public void ChangeUserPassword(ChangePasswordDto infos) { Logger.LogInformation($"Change password from user {infos.UserName}"); Validate(infos); using (var context = RepositoriesFactory.CreateContext()) { var local = this.GetErrorStringLocalizer(); var userRepo = RepositoriesFactory.GetUserRepository(context); var user = userRepo.GetByUserName(infos.UserName); if (user == null || !user.IsValid) { throw new DaOAuthServiceException(local["ChangeUserPasswordUserInvalid"]); } if (!EncryptionService.AreEqualsSha256( String.Concat(Configuration.PasswordSalt, infos.OldPassword), user.Password)) { throw new DaOAuthServiceException(local["ChangeUserPasswordPasswordInvalid"]); } if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal)) { throw new DaOAuthServiceException(local["ChangeUserPasswordDifferentsNewPasswords"]); } if (!infos.NewPassword.IsMatchPasswordPolicy()) { throw new DaOAuthServiceException(local["ChangeUserPasswordNewPasswordDontMatchPolicy"]); } user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword)); userRepo.Update(user); context.Commit(); } }
public UserDto GetUser(LoginUserDto credentials) { Logger.LogInformation($"Try to log user {credentials.UserName}"); Validate(credentials); UserDto result = null; using (var c = RepositoriesFactory.CreateContext()) { var repo = RepositoriesFactory.GetUserRepository(c); var user = repo.GetByUserName(credentials.UserName); if (user != null && user.IsValid && EncryptionService.AreEqualsSha256( String.Concat(Configuration.PasswordSalt, credentials.Password), user.Password)) { result = user.ToDto(); Logger.LogInformation($"Log successfull for user {credentials.UserName}"); } } return(result); }
public void SetNewUserPassword(NewPasswordDto infos) { Logger.LogInformation($"Define a new password using JWT token {infos.Token}"); Validate(infos); var local = this.GetErrorStringLocalizer(); var tokenInfos = JwtService.ExtractMailToken(infos.Token); if (!tokenInfos.IsValid) { throw new DaOAuthServiceException(local["SetNewUserPasswordInvalidToken"]); } if (!infos.NewPassword.IsMatchPasswordPolicy()) { throw new DaOAuthServiceException(local["SetNewUserPasswordNewPasswordDontMatchPolicy"]); } if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal)) { throw new DaOAuthServiceException(local["SetNewUserPasswordDifferentsNewPasswords"]); } using (var context = RepositoriesFactory.CreateContext()) { var userRepo = RepositoriesFactory.GetUserRepository(context); var user = userRepo.GetByUserName(tokenInfos.UserName); user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword)); userRepo.Update(user); context.Commit(); } }
public int CreateUser(CreateUserDto toCreate) { Logger.LogInformation($"Try creating a new user {toCreate.UserName}"); IList <ValidationResult> ExtendValidation(CreateUserDto toValidate) { var errorResource = this.GetErrorStringLocalizer(); IList <ValidationResult> result = new List <ValidationResult>(); if (!String.IsNullOrEmpty(toCreate.Password) && !String.IsNullOrEmpty(toCreate.RepeatPassword) && !toCreate.Password.Equals(toCreate.RepeatPassword, StringComparison.Ordinal)) { result.Add(new ValidationResult(errorResource["CreateUserPasswordDontMatch"])); } if (!toValidate.Password.IsMatchPasswordPolicy()) { result.Add(new ValidationResult(errorResource["CreateUserPasswordPolicyFailed"])); } using (var c = RepositoriesFactory.CreateContext()) { var repo = RepositoriesFactory.GetUserRepository(c); if (repo.GetByUserName(toCreate.UserName) != null) { result.Add(new ValidationResult(String.Format(errorResource["CreateUserUserNameExists"], toCreate.UserName))); } if (repo.GetByEmail(toCreate.EMail) != null) { result.Add(new ValidationResult(String.Format(errorResource["CreateUserEmailExists"], toCreate.EMail))); } } return(result); } Logger.LogInformation(String.Format("Try to create user {0}", toCreate != null ? toCreate.UserName : String.Empty)); Validate(toCreate, ExtendValidation); var idCreated = 0; var mailResource = this.GetMailStringLocalizer(); var u = new User() { BirthDate = toCreate.BirthDate, CreationDate = DateTime.Now, EMail = toCreate.EMail, FullName = toCreate.FullName, IsValid = false, ValidationToken = RandomService.GenerateRandomString(32), Password = EncryptionService.Sha256Hash(string.Concat(Configuration.PasswordSalt, toCreate.Password)), UserName = toCreate.UserName }; using (var c = RepositoriesFactory.CreateContext()) { var repo = RepositoriesFactory.GetUserRepository(c); repo.Add(u); var userRoleRepo = RepositoriesFactory.GetUserRoleRepository(c); var roleRepo = RepositoriesFactory.GetRoleRepository(c); var myRole = roleRepo.GetById((int)ERole.USER); if (myRole != null) { userRoleRepo.Add(new UserRole() { RoleId = myRole.Id, UserId = u.Id }); } var link = new Uri(String.Format(Configuration.ValidateAccountPageUrl, u.UserName, u.ValidationToken)); MailService.SendEmail(new SendEmailDto() { Body = String.Format(mailResource["MailValidateAccountBody"], u.UserName, link.AbsoluteUri), IsHtml = true, Receviers = new Dictionary <string, string>() { { u.EMail, u.EMail } }, Sender = new KeyValuePair <string, string>("*****@*****.**", "no reply"), Subject = mailResource["MailValidateAccountSubject"] }); c.Commit(); idCreated = u.Id; } return(idCreated); }