public SealegsAuthResponse GetAuthenticationToken(SealegsCredentials credentials)
{
SealegsContext Context = new SealegsContext();
// Validate user against database using email and password.
IList <SealegsUser> users = Context.SealegsUser.Include("Role").Where(u => u.Email.ToLower() == credentials.Email.ToLower()).ToList();
SealegsUser user = (users.Count() > 0) ? users.First() : null;
// Other possible algorithms - HashAlgorithm.Create("SHA256"), new HMACSHA1(), new HMACSHA256()
string password = String.Empty; bool ret = false;
if (user.PasswordFormat == 1)
{
password = EncryptPassword(credentials.Password, user.PasswordFormat, user.PasswordSalt, HashAlgorithm.Create("SHA1"));
}
else
{
SimpleHash hash = new SimpleHash();
string salt = string.Empty;
ret = hash.Verify(credentials.Password, user.Password);
}
return((user != null) ? new SealegsAuthResponse()
{
Success = (password == user.Password || "ns+" + password == user.Password || ret), User = user
} : new SealegsAuthResponse()
{
Success = false, User = null
});
}
// POST api/Announcement
public async Task <HttpResponseMessage> Post(string password, [FromBody] string message)
{
HttpStatusCode ret = HttpStatusCode.InternalServerError;
if (string.IsNullOrWhiteSpace(message) || password != ConfigurationManager.AppSettings["NotificationsPassword"])
{
return(Request.CreateResponse(ret));
}
try
{
var announcement = new Notification
{
Date = DateTime.UtcNow,
Text = message
};
var context = new SealegsContext();
context.Notifications.Add(announcement);
await context.SaveChangesAsync();
}
catch
{
return(Request.CreateResponse(ret));
}
return(Request.CreateResponse(HttpStatusCode.OK));
}
