public virtual async Task <OAuthUser> Authenticate(string login, string password, CancellationToken token) { var user = await _oauthUserRepository.FindOAuthUserByLogin(login, token); if (user == null) { throw new BaseUIException(Exceptions.ErrorCodes.UNKNOWN_USER); } var credential = user.Credentials.FirstOrDefault(c => c.CredentialType == Constants.AMR); var hash = PasswordHelper.ComputeHash(password); if (credential == null || credential.Value != PasswordHelper.ComputeHash(password)) { throw new BaseUIException(Exceptions.ErrorCodes.INVALID_CREDENTIALS); } return(user); }
public async Task <User> Authenticate(string login, string password, CancellationToken token) { var user = await _userRepository.FindOAuthUserByLogin(login, token); if (user == null) { throw new BaseUIException("UnknownUser"); } var credential = user.Credentials.FirstOrDefault(c => c.CredentialType == Constants.AMR); var hash = PasswordHelper.ComputeHash(password); if (credential == null || credential.Value != PasswordHelper.ComputeHash(password)) { throw new BaseUIException("InvalidCredentials"); } return(user); }
public HttpResponseMessage EditEmployee(Employee employee) { try { // checks for password updates if (!string.IsNullOrWhiteSpace(employee.Password)) { // Generates Salt employee.Salt = PasswordHelper.GenerateSalt(); // Hashing the password + salt employee.PasswordHash = PasswordHelper.ComputeHash(employee.Password, employee.Salt); } string sql = "UPDATE hfo_Employee SET FirstName = @FirstName, LastName = @LastName, Email = @Email, PhoneNo = @PhoneNo, Experience = @Experience, Gender = @Gender, Biography = @Biography, PasswordHash = @PasswordHash, Salt = @Salt, RoleId = @RoleId WHERE EmployeeId = @EmployeeId"; using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString)) { int EmployeeId = connection.Execute(sql, new { employee.EmployeeId, employee.FirstName, employee.LastName, employee.Email, employee.PhoneNo, employee.Experience, employee.Gender, employee.Biography, employee.PasswordHash, employee.Salt, employee.RoleId }); return(Request.CreateResponse(HttpStatusCode.OK, EmployeeId)); } } catch (SqlException) { return(new HttpResponseMessage(HttpStatusCode.InternalServerError) { ReasonPhrase = "Medarbejderen kan ikke redigeres. Prøv igen senere" }); } }
public async Task <bool> Execute(string subject, string newPassword) { if (string.IsNullOrWhiteSpace(subject)) { throw new ArgumentNullException(nameof(subject)); } if (string.IsNullOrWhiteSpace(newPassword)) { throw new ArgumentNullException(nameof(newPassword)); } var resourceOwner = await _resourceOwnerRepository.GetAsync(subject); if (resourceOwner == null) { throw new IdentityServerException(Errors.ErrorCodes.InternalError, Errors.ErrorDescriptions.TheRoDoesntExist); } resourceOwner.Password = PasswordHelper.ComputeHash(newPassword); return(await _resourceOwnerRepository.UpdateAsync(resourceOwner)); }
public ActionResult TaoMoi(ThanhVien tv) { var tv1 = db.ThanhViens.FirstOrDefault(n => n.TaiKhoan == tv.TaiKhoan); if (tv1 == null) { tv.MaLoaiTV = 3; tv.DaXoa = false; // Mã hóa password tv.MatKhau = PasswordHelper.ComputeHash(tv.MatKhau, "MD5", GetBytes("Website")); // Thêm khách hàng vào csdl db.ThanhViens.Add(tv); db.SaveChanges(); ViewBag.ThongBao = "Thêm thành công"; } else { ViewBag.ThongBao = "Tên tài khoản đã tồn tại"; } return(View()); }
public HttpResponseMessage EditUser(User user) { try { // checks for password updates if (!string.IsNullOrWhiteSpace(user.Password)) { // Generates Salt user.Salt = PasswordHelper.GenerateSalt(); // Hashing the password + salt user.Password = PasswordHelper.ComputeHash(user.Password, user.Salt); } string sql = "UPDATE hfo_User SET FirstName = @FirstName, LastName = @LastName, Email = @Email, PhoneNo = @PhoneNo, PasswordHash = @PasswordHash, Salt = @Salt WHERE UserId = @UserId"; using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString)) { int UserId = connection.Execute(sql, new { user.UserId, user.FirstName, user.LastName, user.Email, user.PhoneNo, user.PasswordHash, user.Salt }); return(Request.CreateResponse(HttpStatusCode.OK, UserId)); } } catch (SqlException) { return(new HttpResponseMessage(HttpStatusCode.InternalServerError) { ReasonPhrase = "Brugeren kan ikke opdateres. Prøv igen senere" }); } }
