Provision
/
UnivatePropertiesAPI
Следить 0
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
API
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
1 коммит
1 ветка
Дерево: 33a914aed2
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '33a914aed2'
${ noResults }
UnivatePropertiesAPI/UnivateProperties_API/Repository/Users/RegisterRepository.cs

RegisterRepository.cs 11KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325 
  1. using Microsoft.AspNetCore.Authorization;

  2. using Microsoft.EntityFrameworkCore;

  3. using Microsoft.Extensions.Options;

  4. using Microsoft.IdentityModel.Tokens;

  5. using System;

  6. using System.Collections.Generic;

  7. using System.IdentityModel.Tokens.Jwt;

  8. using System.Linq;

  9. using System.Security.Claims;

  10. using System.Text;

  11. using UnivateProperties_API.Containers;

  12. using UnivateProperties_API.Containers.Users;

  13. using UnivateProperties_API.Context;

  14. using UnivateProperties_API.Helpers;

  15. using UnivateProperties_API.Model.Users;

  16. 

  17. namespace UnivateProperties_API.Repository.Users

  18. {

  19.     public class RegisterRepository : IRegisterRepository

  20.     {

  21.         private readonly DataContext _dbContext;

  22. 

  23.         private readonly AppSettings _appSettings;

  24. 

  25.         public RegisterRepository(DataContext dbContext, IOptions<AppSettings> appSettings)

  26.         {

  27.             _dbContext = dbContext;

  28.             _appSettings = appSettings.Value;

  29.         }

  30. 

  31.         public User Authenticate(string username, string password)

  32.         {

  33.             if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))

  34.                 return null;

  35. 

  36.             var user = _dbContext.Users.SingleOrDefault(x => x.Username == username);

  37. 

  38.             // check if username exists

  39.             if (user == null)

  40.                 return null;

  41. 

  42.             // check if password is correct

  43.             if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))

  44.                 return null;

  45. 

  46.             // authentication successful

  47.             return user;

  48.         }

  49. 

  50.         public User Create(User user, string password, bool save)

  51.         {

  52.             // validation

  53.             if (string.IsNullOrWhiteSpace(password))

  54.                 throw new AppException("Password is required");

  55. 

  56.             if (_dbContext.Users.Any(x => x.Username == user.Username))

  57.                 throw new AppException("Username \"" + user.Username + "\" is already taken");

  58. 

  59.             byte[] passwordHash, passwordSalt;

  60.             CreatePasswordHash(password, out passwordHash, out passwordSalt);

  61. 

  62.             user.PasswordHash = passwordHash;

  63.             user.PasswordSalt = passwordSalt;

  64. 

  65.             _dbContext.Users.Add(user);

  66.             if (save)

  67.             {

  68.                 _dbContext.SaveChanges();

  69.             }

  70. 

  71.             return user;

  72.         }

  73. 

  74.         public Agency CreateAgency(AgencyDto agency)

  75.         {

  76.             // validation

  77.             if (string.IsNullOrWhiteSpace(agency.EaabeffcNumber))

  78.                 throw new AppException("eaabeffcNumber is required");

  79. 

  80.             if (_dbContext.Agencies.Any(x => x.EAABEFFCNumber == agency.EaabeffcNumber))

  81.                 throw new AppException("eaabeffcNumber \"" + agency.EaabeffcNumber + "\" already exists");

  82. 

  83.             Agency a = new Agency()

  84.             {

  85.                 AgencyName = agency.Name,

  86.                 EAABEFFCNumber = agency.EaabeffcNumber,

  87.                 CompanyRegNumber = agency.RegNo

  88.             };

  89. 

  90.             _dbContext.Agencies.Add(a);

  91.             CreatePerson(agency.User, PersonType.Agent, false, a);

  92. 

  93.             _dbContext.SaveChanges();

  94. 

  95.             return a;

  96.         }

  97. 

