public async Task ChangePasswordAsync(ChangePasswordModel model)
{
try
{
if (model.NewPassword.Length < 8)
{
throw new ServiceException(Resources.Error.PasswordLength);
}
var user = await _userRepository.GetAsync(model.Id);
if (user is null)
{
throw new ServiceException(Resources.Error.NotFound);
}
if (!PasswordHelper.CheckPassword(user.Password, model.CurrentPassword))
{
throw new ServiceException(Resources.Error.PasswordMissMatch);
}
user.Password = PasswordHelper.EncryptPassword(model.NewPassword);
await _userRepository.UpdateAsync(user);
}
catch (Exception ex)
{
_logger.LogError(ex, $"Change user password failed.");
throw;
}
}
public async Task <UserModel> LoginAsync(UserModel model)
{
try
{
var user = await _userRepository.GetByUsernameAsync(model.Username);
if (user == null)
{
return(null);
}
if (PasswordHelper.CheckPassword(user.Password, model.Password))
{
return(_mapper.Map <UserModel>(user));
}
else
{
return(null);
}
}
catch (Exception ex)
{
_logger.LogError(ex, $"Login User failed.");
throw;
}
}
public ActionResult ChangePassRegistered(ChangePassRegistered passData)
{
try
{
var user = dataHelper.GetUserData(User.Identity.Name);
ViewBag.User = user;
if (ModelState.IsValid)
{
var userPassData = dataHelper.GetPasswordData(user.Login);
if (passwordHelper.CheckPassword(passData.OldPassword, userPassData))
{
userPassData = passwordHelper.CryptPassword(passData.ConfirmPassword);
userPassData.Login = user.Login;
dataHelper.ChangePass(userPassData);
return(RedirectToAction("Index"));
}
else
{
ModelState.AddModelError("OldPassword", "Не верный пароль");
return(View(passData));
}
}
return(View(passData));
}
catch (Exception ex)
{
logger.ErrorMessage("305", ex);
return(View("Error", new Error()
{
ExDescription = ex.Message
}));
}
}
public async Task <IActionResult> Login(LoginModel model)
{
if (ModelState.IsValid)
{
//получаем пользователя по введенному логину (email). Думаем, что логины уникальны,
//и поэтому при регистрации по хорошему надо добавить проверку на уникальность логина
User user = await _context.Users
.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.Email == model.Email);
if (user != null && PasswordHelper.CheckPassword(model.Password, user.Password, user.Salt))
{
await Authenticate(user); // аутентификация
Log.Information("Вход пользователя {@user}", user);
return(RedirectToAction("List", "Product"));
}
ModelState.AddModelError("", "Некорректные логин и(или) пароль");
}
Log.Information("Неудачная опытка входа {@model}", model);
return(View(model));
}
public IActionResult Login(LoginRequestDto request)
{
var authenticatedStudent = _dbService.GetUserInfo(request.Login);
if (authenticatedStudent == null ||
!PasswordHelper.CheckPassword(authenticatedStudent.PasswordHash, authenticatedStudent.PasswordSalt, request.Password))
{
return(BadRequest("Wrong login or password"));
}
var refreshToken = Guid.NewGuid().ToString();
_dbService.SaveRefreshToken(authenticatedStudent.IndexNumber, refreshToken);
return(CreateTokenResponse(authenticatedStudent, refreshToken));
}
public async Task <IActionResult> Register([FromBody] UserCredentialsDto model)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
if (!PasswordHelper.CheckPassword(model.Password))
{
return(BadRequest("new password is incorrect"));
}
var user = new User
{
UserName = model.Email,
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName,
IsActive = model.IsActive,
IsPasswordForChange = true,
};
var oldUser = await _userManager.FindByEmailAsync(model.Email);
if (oldUser != null)
{
return(new StatusCodeResult(StatusCodes.Status409Conflict));
}
var result = await _userManager.CreateAsync(user, model.Password);
