Provision
/
UnivatePropertiesAPI
关注 0
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
API
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
6 提交
1 分支
目录树: 6b2b21e6f7
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '6b2b21e6f7'
${ noResults }
UnivatePropertiesAPI/UnivateProperties_API/Repository/Users/RegisterRepository.cs

RegisterRepository.cs 9.5KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285 
  1. using Microsoft.AspNetCore.Authorization;

  2. using Microsoft.EntityFrameworkCore;

  3. using Microsoft.Extensions.Options;

  4. using Microsoft.IdentityModel.Tokens;

  5. using System;

  6. using System.Collections.Generic;

  7. using System.IdentityModel.Tokens.Jwt;

  8. using System.Linq;

  9. using System.Security.Claims;

  10. using System.Text;

  11. using UnivateProperties_API.Containers;

  12. using UnivateProperties_API.Containers.Users;

  13. using UnivateProperties_API.Context;

  14. using UnivateProperties_API.Helpers;

  15. using UnivateProperties_API.Model.Users;

  16. 

  17. namespace UnivateProperties_API.Repository.Users

  18. {

  19.     public class RegisterRepository : IRegisterRepository

  20.     {

  21.         private readonly DataContext _dbContext;

  22. 

  23.         private readonly AppSettings _appSettings;

  24. 

  25.         public RegisterRepository(DataContext dbContext, IOptions<AppSettings> appSettings)

  26.         {

  27.             _dbContext = dbContext;

  28.             _appSettings = appSettings.Value;

  29.         }

  30. 

  31.         public User Authenticate(string username, string password)

  32.         {

  33.             if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))

  34.                 return null;

  35. 

  36.             var user = _dbContext.Users.SingleOrDefault(x => x.Username == username);

  37. 

  38.             // check if username exists

  39.             if (user == null)

  40.                 return null;

  41. 

  42.             // check if password is correct

  43.             if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))

  44.                 return null;

  45. 

  46.             // authentication successful

  47.             return user;

  48.         }

  49. 

  50.         public User Create(User user, string password, bool save)

  51.         {

  52.             // validation

  53.             if (string.IsNullOrWhiteSpace(password))

  54.                 throw new AppException("Password is required");

  55. 

  56.             if (_dbContext.Users.Any(x => x.Username == user.Username))

  57.                 throw new AppException("Username \"" + user.Username + "\" is already taken");

  58. 

  59.             byte[] passwordHash, passwordSalt;

  60.             CreatePasswordHash(password, out passwordHash, out passwordSalt);

  61. 

  62.             user.PasswordHash = passwordHash;

  63.             user.PasswordSalt = passwordSalt;

  64. 

  65.             _dbContext.Users.Add(user);

  66.             if (save)

  67.             {

  68.                 _dbContext.SaveChanges();

  69.             }

  70. 

  71.             return user;

  72.         }

  73. 

  74.         public Agency CreateAgency(AgencyDto agency)

  75.         {

  76.             // validation

  77.             if (string.IsNullOrWhiteSpace(agency.EaabeffcNumber))

  78.                 throw new AppException("eaabeffcNumber is required");

  79. 

  80.             if (_dbContext.Agencies.Any(x => x.EAABEFFCNumber == agency.EaabeffcNumber))

  81.                 throw new AppException("eaabeffcNumber \"" + agency.EaabeffcNumber + "\" already exists");

  82. 

  83.             Agency a = new Agency()

  84.             {

  85.                 AgencyName = agency.Name,

  86.                 EAABEFFCNumber = agency.EaabeffcNumber,

  87.                 CompanyRegNumber = agency.RegNo

  88.             };

  89. 

  90.             _dbContext.Agencies.Add(a);

  91.             CreatePerson(agency.User, PersonType.Agent, false, a);

  92. 

  93.             _dbContext.SaveChanges();

  94. 

  95.             return a;

  96.         }

  97. 

  98.         public void CreatePerson(UserDto individual, PersonType personType, bool save, Agency agency)

  99.         {

  100.             // validation

  101.             if (string.IsNullOrWhiteSpace(individual.Password))

  102.                 throw new AppException("Password is required");

  103. 

  104.             if (_dbContext.Users.Any(x => x.Username == individual.Username))

  105.                 throw new AppException("Individual \"" + individual.Username + "\" is already taken");

  106.             byte[] passwordHash, passwordSalt;

  107. 

  108.             CreatePasswordHash(individual.Password, out passwordHash, out passwordSalt);

  109. 

