers(context, DataForSeedUsers); await userService.CreateUserAsync(expectedUser); var actualUser = userService.GetUserByUsernameAndPasswordAsync(emailForTest, passwordForTest).Result.Key; Assert.Equal(expectedUser, actualUser); }
public async Task <AppUser> Login([FromBody] AppUser loginUser, bool passwordIsHashed) { var user = await _appUserService.FindByName(loginUser.Name); if (user == null) { return(null); } var res = PasswordHasherService.VerifyMd5Hash(loginUser.Password, user.Password, passwordIsHashed); return(res ? user : null); }
public async Task <IHttpActionResult> PutUser(Models.UserModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await userRepository.GetOne(model.Id); if (user == null) { return(NotFound()); } user.FirstName = model.FirstName; user.LastName = model.LastName; user.UserName = model.UserName; user.EmailAddress = model.EmailAddress; if (model.Password != null) { user.Salt = PasswordHasherService.GenerateSalt(); user.Hash = PasswordHasherService.HashPassword(model.Password, user.Salt); } try { await userRepository.SaveAsync(); } catch (DbUpdateConcurrencyException) { if (!userRepository.UserExists(model.Id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public IActionResult UpdateStudent([FromQuery] string Ind, [FromBody] Student stud) { try { var output = _context.Student.Where(st => st.IndexNumber.Equals(Ind)).FirstOrDefault(); output.FirstName = stud.FirstName; output.LastName = stud.LastName; output.BirthDate = stud.BirthDate; output.IdEnrollment = stud.IdEnrollment; if (stud.Password != null) { output.Password = PasswordHasherService.GenerateSaltedHash(stud.Password, output.Salt); } _context.SaveChanges(); return(Ok("Successfuly edited student!")); }catch (NullReferenceException ex) { return(BadRequest("No student found")); } }
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin"); if (allowedOrigin == null) { allowedOrigin = "*"; } using (var db = new Models.APIContext()) { var user = db.Users .Where(u => u.UserName == context.UserName) .FirstOrDefault(); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return(Task.FromResult <object>(null)); } if (user.Hash != PasswordHasherService.HashPassword(context.Password, user.Salt)) { context.SetError("invalid_grant", "The user name or password is incorrect."); return(Task.FromResult <object>(null)); } var identity = GetIdentityFromUser(db, user, context.Options.AuthenticationType); var ticket = new AuthenticationTicket(identity, BuildTicketProperties(db, user, context.ClientId == null ? String.Empty : context.ClientId)); context.Validated(ticket); return(Task.FromResult <object>(null)); } }
public async Task <IHttpActionResult> PostUser(Models.UserModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = new User(); user.FirstName = model.FirstName; user.LastName = model.LastName; user.UserName = model.UserName; user.EmailAddress = model.EmailAddress; user.Salt = PasswordHasherService.GenerateSalt(); user.Hash = PasswordHasherService.HashPassword(model.Password, user.Salt); userRepository.Add(user); await userRepository.SaveAsync(); return(Created(Request.RequestUri + user.Id.ToString(), user)); }
