healthchecks

2025-08-25 18:52:59 +02:00
parent 5777e351bf
commit 0560a40876
33 changed files with 317 additions and 127 deletions
--- a/back/services/bussines/UserService/UserService.cs
+++ b/back/services/bussines/UserService/UserService.cs
@@ -4,13 +4,15 @@ using back.persistance.data.repositories.Abstracts;
 using back.services.engine.Crypto;
 using back.services.engine.mailing;
 using System.Text;
+using System.Text.Json;

 namespace back.services.bussines.UserService;

 public class UserService(
    IUserRepository userRepository, ICryptoService cryptoService,
    IEmailService emailService,
-    IBlobStorageService blobStorageService
+    IBlobStorageService blobStorageService,
+    JsonSerializerOptions jsonSerializerOptions
    ) : IUserService
 {
    private readonly IUserRepository _repository = userRepository ?? throw new ArgumentNullException(nameof(userRepository));
@@ -66,6 +68,14 @@ public class UserService(
        return existingUser;
    }

+    public async Task<User?> Login(string email, string decryptedPass) 
+    {
+        var salt = await _repository.GetUserSaltByEmail(email);
+        var hashedPassword = _cryptoService.HashPassword(decryptedPass, salt);
+        var user = await _repository.Login(email, hashedPassword ?? string.Empty);
+        return user;
+    }
+
    public async Task<User?> Login(string email, string password, string clientId)
    {
        if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password)) return null;
@@ -73,9 +83,7 @@ public class UserService(
        try
        {
            var decryptedPass = _cryptoService.Decrypt(clientId, password);
-            var salt = await _repository.GetUserSaltByEmail(email);
-            var hashedPassword = _cryptoService.HashPassword(decryptedPass, salt);
-            var user = await _repository.Login(email, hashedPassword ?? string.Empty);
+            var user = await Login(email, decryptedPass ?? string.Empty);
            return user;
        }
        catch
@@ -101,21 +109,21 @@ public class UserService(

    public async Task<User?> ValidateSystemUser(string email, string password, string systemKey, string clientId)
    {
-        password = _cryptoService.Decrypt(clientId, password) ?? string.Empty;
-        systemKey = _cryptoService.Decrypt(clientId, systemKey) ?? string.Empty;
-        if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password) || string.IsNullOrEmpty(systemKey))
+        var decryptedPassword = _cryptoService.Decrypt(clientId, password) ?? string.Empty;
+        var decryptedsystemKey = _cryptoService.Decrypt(clientId, systemKey) ?? string.Empty;
+        if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(decryptedPassword) || string.IsNullOrEmpty(decryptedsystemKey))
        {
            return null;
        }
-        if (!email.Equals("@system", StringComparison.InvariantCultureIgnoreCase))
+        if (!email.Equals(User.SystemUser.Email, StringComparison.InvariantCultureIgnoreCase))
        {
            return null;
        }