await _userManager.AddToRoleAsync(user, model.RoleName);
if (result.Succeeded)
{
return(Ok(user));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError("error", error.Description);
}
return(BadRequest(result.Errors));
}
public UserModel Login(string username, string password)
{
LoggedInUser = Context.Users.Where(e => e.UserName == username).Select(e => new UserModel
{
Id = e.Id,
UserName = e.UserName,
Password = e.Password
}).FirstOrDefault();
if (LoggedInUser == null)
{
return(null);
}
if (PasswordHelper.CheckPassword(password, LoggedInUser.Password))
{
return(LoggedInUser);
}
LoggedInUser = null;
return(null);
}
public ActionResult SignIn(LoginViewModel model)
{
if (ModelState.IsValid)
{
User user = db.Users.FirstOrDefault(x => x.RutUser == model.Rut);
if (user != null && PasswordHelper.CheckPassword(model.Password, user.PasswordUserHash, user.PasswordUserSalt))
{
Session["UserId"] = user.UserId;
InitOwin(user);
TempData["SuccessMessage"] = $"Bienvenido { user.NombreCompleto}";
return(RedirectToAction("Index", "Home"));
}
TempData["ErrorMessage"] = "Error al iniciar sesión";
return(RedirectToAction("Login"));
}
TempData["ErrorMessage"] = "Error usuario y/o Contraseña";
return(RedirectToAction("Login"));
}
public async Task <ActionResult> SignIn(LoginViewModel model)
{
if (ModelState.IsValid)
{
User user = await db.Users.FirstOrDefaultAsync(x => x.Email == model.Email);
if (user != null && PasswordHelper.CheckPassword(model.Password, user.PasswordHash, user.PasswordSalt))
{
await InitOwin(user);
TempData["SuccessMessage"] = $"Bienvenido {user.FullName}";
return(RedirectToAction("Index", "Home")); //json
}
TempData["ErrorMessage"] = "Inicio de sesión incorrecto";
return(RedirectToAction("Login"));
}
TempData["ErrorMessage"] = "Existieron errores de validación";
return(RedirectToAction("Login"));
}
public ActionResult Login(UserLoginDataVM loginData)
{
if (ModelState.IsValid)
{
var passData = dataHelper.GetPasswordData(loginData.Login);
if (passData == null)
{
ModelState.AddModelError("Login", "Неправильный логин или E-mail!");
return(View(loginData));
}
else
if (passwordHelper.CheckPassword(loginData.Password, passData))
{
var user = dataHelper.GetUserData(loginData.Login);
if (!user.Confirmed)
{
ModelState.AddModelError("Login", "Вы не подтвердили регистрацию по E-mail!");
}
else if (user.Status == 1)
{
ModelState.AddModelError("Login", "Вы ЗАБЛОКИРОВАНЫ! С вопросами обращайтесь к администрации.");
}
else
{
FormsAuthentication.SetAuthCookie(passData.Login, true);
Session["userId"] = user.Id;
logger.InfoMessage("104", $"User {passData.Login} has login in");
return(RedirectToAction("Index", "Home"));
}
}
else
{
ModelState.AddModelError("Password", "Неправильный пароль!");
}
}
return(View(loginData));
}
public ActionResult ChangePassword(PasswordModel passwordModel)
{
try
{
LoginHelper.CheckAccess(Session);
}
catch (Exception)
{
return(RedirectToAction("Login", "Login"));
}
PasswordHelper passwordHelper = new PasswordHelper();
int userId = (int)Session["userId"];
var userHandler = new UserHandler();
var user = userHandler.Get(userId);
if (!user.CompletedRequest)
{
return(RedirectToAction("Index", "Error", new { errorMessage = user.ErrorMessage.Replace(' ', '-') }));
}
if (!passwordHelper.CheckPassword(user.Entity, passwordModel))
{
ViewBag.UpdatePasswordMessage = passwordHelper.UpdatePasswordMessage;
return(View("ChangePassword"));
}
user = userHandler.Update(user.Entity);
if (!user.CompletedRequest)
{
return(RedirectToAction("Index", "Error", new { errorMessage = user.ErrorMessage.Replace(' ', '-') }));
}
return(RedirectToAction("UserProfile", "Account"));
}
/// <summary>
/// Check if a form can be showed