  110.             User createUser = new User()

  111.             {

  112.                 Username = individual.Username,

  113.                 PasswordHash = passwordHash,

  114.                 PasswordSalt = passwordSalt

  115.             };

  116.             Create(createUser, individual.Password, save);

  117.             Person person = new Person()

  118.             {

  119.             };

  120.             if (personType == PersonType.Agent)

  121.             {

  122.                 Agent agent = new Agent()

  123.                 {

  124.                     Name = individual.Name,

  125.                     Surname = individual.Surname,

  126.                     User = createUser,

  127.                     Email = individual.Email,

  128.                     CellNumber = individual.CellNumber,

  129.                     Telephone = individual.Telephone,

  130.                     Agency = agency

  131.                 };

  132.                 _dbContext.Agents.Add(agent);

  133.             }

  134.             else if (personType == PersonType.Individual)

  135.             {

  136.                 Individual i = new Individual()

  137.                 {

  138.                     Name = individual.Name,

  139.                     Surname = individual.Surname,

  140.                     User = createUser,

  141.                     Email = individual.Email,

  142.                     CellNumber = individual.CellNumber,

  143.                     Telephone = individual.Telephone

  144.                 };

  145.                 _dbContext.Individuals.Add(i);

  146.             }

  147.             if (save)

  148.             {

  149.                 Save();

  150.             }

  151.         }

  152. 

  153.         public void Update(User userParam, string password = null)

  154.         {

  155.             var user = _dbContext.Users.Find(userParam.Id);

  156. 

  157.             if (user == null)

  158.                 throw new AppException("User not found");

  159. 

  160.             if (userParam.Username != user.Username)

  161.             {

  162.                 // username has changed so check if the new username is already taken

  163.                 if (_dbContext.Users.Any(x => x.Username == userParam.Username))

  164.                     throw new AppException("Username " + userParam.Username + " is already taken");

  165.             }

  166. 

  167.             // update user properties

  168.             user.Name = userParam.Name;

  169.             user.Surname = userParam.Surname;

  170.             user.Username = userParam.Username;

  171. 

  172.             // update password if it was entered

  173.             if (!string.IsNullOrWhiteSpace(password))

  174.             {

  175.                 byte[] passwordHash, passwordSalt;

  176.                 CreatePasswordHash(password, out passwordHash, out passwordSalt);

  177. 

  178.                 user.PasswordHash = passwordHash;

  179.                 user.PasswordSalt = passwordSalt;

  180.             }

  181. 

  182.             _dbContext.Users.Update(user);

  183.             _dbContext.SaveChanges();

  184.         }

  185. 

  186.         [Authorize(Roles = Role.SuperAdmin)]

  187.         public IEnumerable<User> GetAllUsers()

  188.         {

  189.             return _dbContext.Users;

  190.         }

  191. 

  192.         [Authorize(Roles = Role.SuperAdmin)]

  193.         public IEnumerable<Agency> GetAllAgencies()

  194.         {

  195.             return _dbContext.Agencies;

  196.         }

  197. 

  198.         [Authorize(Roles = Role.SuperAdmin)]

  199.         public IEnumerable<Individual> GetAllIndividuals()

  200.         {

  201.             return _dbContext.Individuals;

  202.         }

  203. 

  204.         public User GetById(int id)

  205.         {

  206.             return _dbContext.Users.Find(id);

  207.         }

  208. 

  209.         public Agency GetByAgencyId(int id)

  210.         {

  211.             return _dbContext.Agencies.Find(id);

  212.         }

  213. 

  214.         public Individual GetByIndividualId(int id)

  215.         {

  216.             return _dbContext.Individuals.Find(id);

  217.         }

  218. 

  219.         public void Delete(int id)

  220.         {

  221.             var user = _dbContext.Users.Find(id);

  222.             if (user != null)

  223.             {

  224.                 _dbContext.Users.Remove(user);

  225.                 _dbContext.SaveChanges();

  226.             }

  227.         }

  228. 

  229.         public void DeleteAgency(int id)

  230.         {

  231.             var agency = _dbContext.Agencies.Find(id);

  232.             if (agency != null)

  233.             {

  234.                 _dbContext.Remove(agency);

  235.                 _dbContext.SaveChanges();

  236.             }

  237.         }

  238. 

  239.         public void DeleteIndividual(int id)

  240.         {

  241.             var individual = _dbContext.Individuals.Find(id);

  242.             if (individual != null)

  243.             {

  244.                 _dbContext.Individuals.Remove(individual);

  245.                 _dbContext.SaveChanges();

  246.             }

  247.         }

  248. 

  249.         private void Save()

  250.         {

  251.             _dbContext.SaveChanges();

  252.         }

  253. 

  254.         private static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)

  255.         {

  256.             if (password == null) throw new ArgumentNullException("password");

  257.             if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");

  258. 

  259.             using (var hmac = new System.Security.Cryptography.HMACSHA512())

  260.             {

  261.                 passwordSalt = hmac.Key;

  262.                 passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));

  263.             }

  264.         }

  265. 

  266.         private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)

  267.         {

  268.             if (password == null) throw new ArgumentNullException("password");

  269.             if (string.IsNullOrWhiteSpace(password)) throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");

  270.             if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");

  271.             if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");

  272. 

  273.             using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))

  274.             {

  275.                 var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));

  276.                 for (int i = 0; i < computedHash.Length; i++)

  277.                 {

  278.                     if (computedHash[i] != storedHash[i]) return false;

  279.                 }

  280.             }

  281. 

  282.             return true;

  283.         }

  284.     }

  285. }