public EnrollResponse EnrollStudent(EnrollRequest request) { EnrollResponse enrollResponse = new EnrollResponse(); using (var client = new SqlConnection("Data Source = db-mssql.pjwstk.edu.pl; Initial Catalog = s16796; Integrated Security = True")) { using (var command = new SqlCommand()) { command.Connection = client; client.Open(); var transaction = client.BeginTransaction(); command.Transaction = transaction; command.CommandText = "Select IdStudy FROM Studies where Name=@name"; command.Parameters.AddWithValue("name", request.Studies); var dr = command.ExecuteReader(); if (!dr.Read()) { dr.Close(); transaction.Rollback(); throw new ArgumentException("No studies found with that name"); } else { enrollResponse.IdStudies = Convert.ToInt32(dr["IdStudy"].ToString()); enrollResponse.Semester = 1; enrollResponse.Studies = request.Studies; } dr.Close(); command.Parameters.Clear(); command.CommandText = "SELECT IdEnrollment, StartDate FROM Enrollment WHERE semester = 1 AND IdStudy = @id order by StartDate desc"; command.Parameters.AddWithValue("id", enrollResponse.IdStudies); dr = command.ExecuteReader(); if (dr.Read()) { enrollResponse.IdEnrollment = Convert.ToInt32(dr["IdEnrollment"].ToString()); enrollResponse.StartDate = Convert.ToDateTime(dr["StartDate"]); } else { //enrollment nie istnieje! dr.Close(); command.CommandText = "INSERT INTO Enrollment(IdEnrollment, Semester, IdStudy, StartDate) OUTPUT Inserted.IdEnrollment VALUES((SELECT MAX(IdEnrollment) FROM Enrollment) + 1, 1, @id, @startdate)"; command.Parameters.AddWithValue("startdate", DateTime.Now); dr = command.ExecuteReader(); dr.Read(); enrollResponse.IdEnrollment = Convert.ToInt32(dr["IdEnrollment"].ToString()); enrollResponse.StartDate = DateTime.Now.Date; } dr.Close(); var studentsalt = GetSalt(32); command.Parameters.Clear(); command.CommandText = "INSERT INTO Student(IndexNumber, FirstName, LastName, BirthDate, IdEnrollment, Password, Salt) VALUES(@index, @first, @last, @birth, @enrollment, @Password, @Salt)"; command.Parameters.AddWithValue("index", request.IndexNumber); command.Parameters.AddWithValue("first", request.FirstName); command.Parameters.AddWithValue("last", request.LastName); command.Parameters.AddWithValue("birth", DateTime.ParseExact(request.BirthDate, "dd.MM.yyyy", null)); command.Parameters.AddWithValue("enrollment", enrollResponse.IdEnrollment); command.Parameters.AddWithValue("Password", PasswordHasherService.GenerateSaltedHash(request.Password, studentsalt)); command.Parameters.AddWithValue("Salt", studentsalt); try { dr = command.ExecuteReader(); enrollResponse.IndexNumber = request.IndexNumber; } catch (Exception exc) { Console.WriteLine(exc); dr.Close(); transaction.Rollback(); throw new ArgumentException("This index already exists"); } dr.Close(); transaction.Commit(); return(enrollResponse); } } }
public override async Task <AppUser> AddNewItem(AppUser user) { user.Password = PasswordHasherService.GetMd5Hash(user.Password); return(await base.AddNewItem(user)); }
protected override void Seed(API.Models.APIContext context) { // This method will be called after migrating to the latest version. // You can use the DbSet<T>.AddOrUpdate() helper extension method // to avoid creating duplicate seed data. E.g. var salt = PasswordHasherService.GenerateSalt(); context.Users.AddOrUpdate( p => p.UserName, new Core.User { EmailAddress = "*****@*****.**", FirstName = "Admin", LastName = "Test", Hash = PasswordHasherService.HashPassword("test", salt), Salt = salt, UserName = "******" } ); context.Policies.AddOrUpdate(p => p.Id, new Core.Policy { Id = 1, CustomerName = "Grecia Hung", Description = "Indernizacion del patrimonio", TypeCover = Core.TypeCover.Earthquake, TypeRisk = Core.TypeRisk.Low, PercentageCoverage = 20, Price = 1000, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddYears(1) }, new Core.Policy { Id = 2, CustomerName = "Osner Sanchez", Description = "N/A", TypeCover = Core.TypeCover.Stole, TypeRisk = Core.TypeRisk.Low, PercentageCoverage = 100, Price = 5000, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddYears(1) }, new