public async Task CreateAsync([Required] CreateParams parameters) { // Create new Player object var player = new Player { Name = parameters.Name, Username = parameters.Username, PasswordSalt = PasswordHelper.CreateRandomSalt(), Email = parameters.Email, Gender = parameters.Gender, Birthdate = parameters.Birthdate, Created = DateTime.UtcNow }; // Create random salt and hash for the password (we are not storing it in plain text) player.PasswordHash = PasswordHelper.ComputeHash(parameters.Password, player.PasswordSalt); // Check for username duplication var duplicate = await _repository.Players.FirstOrDefaultAsync(x => x.Username == parameters.Username); if (duplicate != null) { throw new SystemException("The provided username already exists."); } // Check for email duplication duplicate = await _repository.Players.FirstOrDefaultAsync(x => x.Email == parameters.Email); if (duplicate != null) { throw new SystemException("The provided email already exists."); } // Populates the Players table in the database _repository.Players.Add(player); await _repository.SaveChangesAsync(); }
public HttpResponseMessage CreateNewEmployee([FromBody] Employee employee) { // Generates Salt string salt = PasswordHelper.GenerateSalt(); // Hashing the password + salt employee.PasswordHash = PasswordHelper.ComputeHash(employee.Password, salt); try { string sql = "INSERT INTO hfo_Employee (FirstName, LastName, Email, PhoneNo, Experience, Gender, Biography, PasswordHash, Salt, RoleId)" + "VALUES (@FirstName, @LastName, @Email, @PhoneNo, @Experience, @Gender, @Biography, @PasswordHash, @Salt, @RoleId)"; using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Hildur"].ConnectionString)) { int EmployeeId = connection.Execute(sql, new { employee.FirstName, employee.LastName, employee.Email, employee.PhoneNo, employee.Experience, employee.Gender, employee.Biography, employee.PasswordHash, salt, employee.RoleId }); return(Request.CreateResponse(HttpStatusCode.Accepted, EmployeeId)); } } catch (SqlException) { return(new HttpResponseMessage(HttpStatusCode.InternalServerError) { ReasonPhrase = "Medarbejderen kan ikke oprettes. Prøv igen senere" }); } }
public BaseResponse <Token> Login(AuthDto authDto) { var user = Include(u => u.UserRoles).ThenInclude(ur => ur.Role) .FirstOrDefault(u => u.IsActivated() && u.Email.Equals(authDto.Email, StringComparison.InvariantCultureIgnoreCase) ); if (user == null) { throw new DataNotFoundException("Tài khoản không tồn tại"); } var hash = PasswordHelper.ComputeHash(authDto.Password, user.PasswordSalt); if (!user.PasswordHash.SequenceEqual(hash)) { throw new BadRequestException("Mật khẩu không chính xác."); } var token = JwtHelper.CreateToken(Mapper.Map <UserOutputDto>(user)); return(new BaseResponse <Token>(HttpStatusCode.OK, data: token)); }
public async Task <bool> Execute(UpdateResourceOwnerPasswordParameter request) { if (request == null) { throw new ArgumentNullException(nameof(request)); } var resourceOwner = await _resourceOwnerRepository.GetAsync(request.Login); if (resourceOwner == null) { throw new IdentityServerManagerException(ErrorCodes.InvalidParameterCode, string.Format(ErrorDescriptions.TheResourceOwnerDoesntExist, request.Login)); } resourceOwner.Password = PasswordHelper.ComputeHash(request.Password); var result = await _resourceOwnerRepository.UpdateAsync(resourceOwner); if (!result) { throw new IdentityServerManagerException(ErrorCodes.InternalErrorCode, ErrorDescriptions.ThePasswordCannotBeUpdated); } return(true); }
