From ec020e4b8e13b86734ad3cf3b7ad9b016ef6e4ed Mon Sep 17 00:00:00 2001 From: Nicola Carminati Date: Wed, 20 Mar 2019 15:41:00 +0100 Subject: [PATCH] added "change password" feature --- Step.Database/Controllers/UsersController.cs | 12 +++ Step.Model/DTOModels/DTOUserModel.cs | 5 ++ Step.Utils/languages/IT.xml | 2 +- Step.Utils/languages/en.xml | 2 +- Step/Controllers/WebApi/UserController.cs | 27 +++++++ Step/Step.csproj | 24 ++++++ Step/packages.config | 77 ++++++++++--------- .../base-components/modal-password-user.ts | 12 ++- .../base-components/modal-password-user.vue | 2 +- Step/wwwroot/src/services/usersService.ts | 6 ++ 10 files changed, 127 insertions(+), 42 deletions(-) diff --git a/Step.Database/Controllers/UsersController.cs b/Step.Database/Controllers/UsersController.cs index 32bffea2..420eb978 100644 --- a/Step.Database/Controllers/UsersController.cs +++ b/Step.Database/Controllers/UsersController.cs @@ -212,6 +212,18 @@ namespace Step.Database.Controllers return GetUserInfo(userId); } + public DTOUserModel UpdateUserPassword(int userId, DTONewPasswordrModel userData) + { + UserModel user = FindById(userId); + if (user != null) + { + user.Password = Crypto.HashPassword(userData.newPassword); + dbCtx.SaveChanges(); + } + + return GetUserInfo(userId); + } + public DTOUserModel UpdateUserRole(int userId, int roleId) { using (MachinesUsersController machineController = new MachinesUsersController()) diff --git a/Step.Model/DTOModels/DTOUserModel.cs b/Step.Model/DTOModels/DTOUserModel.cs index 56ec67cf..f021e091 100644 --- a/Step.Model/DTOModels/DTOUserModel.cs +++ b/Step.Model/DTOModels/DTOUserModel.cs @@ -14,6 +14,11 @@ namespace Step.Model.DTOModels public string FirstName { get; set; } public string LastName { get; set; } } + public class DTONewPasswordrModel + { + public string actPassword { get; set; } + public string newPassword { get; set; } + } public class DTOMessageUserModel : DTONewUserModel { diff --git a/Step.Utils/languages/IT.xml b/Step.Utils/languages/IT.xml index e4e41715..47f6faf0 100644 --- a/Step.Utils/languages/IT.xml +++ b/Step.Utils/languages/IT.xml @@ -566,7 +566,7 @@ Aggiungi Modifica Annulla - Le password devono combaciare + Le password devono essere diverse Password attuale Password nuova Modifica password: %s diff --git a/Step.Utils/languages/en.xml b/Step.Utils/languages/en.xml index 2ac99940..5c71f51b 100644 --- a/Step.Utils/languages/en.xml +++ b/Step.Utils/languages/en.xml @@ -564,7 +564,7 @@ Add Edit Cancel - Passwords must be the same + Passwords must not be the same Actual password New password Password Editor: %s diff --git a/Step/Controllers/WebApi/UserController.cs b/Step/Controllers/WebApi/UserController.cs index b08d882c..689e9c54 100644 --- a/Step/Controllers/WebApi/UserController.cs +++ b/Step/Controllers/WebApi/UserController.cs @@ -9,6 +9,7 @@ using System.Globalization; using System.Linq; using System.Security.Claims; using System.Web.Http; +using System.Web.Helpers; using static Step.Model.Constants; using static Step.Utils.LanguageController; @@ -151,6 +152,7 @@ namespace Step.Controllers.WebApi } [Route("manager/user"), HttpPost] + [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] public IHttpActionResult CreateUser(UserModel model) { using (UsersController usersController = new UsersController()) @@ -171,6 +173,31 @@ namespace Step.Controllers.WebApi return Unauthorized(); } + [Route("manager/password/{userId:int}"), HttpPut] + [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] + public IHttpActionResult UpdateUserPassword(int userId, [FromBody] DTONewPasswordrModel userData) + { + using (UsersController usersController = new UsersController()) + { + + UserModel user = usersController.FindById(userId); + + if (user == null) + return NotFound(); + + if(userData.newPassword == userData.actPassword) + return BadRequest("error_password_same"); + + if (Crypto.VerifyHashedPassword(user.Password, userData.actPassword) != true) + return BadRequest("error_password_not_ok"); + + if (Crypto.VerifyHashedPassword(user.Password, userData.newPassword) == true) + return BadRequest("error_password_same_old"); + + return Ok(usersController.UpdateUserPassword(userId, userData)); + } + } + // Role [Route("manager/role/list"), HttpGet] diff --git a/Step/Step.csproj b/Step/Step.csproj index 30e6bc53..97d2f8cc 100644 --- a/Step/Step.csproj +++ b/Step/Step.csproj @@ -98,6 +98,9 @@ ..