Core.Policy { Id = 3, CustomerName = "Juan Guaidó", Description = "Aplica para perdida total", TypeCover = Core.TypeCover.Fire, TypeRisk = Core.TypeRisk.High, PercentageCoverage = 10, Price = 10000, StartDate = DateTimeOffset.Now.AddYears(-1), EndDate = DateTimeOffset.Now.AddDays(-1) }, new Core.Policy { Id = 4, CustomerName = "Darwin Ruiz", Description = "Aplica para perdida total", TypeCover = Core.TypeCover.Others, TypeRisk = Core.TypeRisk.Medium, PercentageCoverage = 10, Price = 3000, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddDays(50) }, new Core.Policy { Id = 5, CustomerName = "Ambar Urbaez", Description = "N/A", TypeCover = Core.TypeCover.Earthquake, TypeRisk = Core.TypeRisk.High, PercentageCoverage = 20, Price = 10000, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddYears(1) }, new Core.Policy { Id = 6, CustomerName = "Davis Mejias", Description = "N/A", TypeCover = Core.TypeCover.Stole, TypeRisk = Core.TypeRisk.Low, PercentageCoverage = 100, Price = 5000, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddYears(1) }, new Core.Policy { Id = 7, CustomerName = "Andres Padilla", Description = "N/A", TypeCover = Core.TypeCover.Fire, TypeRisk = Core.TypeRisk.Low, PercentageCoverage = 60, Price = 10000, StartDate = DateTimeOffset.Now.AddYears(-1), EndDate = DateTimeOffset.Now.AddDays(-1) }, new Core.Policy { Id = 8, CustomerName = "Ibsen Rios", Description = "Aplica para perdida total", TypeCover = Core.TypeCover.Lost, TypeRisk = Core.TypeRisk.MediumHigh, PercentageCoverage = 35, Price = 9500, StartDate = DateTimeOffset.Now, EndDate = DateTimeOffset.Now.AddDays(100) } ); }
public EnrollResponse EnrollStudent(EnrollRequest request, s16796Context context) { EnrollResponse enrollResponse = new EnrollResponse(); context.Database.BeginTransaction(); var test = context.Student.Where(student => student.IndexNumber.Equals(request.IndexNumber)).FirstOrDefault(); if (test != null) { throw new ArgumentException("Index taken!"); } enrollResponse.IndexNumber = request.IndexNumber; try { enrollResponse.IdStudies = context.Studies.Where(studies => studies.Name.Equals(request.Studies)).Select(studies => studies.IdStudy).FirstOrDefault(); }catch (InvalidOperationException ex) { context.Database.RollbackTransaction(); throw new ArgumentException("No studies found with that name"); } enrollResponse.Semester = 1; enrollResponse.Studies = request.Studies; try { var output = context.Enrollment.Where(enroll => enroll.Semester == 1 && enroll.IdStudy == enrollResponse.IdStudies).Select(enr => new { IdEnrollment = enr.IdEnrollment, StartDate = enr.StartDate }).First(); enrollResponse.IdEnrollment = output.IdEnrollment; enrollResponse.StartDate = output.StartDate; }catch (InvalidOperationException ex) { enrollResponse.IdEnrollment = context.Enrollment.Max(enr => enr.IdEnrollment) + 1; enrollResponse.StartDate = DateTime.Now.Date; var enrollmentadd = new Enrollment() { IdEnrollment = enrollResponse.IdEnrollment, Semester = 1, IdStudy = enrollResponse.IdStudies, StartDate = enrollResponse.StartDate }; context.Enrollment.Add(enrollmentadd); } var studentsalt = GetSalt(32); var nowystudent = new Student() { IndexNumber = request.IndexNumber, FirstName = request.FirstName, LastName = request.LastName, BirthDate = DateTime.ParseExact(request.BirthDate, "dd.MM.yyyy", null), IdEnrollment = enrollResponse.IdEnrollment, Password = PasswordHasherService.GenerateSaltedHash(request.Password, studentsalt), Salt = studentsalt }; context.Student.Add(nowystudent); context.SaveChanges(); context.Database.CommitTransaction(); return(enrollResponse); }