public override async Task <IActionResult> Handle(HandlerContext context, CancellationToken cancellationToken) { try { _passwordGrantTypeValidator.Validate(context); var oauthClient = await AuthenticateClient(context, cancellationToken); context.SetClient(oauthClient); var scopes = ScopeHelper.Validate(context.Request.RequestData.GetStr(TokenRequestParameters.Scope), oauthClient.AllowedScopes.Select(s => s.Name)); var userName = context.Request.RequestData.GetStr(TokenRequestParameters.Username); var password = context.Request.RequestData.GetStr(TokenRequestParameters.Password); var user = await _oauthUserRepository.FindOAuthUserByLoginAndCredential(userName, "pwd", PasswordHelper.ComputeHash(password), cancellationToken); if (user == null) { return(BuildError(HttpStatusCode.BadRequest, ErrorCodes.INVALID_GRANT, ErrorMessages.BAD_USER_CREDENTIAL)); } context.SetUser(user); var result = BuildResult(context, scopes); foreach (var tokenBuilder in _tokenBuilders) { await tokenBuilder.Build(scopes, context, cancellationToken); } _tokenProfiles.First(t => t.Profile == context.Client.PreferredTokenProfile).Enrich(context); foreach (var kvp in context.Response.Parameters) { result.Add(kvp.Key, kvp.Value); } return(new OkObjectResult(result)); } catch (OAuthUnauthorizedException ex) { return(BuildError(HttpStatusCode.Unauthorized, ex.Code, ex.Message)); } catch (OAuthException ex) { return(BuildError(HttpStatusCode.BadRequest, ex.Code, ex.Message)); } }
public static List <ResourceOwner> Users() { return(new List <ResourceOwner> { new ResourceOwner { Id = "administrator", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "administrator"), new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Role, "administrator"), new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.PhoneNumber, "phone"), new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Address, "{ country : 'france' }") }, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Value = PasswordHelper.ComputeHash("password"), Type = "pwd" }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } }, new ResourceOwner { Id = "user", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "user") }, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Value = PasswordHelper.ComputeHash("password"), Type = "pwd" }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } }, new ResourceOwner { Id = "superuser", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "superuser"), new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Role, "[ 'administrator', 'role' ]") }, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Value = PasswordHelper.ComputeHash("password"), Type = "pwd" }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } }, new ResourceOwner { Id = "blockeduser", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "blockeduser") }, IsBlocked = true, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { Value = PasswordHelper.ComputeHash("password"), ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "pwd", IsBlocked = true }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } }, new ResourceOwner { Id = "toomanyattemps", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "toomanyattemps") }, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { NumberOfAttempts = 10, FirstAuthenticationFailureDateTime = DateTime.UtcNow.AddSeconds(-1), Value = PasswordHelper.ComputeHash("password"), Type = "pwd" }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } }, new ResourceOwner { Id = "expired", Claims = new List <Claim> { new Claim(Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject, "expired") }, Credentials = new List <ResourceOwnerCredential> { new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(-2), Value = PasswordHelper.ComputeHash("password"), Type = "pwd" }, new ResourceOwnerCredential { ExpirationDateTime = DateTime.UtcNow.AddDays(2), Type = "sms" } } } }); }
public async Task <string> Execute(AddUserParameter addUserParameter, string issuer = null) { if (addUserParameter == null) { throw new ArgumentNullException(nameof(addUserParameter)); } if (string.IsNullOrWhiteSpace(addUserParameter.Password)) { throw new ArgumentNullException(nameof(addUserParameter.Password)); } var subject = await _subjectBuilder.BuildSubject().ConfigureAwait(false); // 1. Check the resource owner already exists. if (await _resourceOwnerRepository.GetAsync(subject) != null) { throw new IdentityServerException(Errors.ErrorCodes.UnhandledExceptionCode, Errors.ErrorDescriptions.TheRoWithCredentialsAlreadyExists); } var newClaims = new List <Claim> { new Claim(Jwt.Constants.StandardResourceOwnerClaimNames.UpdatedAt, DateTime.UtcNow.ToString()), new