From 4e496467dcc8549605917a44263d78cef40f71bb Mon Sep 17 00:00:00 2001 From: Roy Ben Shabat Date: Sun, 23 Dec 2018 12:44:08 +0200 Subject: Implemented machine studio active directory secure login. --- .../Controllers/MachineStudioController.cs | 31 +++++++++++++--------- .../Controllers/PPCController.cs | 3 +++ .../Helpers/AzureDirectoryHelper.cs | 19 +++++++++++++ .../Tango.MachineService.csproj | 3 ++- 4 files changed, 43 insertions(+), 13 deletions(-) create mode 100644 Software/Visual_Studio/Web/Tango.MachineService/Helpers/AzureDirectoryHelper.cs (limited to 'Software/Visual_Studio/Web/Tango.MachineService') diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs index 8225d75e1..8485cd67d 100644 --- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs +++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs @@ -14,6 +14,7 @@ using Tango.Core.Cryptography; using Tango.MachineService.Helpers; using Tango.MachineService.Models; using Tango.MachineStudio.Common.Authentication; +using System.Data.Entity; using Tango.MachineStudio.Common.Update; namespace Tango.MachineService.Controllers @@ -191,40 +192,45 @@ namespace Tango.MachineService.Controllers #endregion + [HttpPost] public LoginResponse Login(LoginRequest request) { - var authContext = new AuthenticationContext("https://login.microsoftonline.com/2ebd63a5-bc2f-41dc-9066-4409ed5e5dd4"); - UserCredential userCredential = new UserCredential(request.Email, request.Password); - AuthenticationResult authResult = authContext.AcquireToken("https://graph.windows.net/", "ec612854-7abc-457b-808a-5d0c5ba80c57", userCredential); + AuthenticationResult authResult = AzureDirectoryHelper.AuthenticateUser(request.Email, request.Password); using (ObservablesContext db = ObservablesContextHelper.CreateContext()) { - db.Roles.ToList(); db.Permissions.ToList(); db.UsersRoles.ToList(); db.RolesPermissions.ToList(); - var user = db.Users.SingleOrDefault(x => x.Email.ToLower() == request.Email.ToLower() && x.Password == request.Password); + var user = db.Users.SingleOrDefault(x => x.Email.ToLower() == request.Email.ToLower()); + + IHashGenerator g = new BasicHashGenerator(); if (user == null) { //Than add the user !! - - IHashGenerator g = new BasicHashGenerator(); - - BL.Entities.User new_user = new User(); + User new_user = new User(); new_user.Email = request.Email; - new_user.Password = g.Encrypt("Aa123456"); - new_user.Organization = db.Organizations.Single(x => x.Name == "Twine"); - new_user.Address = new Address() { }; + new_user.Password = g.Encrypt(request.Password); + new_user.Organization = db.Organizations.Include(x => x.Address).Single(x => x.Name == "Twine"); + new_user.Address = new_user.Organization.Address.Clone(); new_user.Contact = new Contact() { FirstName = authResult.UserInfo.GivenName, LastName = authResult.UserInfo.FamilyName, + FullName = authResult.UserInfo.GivenName + " " + authResult.UserInfo.FamilyName, + Email = request.Email, }; new_user.Roles.Add(db.Roles.Single(x => (Roles)x.Code == Roles.User)); } + else + { + user.Password = g.Encrypt(request.Password); + } + + db.SaveChanges(); } return new LoginResponse() @@ -234,6 +240,7 @@ namespace Tango.MachineService.Controllers Address = Config.DB_ADDRESS, Catalog = Config.DB_CATALOG, Type = Core.DataSourceType.Azure, + IntegratedSecurity = false, UserName = request.Email, Password = request.Password, } diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/PPCController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/PPCController.cs index 662883223..68f597fcc 100644 --- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/PPCController.cs +++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/PPCController.cs @@ -108,6 +108,7 @@ namespace Tango.MachineService.Controllers Catalog = Config.DB_CATALOG, UserName = credentials.UserName, Password = credentials.Password, + IntegratedSecurity = false, Type = DataSourceType.SQLServer, }; @@ -173,6 +174,7 @@ namespace Tango.MachineService.Controllers Catalog = Config.DB_CATALOG, UserName = credentials.UserName, Password = credentials.Password, + IntegratedSecurity = false, Type = DataSourceType.SQLServer, }; } @@ -249,6 +251,7 @@ namespace Tango.MachineService.Controllers Catalog = Config.DB_CATALOG, UserName = credentials.UserName, Password = credentials.Password, + IntegratedSecurity = false, Type = DataSourceType.SQLServer, }; } diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Helpers/AzureDirectoryHelper.cs b/Software/Visual_Studio/Web/Tango.MachineService/Helpers/AzureDirectoryHelper.cs new file mode 100644 index 000000000..fe7733323 --- /dev/null +++ b/Software/Visual_Studio/Web/Tango.MachineService/Helpers/AzureDirectoryHelper.cs @@ -0,0 +1,19 @@ +using Microsoft.IdentityModel.Clients.ActiveDirectory; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Web; + +namespace Tango.MachineService.Helpers +{ + public static class AzureDirectoryHelper + { + public static AuthenticationResult AuthenticateUser(String email, String password) + { + var authContext = new AuthenticationContext("https://login.microsoftonline.com/2ebd63a5-bc2f-41dc-9066-4409ed5e5dd4"); + UserCredential userCredential = new UserCredential(email, password); + AuthenticationResult authResult = authContext.AcquireToken("https://graph.windows.net/", "ec612854-7abc-457b-808a-5d0c5ba80c57", userCredential); + return authResult; + } + } +} \ No newline at end of file diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Tango.MachineService.csproj b/Software/Visual_Studio/Web/Tango.MachineService/Tango.MachineService.csproj index 5b13d8afd..c05cb5fe7 100644 --- a/Software/Visual_Studio/Web/Tango.MachineService/Tango.MachineService.csproj +++ b/Software/Visual_Studio/Web/Tango.MachineService/Tango.MachineService.csproj @@ -277,6 +277,7 @@ + @@ -379,7 +380,7 @@ False - + -- cgit v1.3.1