  98.         public void CreatePerson(UserDto individual, PersonType personType, bool save, Agency agency)

  99.         {

  100.             // validation

  101.             if (string.IsNullOrWhiteSpace(individual.Password))

  102.                 throw new AppException("Password is required");

  103. 

  104.             if (_dbContext.Users.Any(x => x.Username == individual.Username))

  105.                 throw new AppException("Individual \"" + individual.Username + "\" is already taken");

  106.             byte[] passwordHash, passwordSalt;

  107. 

  108.             CreatePasswordHash(individual.Password, out passwordHash, out passwordSalt);

  109. 

  110.             User createUser = new User()

  111.             {

  112.                 Username = individual.Username,

  113.                 PasswordHash = passwordHash,

  114.                 PasswordSalt = passwordSalt

  115.             };

  116.             Create(createUser, individual.Password, save);

  117.             Person person = new Person()

  118.             {

  119.             };

  120.             if (personType == PersonType.Agent)

  121.             {

  122.                 Agent agent = new Agent()

  123.                 {

  124.                     Name = individual.Name,

  125.                     Surname = individual.Surname,

  126.                     User = createUser,

  127.                     Email = individual.Email,

  128.                     CellNumber = individual.CellNumber,

  129.                     Telephone = individual.Telephone,

  130.                     Agency = agency

  131.                 };

  132.                 _dbContext.Agents.Add(agent);

  133.             }

  134.             else if (personType == PersonType.Individual)

  135.             {

  136.                 Individual i = new Individual()

  137.                 {

  138.                     Name = individual.Name,

  139.                     Surname = individual.Surname,

  140.                     User = createUser,

  141.                     Email = individual.Email,

  142.                     CellNumber = individual.CellNumber,

  143.                     Telephone = individual.Telephone

  144.                 };

  145.                 _dbContext.Individuals.Add(i);

  146.             }

  147.             if (save)

  148.             {

  149.                 Save();

  150.             }

  151.         }

  152. 

  153.         public void UpdatePerson(Person person, PersonType personType)

  154.         {

  155.             if (personType == PersonType.Agent)

  156.             {

  157.                 var item = (person as Agent);

  158.                 _dbContext.Entry(item).State = EntityState.Modified;

  159.                 Save();

  160.             }

  161.             else if (personType == PersonType.Individual)

  162.             {

  163.                 var item = (person as Individual);

  164.                 _dbContext.Entry(item).State = EntityState.Modified;

  165.                 Save();

  166.             }

  167.         }

  168. 

  169.         public void Update(User userParam, string password = null)

  170.         {

  171.             var user = _dbContext.Users.Find(userParam.Id);

  172. 

  173.             if (user == null)

  174.                 throw new AppException("User not found");

  175. 

  176.             if (userParam.Username != user.Username)

  177.             {

  178.                 // username has changed so check if the new username is already taken

  179.                 if (_dbContext.Users.Any(x => x.Username == userParam.Username))

  180.                     throw new AppException("Username " + userParam.Username + " is already taken");

  181.             }

  182. 

  183.             // update user properties

  184.             user.Name = userParam.Name;

  185.             user.Surname = userParam.Surname;

  186.             user.Username = userParam.Username;

  187. 

  188.             // update password if it was entered

  189.             if (!string.IsNullOrWhiteSpace(password))

  190.             {

  191.                 byte[] passwordHash, passwordSalt;

  192.                 CreatePasswordHash(password, out passwordHash, out passwordSalt);

  193. 

  194.                 user.PasswordHash = passwordHash;

  195.                 user.PasswordSalt = passwordSalt;

  196.             }

  197. 

  198.             _dbContext.Users.Update(user);

  199.             _dbContext.SaveChanges();

  200.         }

  201. 

  202.         public void UpdateAgency(Agency agencyParam, string agencyname = null)

  203.         {

  204.             var agency = _dbContext.Agencies.Find(agencyParam.Id);

  205. 