Claim(Jwt.Constants.StandardResourceOwnerClaimNames.Subject, subject) }; // 2. Populate the claims. var existedClaims = await _claimRepository.GetAllAsync().ConfigureAwait(false); if (addUserParameter.Claims != null) { foreach (var claim in addUserParameter.Claims) { if (!newClaims.Any(nc => nc.Type == claim.Type) && existedClaims.Any(c => c.Code == claim.Type)) { newClaims.Add(claim); } } } var isFilterValid = true; var userFilterResult = await _accountFilter.Check(newClaims).ConfigureAwait(false); if (!userFilterResult.IsValid) { isFilterValid = false; foreach (var ruleResult in userFilterResult.AccountFilterRules) { if (!ruleResult.IsValid) { _openidEventSource.Failure($"the filter rule '{ruleResult.RuleName}' failed"); foreach (var errorMessage in ruleResult.ErrorMessages) { _openidEventSource.Failure(errorMessage); } } } } if (!isFilterValid) { throw new IdentityServerException(Errors.ErrorCodes.InternalError, Errors.ErrorDescriptions.TheUserIsNotAuthorized); } // 3. Add the scim resource. if (_userClaimsEnricherLst != null) { foreach (var userClaimsEnricher in _userClaimsEnricherLst) { await userClaimsEnricher.Enrich(newClaims).ConfigureAwait(false); } } // 4. Add the resource owner. var newResourceOwner = new ResourceOwner { Id = subject, Claims = newClaims, TwoFactorAuthentication = string.Empty, IsLocalAccount = true, Password = PasswordHelper.ComputeHash(addUserParameter.Password) }; if (!await _resourceOwnerRepository.InsertAsync(newResourceOwner)) { throw new IdentityServerException(Errors.ErrorCodes.UnhandledExceptionCode, Errors.ErrorDescriptions.TheResourceOwnerCannotBeAdded); } // 5. Link to a profile. if (!string.IsNullOrWhiteSpace(issuer)) { await _linkProfileAction.Execute(subject, addUserParameter.ExternalLogin, issuer).ConfigureAwait(false); } _openidEventSource.AddResourceOwner(newResourceOwner.Id); return(subject); }
/// <summary> /// This method sets password of UserModel from parameter to username form parameter. /// </summary> /// <param name="user">UserModel that should have the password set.</param> /// <param name="password">New password to be set.</param> /// <returns>Number of rows affected.</returns> public int SetPassword(UserModel user, string password) { user.PasswordSalt = PasswordHelper.GetSalt(); user.PasswordHash = PasswordHelper.ComputeHash(user.PasswordSalt + password); return(databaseContext.SaveChanges()); }
public IActionResult PasswordChange([FromBody] PasswordChangeStructure passwords) { // List of messages to return to the client var messages = new List <Message>(); // Authentication var controllerHelper = new ControllerHelper(context); var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity); if (authUserModel == null) { return(Unauthorized()); } // Authorization - none, because every logged user is authorized to change an own password. #region VALIDATIONS // All passwords must not be null or empty strings if (String.IsNullOrEmpty(passwords.OldPassword) || String.IsNullOrEmpty(passwords.NewPassword) || String.IsNullOrEmpty(passwords.NewPasswordCopy)) { messages.Add(new Message(MessageTypeEnum.Error, 5001, new List <string>())); return(BadRequest(messages)); } // Both new passwords must be equal if (passwords.NewPassword != passwords.NewPasswordCopy) { messages.Add(new Message(MessageTypeEnum.Error, 5002, new List <string>())); return(BadRequest(messages)); } // Old password must be correct if (authUserModel.PasswordHash != PasswordHelper.ComputeHash(authUserModel.PasswordSalt + passwords.OldPassword)) { messages.Add(new Message(MessageTypeEnum.Error, 5003, new List <string>())); return(BadRequest(messages)); } // If passwords are required to be safer by application descriptor if (authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Safer == true) { var sharedValidationHelper = new SharedValidationHelper(); if (!sharedValidationHelper.IsPasswordSafer(passwords.NewPassword)) { messages.Add(new Message(MessageTypeEnum.Error, 5004, new List <string>())); return(BadRequest(messages)); } } // If minimal password length is set var minPasswordLength = authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min; if (minPasswordLength != null) { if (passwords.NewPassword.Length < minPasswordLength) { messages.Add(new Message(MessageTypeEnum.Error, 5006, new List <string>() { minPasswordLength.ToString(), passwords.NewPassword.Length.ToString() })); return(BadRequest(messages)); } } #endregion // Setting new password var userRepository = new UserRepository(context); userRepository.SetPassword(authUserModel, passwords.NewPassword); messages.Add(new Message(MessageTypeEnum.Info, 5005, new List <string>())); return(Ok(messages)); }
