the Membership Provider ValidateUser using EF is quite simple
public override bool ValidateUser(string username, string password)
{
// Validate User Credentials
var r = db.ST_Users.FirstOrDefault(
x => x.Username.Equals(username) &&
x.Password.Equals(password));
return r != null ? true : false;
}
But this returns true (finds and retrieves the hole object) no matter if I use balexandre or BAleXanDre.
How can I enable EF to compare in case-sensitive mode?
I know how to compare in case insensitive (using the StringComparison.CurrentCultureIgnoreCase overload, but I just want the opposite)
You should not query on the password. You should retrieve the User object and do a password compare locally, because SQL server will do a case insensitive compare for you by default (unless you change your database settings, which is not something you should take lightly).
var r = db.ST_Users.SingleOrDefault(x => x.Username == username);
return r != null && r.Password == password;
Besides, you seem to be storing plain passwords in your database. Depending on the type of application, this might not be a good idea. Try hashing them with a salt. Lots of good information to find about that here on Stackoverflow. For instance, take a look at this question and this website.
I was facing the same issue. I tried:
1. from p in entity.SecurityUsers where p.userName.Equals(userName) && p.password.Equals(password) select p
2. from p in entity.SecurityUsers where p.userName == userName && p.password == password select p
But both of these didn't work. Then I selected USER only..,
var user = (from p in entity.SecurityUsers where p.userName == userName select p).first();
And then compare its password:
return p != null && p.Password == password;
Related
How do I check if an id exists in the database?
def get_user!(id), do: Repo.get!(User, id)
get_user!(id) can be used to get the user, is there a way to check if id exists?
I want something like below which would return true.
MyApp.Accounts.get_user!(user_id) == %MyApp.Accounts.User{id: user_id}
Ecto v3 supports this with Ecto.Repo.exists?/2
import Ecto.Query, only: [from: 2]
Repo.exists?(from u in User, where: u.id == ^user_id)
Repo.get! throws an error if no record is found.
You might want to use Repo.get instead like
Repo.get(User, user_id) != nil
You can also define a function to check if a give user id exists
def user_exist_by_id(user_id)do
#select just id to reduce payload
query = (from u in User, where: u.id == ^user_id, select: %{id: u.id})
found = Repo.one(query)
#if not result, found will be nil
found != nil
end
I need to construct the URL to the original tweet as
http://twitter.com/{twitter-user-id}/status/{tweet-staus-id}
Joe's code on linq2twitter works fine, but when I replace User.ScreenNameResponse from his sample with User.UserID,
the UserID is always zero. The debugger shows tweet.UserID is also zero. Most fields are populated.
My code:
var twitterCtx = new TwitterContext(getAuth());
var searchResponse =
await
(from search in twitterCtx.Search
where search.Type == SearchType.Search &&
search.Query == searchTxt &&
search.Count == searchCount
select search)
.SingleOrDefaultAsync();
if (searchResponse != null && searchResponse.Statuses != null)
searchResponse.Statuses.ForEach(tweet =>
Console.WriteLine(
"User: {0}, Tweet: {1}",
//tweet.User.ScreenNameResponse,
tweet.User.UserID,
tweet.Text));
Version: 3.1.1 from NuGet using app authentication.
How can I get the UserID so I can construct the tweet URL?
This SO thread (use id_str) did not help.
That would be in tweet.User.UserIDResponse.
A bit of background: Anything used as an input parameter is also looked at in the query response, so if a user omits the parameter in a query but the twitter response contains a value, it was being filtered out of the results. To fix this, I adopted a convention where any return parameters also match input parameters would have a 'Response' suffix. e.g. ScreenName (input) and ScreenNameResponse (output). To find which values are input, the docs for each API (including Search) call contain the input/filter parameters.
i'm using a query to see if a user already exists in the database. if it finds a user, it adds it to the list (not database), and presents a message. if the user does NOT already exist, the program moves on to add the user.
the problem exists when adding the query result to a list, when the result found nothing. if the query found nothing (user does not yet exist) the returned value isn't null or 0, so i'm not sure how to check for this.
my code works fine, but my problem is trying to find a more elegant approach. i try to add the query results to a list. if it his the "catch", it means the user does not exist and it shall be added. right now my code is:
var userIsNew =
from f in controlEntities.Users
where (f.UserId == userIdTextBox.Text)
select f;
List<Users> temp = new List<Users>();
try
{
temp = userIsNew.ToList<Users>();
}
catch
{
//do nothing
}
if (temp.Count > 0)
{
MessageBox.Show("This UserId already exists in the Database. \nPlease try another UserId.");
}
thank you for your help!
var userIsNew = (from f in controlEntities.Users
where (f.UserId == userIdTextBox.Text)
select f).FirstOrDefault();
if (userIsNew != null)
{
MessageBox.Show("This UserId already exists in the Database. \nPlease try another UserId.");
}
Another way would be:
bool userIsNew = controlEntities.Users.
Count(f => f.UserId == userIdTextBox.Text) == 0;
if (!userIsNew)
{
MessageBox.Show("This UserId already exists in the Database. \nPlease try another UserId.");
}
It's efficient because the data server returns only a number instead of a resulset.