/// </summary>
/// <param name="o"></param>
/// <param name="formName"></param>
/// <returns></returns>
private bool CanShowForm(object o, string formName)
{
bool ret = false;
if (_isPasswordLogged)
{
//already logged in, show the form
ret = true;
}
else
{
if (!PasswordHelper.CheckPassword(String.Join(",", _passwordProtectedForms), _passwordProtectedFormsCheck) || _passwordProtectedForms.Contains(formName) || _passwordProtectedForms.FirstOrDefault() == "*")
{
//check for inserted password
string input = null;
if (InputBox.ShowPassword(language.passwordInputMessage, language.passwordInputTitle, ref input) == DialogResult.OK)
{
if (PasswordHelper.CheckPassword(input, _passwordProtectedFormsPassword))
{
_isPasswordLogged = true;
toolStripStatusLabel_logout.Visible = true;
ret = true;
}
else
{
MessageBox.Show(language.passwordErrorMessage, language.passwordErrorTitle, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
else
{
ret = true;
}
}
return(ret);
}
/// <summary>
/// Run a report
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void button_execute_Click(object sender, EventArgs e)
{
if (comboBox_reports.SelectedIndex != -1 && comboBox_reports.SelectedIndex != 0)
{
DataTable dt = new DataTable();
int reports_id = Convert.ToInt32(comboBox_reports.SelectedValue);
reports report = _dentnedModel.Reports.Find(reports_id);
if (report.reports_ispasswordprotected && !_isPasswordLogged)
{
string input = null;
if (InputBox.ShowPassword(language.reportsPasswordInputMessage, language.reportsPasswordInputTitle, ref input) == DialogResult.OK)
{
if (PasswordHelper.CheckPassword(input, ConfigurationManager.AppSettings["passwordProtectedReports"]))
{
_isPasswordLogged = true;
}
else
{
MessageBox.Show(language.reportsPasswordErrorMessage, language.reportsPasswordErrorTitle, MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
else
{
return;
}
}
string query = report.reports_query;
if (!OpenSQLConnection(_sqlConnection))
{
return;
}
try
{
//check for user in group
SqlCommand sql_cm1 = null;
SqlDataReader sql_rd1 = null;
sql_cm1 = new SqlCommand();
sql_cm1.Connection = _sqlConnection;
sql_cm1.CommandType = CommandType.Text;
sql_cm1.CommandText = query;
foreach (DataRow dr in _datatableReportsParameters.Rows)
{
SqlParameter param = new SqlParameter();
param.ParameterName = dr["Name"].ToString();
param.Value = dr["Value"].ToString();
sql_cm1.Parameters.Add(param);
}
sql_rd1 = sql_cm1.ExecuteReader();
sql_rd1.Read();
if (sql_rd1.HasRows)
{
for (int i = 0; i < sql_rd1.FieldCount; i++)
{
Type dtType = Type.GetType("System.String");
try
{
dtType = sql_rd1[sql_rd1.GetName(i)].GetType();
if (dtType == Type.GetType("System.DBNull"))
{
dtType = Type.GetType("System.String");
}
}
catch { }
dt.Columns.Add(sql_rd1.GetName(i), dtType);
}
}
else
{
for (int i = 0; i < sql_rd1.FieldCount; i++)
{
Type dtType = Type.GetType("System.String");
dt.Columns.Add(sql_rd1.GetName(i), dtType);
}
}
sql_rd1.Close();
sql_rd1 = sql_cm1.ExecuteReader();
while (sql_rd1.Read())
{
DataRow dr = dt.NewRow();
for (int i = 0; i < sql_rd1.FieldCount; i++)
{
dr[sql_rd1.GetName(i)] = sql_rd1[sql_rd1.GetName(i)];
}
dt.Rows.Add(dr);
}
sql_rd1.Close();
sql_rd1.Dispose();
sql_cm1.Dispose();
}
catch (Exception ex)
{
dt.Columns.Clear();
dt.Columns.Add("Errors", Type.GetType("System.String"));
DataRow dr = dt.NewRow();
dr["Errors"] = ex.Message;
dt.Rows.Add(dr);
}
finally
{
_sqlConnection.Close();
}
advancedDataGridView_main.CleanFilterAndSort();
_mainBindingSource.DataSource = dt;
for (int i = 0; i < advancedDataGridView_main.Columns.Count; i++)
{
advancedDataGridView_main.Columns[i].AutoSizeMode = System.Windows.Forms.DataGridViewAutoSizeColumnMode.Fill;
}
}
}