/// <summary> /// 添加种子数据方便测试 /// </summary> /// <param name="context"></param> public static void SeedData() { using (var context = new FocusDbContext()) { if (!context.Users.Any())//添加用户种子数据 { var salt = PasswordHelper.GenerateSalt(); var users = new List <User> { new User { Id = "ede7cad9-692c-4563-9adb-7eb2a37048a9", Account = "admin", Salt = salt, Password = PasswordHelper.ComputeHash("123456", salt), RoleId = "938858c1-e722-4360-a645-7ace8b1cf683", CreatedTime = DateTime.Now, Enabled = true, IsDeleted = false, CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1", }, new User { Id = "962fa3fe-d29a-4bc6-b137-62aa90d713e2", Account = "system", Salt = salt, Password = PasswordHelper.ComputeHash("123456", salt), RoleId = "d3390e64-0ea4-47dc-9159-07c16ca905aa", CreatedTime = DateTime.Now, Enabled = true, IsDeleted = false, CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1" }, }; context.Users.AddRange(users); } if (!context.Roles.Any())//添加角色种子数据 { var roles = new List <Role>() { new Role { Id = "938858c1-e722-4360-a645-7ace8b1cf683", Code = "system", Name = "系统管理员", CreatedTime = DateTime.Now, Enabled = true, CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9", IsDeleted = false, CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1" }, new Role { Id = "d3390e64-0ea4-47dc-9159-07c16ca905aa", Code = "administrator", Name = "超级管理员", CreatedTime = DateTime.Now, Enabled = true, CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9", IsDeleted = false, CompanyId = "b735380d-e292-4bf4-b735-1286b165d5e1" } }; context.Roles.AddRange(roles); } if (!context.Modules.Any())//添加模块菜单种子数据 { var modules = new List <Module>() { new Module { Id = "1e8b7c2d-a72f-4a1b-b3fc-30edef4fda76", ParentId = string.Empty, Name = "基础配置", Url = string.Empty, Category = Domain.Enums.ModuleCategory.Catelog, Icon = "fa fa-gears", Rank = 1, SortNumber = 1, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a", ParentId = string.Empty, Name = "系统管理", Url = string.Empty, Category = Domain.Enums.ModuleCategory.Catelog, Icon = "fa fa-desktop", Rank = 1, SortNumber = 2, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "1c863c82-5937-452c-b3e3-71710ac829ee", ParentId = "1e8b7c2d-a72f-4a1b-b3fc-30edef4fda76", Name = "数据字典", Url = "/Dictionary/Index", Category = Domain.Enums.ModuleCategory.Page, Rank = 2, SortNumber = 1, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "82cf950d-8d1c-40ec-a1cd-8b58a4818da0", ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a", Name = "用户管理", Url = "/User/Index", Category = Domain.Enums.ModuleCategory.Page, Rank = 2, SortNumber = 1, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "530da57d-43a2-42f2-9cff-e21f766c334a", ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a", Name = "角色管理", Url = "/Role/Index", Category = Domain.Enums.ModuleCategory.Page, Rank = 2, SortNumber = 2, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "ad368108-4777-4672-b56d-104b6d227168", ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a", Name = "公司管理", Url = "/Company/Index", Category = Domain.Enums.ModuleCategory.Page, Rank = 2, SortNumber = 3, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true }, new Module { Id = "0d5c486f-4ee1-4c7c-90e5-73f01173bbe0", ParentId = "6ae17edf-d645-43f0-b6f0-f081e27f7c4a", Name = "模块管理", Url = "/Module/Index", Category = Domain.Enums.ModuleCategory.Page, Rank = 2, SortNumber = 4, IsExpanded = false, IsDeleted = false, CreatedTime = DateTime.Now, Enabled = true } }; context.Modules.AddRange(modules); } if (!context.DictionaryTypes.Any()) { var dictionaryTypes = new List <DictionaryType> { new