I have method where I need to retrieve using EF the last ten entries in the database and check to see if there is a match between the value and the current term. Here is what I have thus far
public static int ValidatePassword(string username, string password, int securityUserId)
{
int validResult = 0;
/*Need to pass to client a value based upon success or failure of validation
* 0 - success
* 1 - password has already been used in the last 10 entries
* 2 - password does not meet CJIS requirements
*/
IEnumerable<string> oldpassword = null;
// Create a Regular Expression to determine whether or not special characters are present.
Regex regularExpression = new Regex("[^a-z0-9]");
//if id exists pull last ten passwords
if (securityUserId > 0)
{
long id = Convert.ToInt64(securityUserId);
using (var context = new SecurityEntities(string.Empty))
{
try
{
oldpassword = (from p in context.SecurityAudits
where p.SecurityUserId == id &&
p.OldPassword == password
orderby p.ActionDate descending
select p.OldPassword.Take(10).ToString()).ToList();
}
catch (Exception ex)
{
string err = string.Format("ValidateCJISPassword() was unable to return an object msg:{0}", ex.Message);
throw new Exception(err, ex.InnerException);
}
finally
{
context.Dispose();
}
}
}
else if (oldpassword == null)
{
//no matching record found now check other requirements
if ((password.Length >= DEFAULT_CJIS_PASSWORD_MIN_LENGTH) && regularExpression.IsMatch(password) && (password != username))
{
//success
validResult = 0;
}
else
{
//password does not meet standard CJIS requirements
validResult = 2;
}
}
else
{
//matching record was found
validResult = 1;
}
return validResult;
}
}
Where I am currently hung up is the query throws an exception on the ToString() method
LINQ to Entities does not recognize the method 'System.String ToString()' method, and this method cannot be translated into a store expression.
I'm still learning EF and how linq works so I'm not sure what the best approach here is. Should I try to set the result to something other than IEnumerable like an array or List or is there another approach I should consider?
Thanks in advance,
Cheers,
Change this
oldpassword = (from p in context.SecurityAudits
where p.SecurityUserId == id &&
p.OldPassword == password
orderby p.ActionDate descending
select p.OldPassword.Take(10).ToString()).ToList();
To this
oldpassword = (from p in context.SecurityAudits
where p.SecurityUserId == id &&
p.OldPassword == password
orderby p.ActionDate descending
select p.OldPassword).Take(10).ToList();
The problem was that your Take(10) clause was not part of the whole result but inside the actual linq statement.. it goes on the outside of it to take the top 10 of the entire resultset.. then you do the ToList() which turns the whole thing into an array
The next problem is that you just created an array and assigned it to oldpassword
I don't see anything here that does anything with the array...
You need to do something like:
declare your array of strings
assign the array to the return of the linq query
evaluate the return for > 0 results
if > 0 then the password has been used in the last 10
if = 0 then new password should be ok, correct?
Now that I have an understanding of what I needed in the query I was able to also update the linq statement as follows:
var lastTenPassword = (from p in context.SecurityAudits.Take(10)
orderby p.ActionDate descending
where p.SecurityUserId == id
select p.OldPassword).ToList();
string oldpassword = lastTenPassword.Where(a => a == password).FirstOrDefault();
Testing is further down the line but now by moving the .Take() method inside the query I am explicitly grabbing the top ten where as my first attempt would have retrieved all the records and then grabbed the top ten.
For testing you can also see where I broke out the initial where() to first grab all records by id and then perform a filter on that set by looking for a matching password within that set.
Thanks again for your help
I have simple Linq statement (using EF4)
var efCars = (from d in myentity.Cars
where d.CarName == inputCar.CarName
&& d.CarIdNumber == inputCar.IdNumber
&& d.Make == inputCar.Make
select d.Car);
I want it to be smarter so that it will only query across one or more of the 3 fields IF they have values.
I can do a test before, and then have a separate linq statement for each permutation of valyes for inputcar
(i.e. one for all 3, one for if only carname has a value, one for if carname AND CarIdNumber has a value etc etc)
but there must be a smarter way
Thanks!
If "has no value" means null then you can use the null coalescing operator ?? to say take the first value if populated, otherwise take the second:
var efCars = (from d in myentity.Cars
where d.CarName == (inputCar.CarName ?? d.CarName
&& d.CarIdNumber == (inputCar.IdNumber && d.CarIdNumber)
&& d.Make == (inputCar.Make && d.Make)
select d.Car);
This basically says if a value exists it must match, otherwise treat it as matching
However if instead you're saying "when a special value (empty string) ignore it, otherwise match" then you can do one of two approaches (or possibly more!):
where (inputCar.CarName == "" || d.CarName == inputCar.CarName)
where (string.IsNullOrEmpty(inputCar.CarName) || d.CarName == inputCar.CarName)
For performance (when dealing with database queries) it can sometimes be beneficial to let EF generate queries based on the filters, instead of using one generic query. Of course you will need to profile whether it helps you in this case (never optimize prematurely), but this is how it would look if you dynamically build your query:
var efCars =
from car in myentity.Cars
select car;
if (inputCar.CarName != null)
{
efCars =
from car in efCars
where care.CarName == inputCar.CarName
select car;
}
if (inputCar.IdNumber != null)
{
efCars =
from car in efCars
where care.CarIdNumber == inputCar.IdNumber
select car;
}
if (inputCar.Make != null)
{
efCars =
from car in efCars
where care.Make == inputCar.Make
select car;
}
where (inputCar.CarName != null || d.CarName == inputCar.CarName) &&...