github/Ombi
1
0
Fork 0
mirror of https://github.com/Ombi-app/Ombi.git synced 2025-08-14 02:26:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Hooked up most of #49 Just the validation messages need to be done.

Browse source 
***NOTE: Due to we are now hashing the passwords and reading from a new table, We will need to create a new administrator account.***
This commit is contained in:
tidusjar 2016-03-22 10:46:24 +00:00
commit 8f7098d048
13 changed files with 250 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

52
PlexRequests.Core/UserMapper.cs
View file

@ -26,11 +26,13 @@
#endregion
using System;
using System.Linq;
using System.Security;
using Nancy;
using Nancy.Authentication.Forms;
using Nancy.Security;
using PlexRequests.Helpers;
using PlexRequests.Store;
namespace PlexRequests.Core
@ -44,7 +46,7 @@ namespace PlexRequests.Core
private static ISqliteConfiguration Db { get; set; }
public IUserIdentity GetUserFromIdentifier(Guid identifier, NancyContext context)
{
var repo = new UserRepository<UserModel>(Db);
var repo = new UserRepository<UsersModel>(Db);
var user = repo.Get(identifier.ToString());
@ -61,35 +63,65 @@ namespace PlexRequests.Core
public static Guid? ValidateUser(string username, string password)
{
var repo = new UserRepository<UserModel>(Db);
var repo = new UserRepository<UsersModel>(Db);
var users = repo.GetAll();
var userRecord = users.FirstOrDefault(u => u.UserName.Equals(username, StringComparison.InvariantCultureIgnoreCase) && u.Password.Equals(password)); // TODO hashing
if (userRecord == null)
foreach (var u in users)
{
return null;
if (username == u.UserName)
{
var passwordMatch = PasswordHasher.VerifyPassword(password, u.Salt, u.Hash);
if (passwordMatch)
{
return new Guid(u.User);
}
}
}
return new Guid(userRecord.User);
return null;
}
public static bool DoUsersExist()
{
var repo = new UserRepository<UserModel>(Db);
var repo = new UserRepository<UsersModel>(Db);
var users = repo.GetAll();
return users.Any();
}
public static Guid? CreateUser(string username, string password)
{
var repo = new UserRepository<UserModel>(Db);
var repo = new UserRepository<UsersModel>(Db);
var salt = PasswordHasher.GenerateSalt();
var userModel = new UserModel { UserName = username, User = Guid.NewGuid().ToString(), Password = password };
var userModel = new UsersModel { UserName = username, User = Guid.NewGuid().ToString(), Salt = salt, Hash = PasswordHasher.ComputeHash(password, salt)};
repo.Insert(userModel);
var userRecord = repo.Get(userModel.User);
return new Guid(userRecord.User);
}
public static bool UpdateUser(string username, string oldPassword, string newPassword)
{
var repo = new UserRepository<UsersModel>(Db);
var users = repo.GetAll();
var userToChange = users.FirstOrDefault(x => x.UserName == username);
if (userToChange == null)
return false;
var passwordMatch = PasswordHasher.VerifyPassword(oldPassword, userToChange.Salt, userToChange.Hash);
if (!passwordMatch)
{
throw new SecurityException("Password does not match");
}
var newSalt = PasswordHasher.GenerateSalt();
var newHash = PasswordHasher.ComputeHash(newPassword, newSalt);
userToChange.Hash = newHash;
userToChange.Salt = newSalt;
return repo.Update(userToChange);
}
}
}