  206.             if (agency == null)

  207.                 throw new AppException("Agency not found");

  208. 

  209.             if (agencyParam.AgencyName != agency.AgencyName)

  210.             {

  211.                 // username has changed so check if the new username is already taken

  212.                 if (_dbContext.Agencies.Any(x => x.AgencyName == agencyParam.AgencyName))

  213.                     throw new AppException("AgencyName " + agencyParam.AgencyName + " is already taken");

  214.             }

  215. 

  216.             // update user properties

  217.             agency.AgencyName = agencyParam.AgencyName;

  218.             agency.EAABEFFCNumber = agencyParam.EAABEFFCNumber;

  219.             agency.CompanyRegNumber = agencyParam.CompanyRegNumber;

  220. 

  221.             // update password if it was entered

  222.             _dbContext.Agencies.Update(agency);

  223.             _dbContext.SaveChanges();

  224.         }

  225. 

  226.         [Authorize(Roles = Role.SuperAdmin)]

  227.         public IEnumerable<User> GetAllUsers()

  228.         {

  229.             return _dbContext.Users;

  230.         }

  231. 

  232.         [Authorize(Roles = Role.SuperAdmin)]

  233.         public IEnumerable<Agency> GetAllAgencies()

  234.         {

  235.             return _dbContext.Agencies;

  236.         }

  237. 

  238.         [Authorize(Roles = Role.SuperAdmin)]

  239.         public IEnumerable<Individual> GetAllIndividuals()

  240.         {

  241.             return _dbContext.Individuals;

  242.         }

  243. 

  244.         public User GetById(int id)

  245.         {

  246.             return _dbContext.Users.Find(id);

  247.         }

  248. 

  249.         public Agency GetByAgencyId(int id)

  250.         {

  251.             return _dbContext.Agencies.Find(id);

  252.         }

  253. 

  254.         public Individual GetByIndividualId(int id)

  255.         {

  256.             return _dbContext.Individuals.Find(id);

  257.         }

  258. 

  259.         public void Delete(int id)

  260.         {

  261.             var user = _dbContext.Users.Find(id);

  262.             if (user != null)

  263.             {

  264.                 _dbContext.Users.Remove(user);

  265.                 _dbContext.SaveChanges();

  266.             }

  267.         }

  268. 

  269.         public void DeleteAgency(int id)

  270.         {

  271.             var agency = _dbContext.Agencies.Find(id);

  272.             if (agency != null)

  273.             {

  274.                 _dbContext.Remove(agency);

  275.                 _dbContext.SaveChanges();

  276.             }

  277.         }

  278. 

  279.         public void DeleteIndividual(int id)

  280.         {

  281.             var individual = _dbContext.Individuals.Find(id);

  282.             if (individual != null)

  283.             {

  284.                 _dbContext.Individuals.Remove(individual);

  285.                 _dbContext.SaveChanges();

  286.             }

  287.         }

  288. 

  289.         private void Save()

  290.         {

  291.             _dbContext.SaveChanges();

  292.         }

  293. 

  294.         private static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)

  295.         {

  296.             if (password == null) throw new ArgumentNullException("password");

  297.             if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");

  298. 

  299.             using (var hmac = new System.Security.Cryptography.HMACSHA512())

  300.             {

  301.                 passwordSalt = hmac.Key;

  302.                 passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));

  303.             }

  304.         }

  305. 

  306.         private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)

  307.         {

  308.             if (password == null) throw new ArgumentNullException("password");

  309.             if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");

  310.             if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");

  311.             if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");

  312. 

  313.             using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))

  314.             {

  315.                 var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));

  316.                 for (int i = 0; i < computedHash.Length; i++)

  317.                 {

  318.                     if (computedHash[i] != storedHash[i]) return false;

  319.                 }

  320.             }

  321. 

  322.             return true;

  323.         }

  324.     }

  325. }