        var systemKeyBytes = await _blobStorageService.GetBytes("systemkey.lock");
        var systemKeyString = Encoding.UTF8.GetString(systemKeyBytes ?? []);
-        var systemKeyObject = System.Text.Json.JsonSerializer.Deserialize<SystemKey>(systemKeyString);
-        if (systemKeyObject == null || !systemKeyObject.IsValid(email, password, systemKey))
+        var systemKeyObject = JsonSerializer.Deserialize<SystemKey>(systemKeyString, jsonSerializerOptions);
+        if (systemKeyObject == null || !systemKeyObject.IsValid(email, decryptedPassword, decryptedsystemKey))
        {
            return null;
        }
@@ -128,6 +136,6 @@ public class UserService(
        {
            return null;
        }
-        return await Login(user.Email!, user.Password!, clientId);
+       return await Login(user.Email!, decryptedPassword);
    }
 }
--- a/back/services/engine/PasswordGenerator/PasswordGenerator.cs
+++ b/back/services/engine/PasswordGenerator/PasswordGenerator.cs
@@ -5,8 +5,8 @@ public class PasswordGenerator : IPasswordGenerator
    public string Generate(int length, bool includeNumbers = true, bool includeMayus = true, bool includeMinus = true, bool includeSpecials = true)
    {
        const string numbers = "0123456789";
-        const string mayus = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
-        const string minus = "abcdefghijklmnopqrstuvwxyz";
+        const string mayus = "ABCÇDEFGHIJKLMNÑOPQRSTUVWXYZ";
+        const string minus = "abcçdefghijklmnñopqrstuvwxyz";
        const string specials = "!@#$%^&*()_+[]{}|;:,.<>?";
        var characters = minus;
        if (includeNumbers) characters += numbers;
@@ -19,6 +19,22 @@ public class PasswordGenerator : IPasswordGenerator
        {
            password[i] = characters[random.Next(characters.Length)];
        }
+
+        var positionPool = new List<int>();
+        for (int i = 0; i < length; i++) positionPool.Add(i);
+        var forcedRandomNumber = random.Next(0, positionPool.Count);
+        positionPool.RemoveAt(forcedRandomNumber);
+        var forcedRandomMayus = random.Next(0, positionPool.Count);
+        positionPool.RemoveAt(forcedRandomMayus);
+        var forcedRandomMinus = random.Next(0, positionPool.Count);
+        positionPool.RemoveAt(forcedRandomMinus);
+        var forcedRandomSpecial = random.Next(0, positionPool.Count);
+        positionPool.RemoveAt(forcedRandomSpecial);
+
+        password[forcedRandomNumber] = numbers[random.Next(numbers.Length)];
+        password[forcedRandomMayus] = mayus[random.Next(mayus.Length)];
+        password[forcedRandomMinus] = minus[random.Next(minus.Length)];
+        password[forcedRandomSpecial] = specials[random.Next(specials.Length)];
        return new string(password);
    }
 }
--- a/back/services/engine/SystemUser/SystemUserGenerator.cs
+++ b/back/services/engine/SystemUser/SystemUserGenerator.cs
@@ -4,12 +4,14 @@ using back.persistance.data;
 using back.persistance.data.repositories.Abstracts;
 using back.services.engine.Crypto;
 using back.services.engine.PasswordGenerator;
+using System.Text.Json;
 using Transactional.Abstractions.Interfaces;

 namespace back.services.engine.SystemUser;

 public class SystemUserGenerator(
    ITransactionalService<DataContext> transactional,
+    JsonSerializerOptions jsonSerializerOptions,
    IUserRepository userRepository,
    IPersonRepository personRepository,
    ICryptoService cryptoService,
@@ -21,9 +23,9 @@ public class SystemUserGenerator(
        var systemKey = new SystemKey() { 
            Password = passwordGenerator.Generate(16),
        };
-        var systemKeyJson = System.Text.Json.JsonSerializer.Serialize(systemKey);
+        var systemKeyJson = JsonSerializer.Serialize(systemKey, options: jsonSerializerOptions);
        
-        using Stream stream = new MemoryStream(System.Text.Encoding.UTF8.GetBytes(systemKeyJson));
+        using Stream stream = new MemoryStream(new System.Text.UTF8Encoding(true).GetBytes(systemKeyJson));

        await blobStorageService.Delete("systemkey.lock");

@@ -38,10 +40,16 @@ public class SystemUserGenerator(

        if (!await userRepository.Exists(User.SystemUser.Id!))
        {
-            await transactional.DoTransaction(async () => {
+            await transactional.DoTransaction(async () =>
+            {
                await personRepository.Insert(Person.SystemPerson);
                await userRepository.Insert(User.SystemUser);
            });
        }
+        else 
+        {
+            await userRepository.Update(User.SystemUser);
+            await userRepository.SaveChanges();
+        }
    }
 }