DictionaryType { Id = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee", ParentId = string.Empty, Name = "通用数据字典", SortNumber = 1, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryType { Id = "0435ebf6-71a8-466b-a7a5-fada1638eaca", ParentId = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee", Name = "婚姻", SortNumber = 2, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryType { Id = "8f54f12f-3154-4312-8595-4e5f341c0387", ParentId = "3fa89a89-9a5f-4dc6-886d-edc6b9d074ee", Name = "学历", SortNumber = 3, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false } }; context.DictionaryTypes.AddRange(dictionaryTypes); } if (!context.DictionaryDetails.Any()) { var dictionaryDetails = new List <DictionaryDetail>() { new DictionaryDetail { TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca", Id = "2d861175-8632-410a-80f2-a8f634ced7a7", Name = "未婚", SortNumber = 1, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryDetail { TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca", Id = "def9ecc7-d7cd-4a84-be40-efcfdd44cba4", Name = "已婚", SortNumber = 2, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryDetail { TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca", Id = "672a39d8-954b-499c-8b37-d8d03ad966c0", Name = "离异", SortNumber = 3, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryDetail { TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca", Id = "e9776b4e-ac6e-4c2a-a3e6-9b56cbce7f6d", Name = "丧偶", SortNumber = 4, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false }, new DictionaryDetail { TypeId = "0435ebf6-71a8-466b-a7a5-fada1638eaca", Id = "82bccc1a-2f50-40c9-9f14-945d148e1e16", Name = "其他", SortNumber = 5, Enabled = true, CreatedTime = DateTime.Now, IsDeleted = false } }; context.DictionaryDetails.AddRange(dictionaryDetails); } if (!context.Companies.Any()) { var company = new Company { Id = "b735380d-e292-4bf4-b735-1286b165d5e1", FullName = "Focus集团", ShortName = "Focus Group", Nature = string.Empty, Website = "https://cn.bing.com/", Email = "*****@*****.**", Creator = "focus", Contact = "focus", Phone = "123456789", Address = "中国广东深圳", Enabled = true, CreatedBy = "ede7cad9-692c-4563-9adb-7eb2a37048a9", CreatedTime = DateTime.Now, IsDeleted = false }; context.Companies.Add(company); } context.SaveChanges(); } }
public ActionResult Edit(USERTABLEVIEW2 uSERTABLE) { //cek role user, apabila bukan user maka tidak diperbolehkan if (Session["userRole"].ToString() != "admin") { return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" })); } //cek ketersediaan username if (db.USERTABLEs.Where(m => m.USERNAME == uSERTABLE.userName && m.USERID != uSERTABLE.userId).FirstOrDefault() != null) { ViewBag.USERNAMENOT = "Username exists"; ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID); uSERTABLE.userPassword = null; return(View(uSERTABLE)); } if (ModelState.IsValid) { //cek row lama di database var myUser = db.USERTABLEs.Find(uSERTABLE.userId); myUser.USERNAME = uSERTABLE.userName; //hashing myUser.USERPASSWORD = PasswordHelper.ComputeHash(uSERTABLE.userPassword, "SHA512", GetBytes("my_secret")); //opsional, user ber-ID 1 akan selalu berstatus aktif if (myUser.USERID == 1) { myUser.STATUSID = 1; } else { //user ber-ID selain 1 akan mengikuti status yang telah dipilih di form sebelumnya myUser.STATUSID = uSERTABLE.STATUSID.Value; } //hapus role user di database foreach (var item in db.USERROLEs) { if (item.USERID == uSERTABLE.userId) { db.Entry(item).State = EntityState.Deleted; } } //masukkan role user yang baru foreach (var item in uSERTABLE.userRole) { if (item.Checked) { db.USERROLEs.Add(new USERROLE() { USERID = uSERTABLE.userId, ROLEID = item.Id }); } } db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID); return(View(uSERTABLE)); }
public bool VerifyPassword(string password) { return(!string.IsNullOrEmpty(password) && PasswordHelper.ComputeHash(password, PasswordSalt) == PasswordHash); }
public void AddSharedSecret(string secret) { Secrets.Add(new ClientSecret(ClientSecretTypes.SharedSecret, PasswordHelper.ComputeHash(secret))); }