\packages\Microsoft.Owin.StaticFiles.3.1.0\lib\net45\Microsoft.Owin.StaticFiles.dll + + ..\packages\microsoft-web-helpers.2.1.20710.2\lib\net40\Microsoft.Web.Helpers.dll + ..\packages\Newtonsoft.Json.11.0.2\lib\net45\Newtonsoft.Json.dll @@ -124,6 +127,9 @@ + + ..\packages\Microsoft.AspNet.WebPages.2.0.20505.0\lib\net40\System.Web.Helpers.dll + ..\packages\Microsoft.AspNet.WebApi.Cors.5.2.3\lib\net45\System.Web.Http.Cors.dll @@ -131,6 +137,18 @@ ..\packages\Microsoft.AspNet.WebApi.Owin.5.2.3\lib\net45\System.Web.Http.Owin.dll + + ..\packages\Microsoft.AspNet.Razor.2.0.20505.0\lib\net40\System.Web.Razor.dll + + + ..\packages\Microsoft.AspNet.WebPages.2.0.20505.0\lib\net40\System.Web.WebPages.dll + + + ..\packages\Microsoft.AspNet.WebPages.2.0.20505.0\lib\net40\System.Web.WebPages.Deployment.dll + + + ..\packages\Microsoft.AspNet.WebPages.2.0.20505.0\lib\net40\System.Web.WebPages.Razor.dll + @@ -167,6 +185,12 @@ ..\packages\WebActivatorEx.2.2.0\lib\net40\WebActivatorEx.dll + + ..\packages\Microsoft.AspNet.WebPages.Data.2.0.20505.0\lib\net40\WebMatrix.Data.dll + + + ..\packages\Microsoft.AspNet.WebPages.WebData.2.0.20505.0\lib\net40\WebMatrix.WebData.dll + diff --git a/Step/packages.config b/Step/packages.config index 3575e940..a22fd13a 100644 --- a/Step/packages.config +++ b/Step/packages.config @@ -1,37 +1,42 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Step/wwwroot/src/modules/base-components/modal-password-user.ts b/Step/wwwroot/src/modules/base-components/modal-password-user.ts index d0d54d70..54eae877 100644 --- a/Step/wwwroot/src/modules/base-components/modal-password-user.ts +++ b/Step/wwwroot/src/modules/base-components/modal-password-user.ts @@ -32,7 +32,7 @@ export default class modalPasswordUser extends Vue { @Watch("newUser.password") @Watch("newUser.newPassword") userChange(){ - this.pswOk = this.newUser.password == this.newUser.newPassword; + this.pswOk = this.newUser.password != this.newUser.newPassword; } getColor(nome,cognome){ @@ -63,8 +63,14 @@ export default class modalPasswordUser extends Vue { } async modify(user) { - alert("ToDo"); - this.close(); + + + let psw = { newPassword:this.newUser.newPassword, actPassword:this.newUser.password }; + + awaiter(usersService.editPassword(user.id,psw).then(response => { + this.close(); + })); + //awaiter(usersService.editUser(user).then(response => { // this.close(); diff --git a/Step/wwwroot/src/modules/base-components/modal-password-user.vue b/Step/wwwroot/src/modules/base-components/modal-password-user.vue index ff8c1644..747021f2 100644 --- a/Step/wwwroot/src/modules/base-components/modal-password-user.vue +++ b/Step/wwwroot/src/modules/base-components/modal-password-user.vue @@ -12,7 +12,7 @@ -
{{'create_user_psw_not_equals' | localize("Passwords must be the same")}}
+
{{'create_user_psw_equals' | localize("Passwords must not be the same")}}
diff --git a/Step/wwwroot/src/services/usersService.ts b/Step/wwwroot/src/services/usersService.ts index 5f53ac50..d3f6361d 100644 --- a/Step/wwwroot/src/services/usersService.ts +++ b/Step/wwwroot/src/services/usersService.ts @@ -34,6 +34,12 @@ export class UsersService extends baseRestService { return result; } + async editPassword(id: number,model: any){ + var result = await this.Put("api/user/manager/password/" + id , model,true); + usersActions.updateUser(store, result); + return result; + } + async deleteUser(model: any){ var result = await this.Delete("api/user/manager/user/" + model.id ,true); usersActions.deleteUser(store, model.id);