public IActionResult Create(string email, IFormFile file) { // List of messages to return to the client var messages = new List <Message>(); #region application descriptor validations // File with JSON application descriptor is required if (file == null) { messages.Add(new Message(MessageTypeEnum.Error, 0001, new List <string>())); return(BadRequest(messages)); } // Get JObject from input file JObject applicationDescriptorJObject; using (var reader = new StreamReader(file.OpenReadStream())) { // Try to parse file to JObject - only valid JSON files are parsed try { applicationDescriptorJObject = JObject.Parse(reader.ReadToEnd()); } // If parsing was unsuccessfull, return error message containing location of error catch (JsonReaderException e) { messages.Add(new Message(MessageTypeEnum.Error, 0002, new List <string>() { e.Message })); return(BadRequest(messages)); } } var sharedAppInitHelper = new SharedAppInitHelper(); // With successfully parsed JSON file, validate it against schema var schemaValidationMessages = sharedAppInitHelper.ValidateJSONAgainstSchema(applicationDescriptorJObject); // If validation JSON is not valid return errors if (schemaValidationMessages.Count != 0) { return(BadRequest(schemaValidationMessages)); } // Get ApplicationDescriptor class instance from JObject var applicationDescriptor = applicationDescriptorJObject.ToObject <ApplicationDescriptor>(); // LoginApplicationName must be unique var applicationRepository = new ApplicationRepository(context); var applicationModel = applicationRepository.GetByLoginApplicationName(applicationDescriptor.LoginApplicationName); if (applicationModel != null) { messages.Add(new Message(MessageTypeEnum.Error, 0003, new List <string>() { applicationDescriptor.LoginApplicationName })); } // Validate datasets and attributes messages.AddRange(sharedAppInitHelper.ValidateDescriptor(applicationDescriptor)); if (messages.Count != 0) { return(BadRequest(messages)); } #endregion // Set default values to the application descriptor sharedAppInitHelper.SetDefaultDescriptorValues(applicationDescriptor); #region create new application using (var transaction = context.Database.BeginTransaction()) { // Create new application and add it to the database var serializedApplicationDescriptor = JsonConvert.SerializeObject(applicationDescriptor); var newApplication = new ApplicationModel { LoginApplicationName = applicationDescriptor.LoginApplicationName, ApplicationDescriptorJSON = serializedApplicationDescriptor }; applicationRepository.Add(newApplication); // Create new admin account for the application // Random password string newPassword; var minPasswordLength = applicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min; if (minPasswordLength != null) { newPassword = PasswordHelper.GenerateRandomPassword((int)minPasswordLength); } else { newPassword = PasswordHelper.GenerateRandomPassword(Constants.MinSaferPasswordLength); } // Admin rights var appInitHelper = new AppInitHelper(); var newRights = appInitHelper.GetAdminRights(newApplication, applicationDescriptor); var rightsRepository = new RightsRepository(context); rightsRepository.Add(newRights); var salt = PasswordHelper.GetSalt(); var newUser = new UserModel { Application = newApplication, PasswordHash = PasswordHelper.ComputeHash(salt + newPassword), PasswordSalt = salt, Data = appInitHelper.GetDefaultAdminDataDictionary(applicationDescriptor.SystemDatasets.UsersDatasetDescriptor), Rights = newRights, Language = applicationDescriptor.DefaultLanguage }; var userRepository = new UserRepository(context); userRepository.Add(newUser); // Try to send login details to admin account to email from parametres try { appInitHelper.SendEmailWithCredentials(email, applicationDescriptor.ApplicationName, newApplication.LoginApplicationName, newPassword); } catch { messages.Add(new Message(MessageTypeEnum.Error, 0025, new List <string>() { email })); return(BadRequest(messages)); } // Commit all transaction.Commit(); } // If everythong was ok, save changes to the database context.SaveChangesAsync(); #endregion messages.Add(new Message(MessageTypeEnum.Info, 0026, new List <string>() { applicationDescriptor.ApplicationName, email })); return(Ok(messages)); }