public BaseModule(string modulePath, IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes)
: base(modulePath)
{
ErrorCodes = errorCodes;
_dataStore = dataStore;
_trackingUsers = trackingUsers;
}
public TrackingGroupModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingGroups trackingGroups,
ErrorCodes errorCodes)
: base("/tracking/group", dataStore, trackingUsers, errorCodes)
{
_trackingGroups = trackingGroups;
Before += ctx =>
{
var user = Context.CurrentUser as UserIdentity;
return(user == null
? ErrorResponse(HttpStatusCode.Unauthorized,
"Invalid access token! Please login to obtain a new access token.")
: null);
};
Get["/{groupid}"] = parameters =>
{
string groupId = parameters.groupId;
if (groupId == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
var trackingGroup = _trackingGroups.Get(groupId);
if (trackingGroup == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
if (trackingGroup.Expires <= DateTime.Now)
{
return(ErrorResponse(HttpStatusCode.Forbidden, "Session has expired!"));
}
return(Response.AsJson(trackingGroup));
};
}
public PositionModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingSessions trackingSessions,
ErrorCodes errorCodes)
: base("/position", dataStore, trackingUsers, errorCodes)
{
_trackingSessions = trackingSessions;
Before += ctx =>
{
var user = Context.CurrentUser as UserIdentity;
return(user == null
? ErrorResponse(HttpStatusCode.Unauthorized,
"Invalid access token! Please login to obtain a new access token.")
: null);
};
Post["/{sessionId}"] = parameters =>
{
var user = Context.CurrentUser as UserIdentity;
if (user == null)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
Response response;
if (!CheckSaveRetention(SessionCache, out response))
{
return(response);
}
string sessionId = parameters.sessionId;
if (sessionId == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
var trackingPosition = this.Bind <TrackingPosition>();
var trackingSession = _trackingSessions.Get(sessionId);
if (trackingSession.UserId != user.UserId)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
trackingSession.Positions.Add(trackingPosition);
_trackingSessions.Update(trackingSession);
return(Response.AsJson(trackingPosition));
};
}
public void TestTrackiflyUsers()
{
// Use IOC instead...
const string connectionString = "mongodb://localhost";
var client = new MongoClient(connectionString);
var server = client.GetServer();
var database = server.GetDatabase("test");
var dataStore = new MongoDataStore(database);
var j = 1;
var users = new TrackingUsers(dataStore, new PasswordManager());
for (int i = 0; i < 100; i++)
{
users.Add(string.Format("test{0}", j++), "test", "*****@*****.**");
users.Add(string.Format("test{0}", j++), "test", "*****@*****.**");
users.Add(string.Format("test{0}", j++), "test", "*****@*****.**");
}
}
public LoginModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes,
PasswordManager passwordManager)
: base("/login", dataStore, trackingUsers, errorCodes)
{
_trackingUsers = trackingUsers;
_passwordManager = passwordManager;
Post["/"] = parameters =>
{
Response response;
if (!CheckSaveRetention(SessionCache, out response))
{
return(response);
}
var loginModel = this.Bind <LoginModel>();
var trackingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == loginModel.Username);
if (trackingUser == null)
{
return(ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!"));
}
var password = loginModel.Password;
var passwordSalt = trackingUser.Salt;
var passwordHash = trackingUser.Password;
var confirmPassword = _passwordManager.ConfirmPassword(password, passwordHash, passwordSalt);
if (confirmPassword)
{
trackingUser.AccessToken = new AccessToken(Guid.NewGuid().ToString());
_trackingUsers.Update(trackingUser);
}
return(confirmPassword
? Response.AsJson(trackingUser.AccessToken)
: ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!"));
};
}
public UserModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes,
PasswordManager passwordManager)
: base("/user", dataStore, trackingUsers, errorCodes)
{
_trackingUsers = trackingUsers;
_passwordManager = passwordManager;
Get["/{page?}/{take?}"] = parameters =>
{
int page;
int take;
page = int.TryParse(parameters.Page, out page) ? page : 0;
take = int.TryParse(parameters.Take, out take) ? take : 10;
var currentUser = Context.CurrentUser as UserIdentity;
if (currentUser == null)
{
return(HttpStatusCode.Unauthorized);
}
this.RequiresClaims(new[] { "Admin" });
var users = _trackingUsers.Query().Skip(page * take).Take(take).ToList();
return(currentUser.Claims.All(x => x != "Admin")
? HttpStatusCode.Unauthorized
: Response.AsJson(users));
};
Get["/{userId}"] = parameters =>
{
var currentUser = Context.CurrentUser as UserIdentity;
if (currentUser == null || currentUser.AccessToken == null ||
string.IsNullOrWhiteSpace(currentUser.AccessToken.Token))
{
return(HttpStatusCode.Unauthorized);
}
string userId = parameters.UserId;
var accessToken = currentUser.AccessToken;
this.RequiresClaims(new[] { "Admin" });
var user = _trackingUsers.Get(userId);
if (currentUser.Claims.All(x => x != "Admin"))
{
if (user == null || user.AccessToken == null || user.AccessToken.Token != accessToken.Token)
{
return(HttpStatusCode.Unauthorized);
}
}
return(user == null
? (dynamic) new BasicResponseModel((int)HttpStatusCode.NotFound, "User not found!")
: Response.AsJson(user));
};
Get["/availability/{username}"] = parameters =>
{
string username = parameters.Username;
var user = _trackingUsers.Query().FirstOrDefault(x => x.Username == username);
var response = user == null
? new BasicResponseModel(0, "")
: new BasicResponseModel(0, "User already exists!");
return(Response.AsJson(response));
};
Get["/availability/email/{email}"] = parameters =>
{
string email = parameters.Email;
var user = _trackingUsers.Query().FirstOrDefault(x => x.Email == email);
var response = user == null
? new BasicResponseModel(0, "")
: new BasicResponseModel(0, "Email is already registered!");
return(Response.AsJson(response));
};
Post["/"] = _ =>
{
var model = this.Bind <UserModel>();
if (model == null)
{
return(ErrorResponse(HttpStatusCode.BadRequest,
"Unknown request. Please provide a username and password."));
}
var existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == model.Username);
if (existingUser != null)
{
return(ErrorResponse(HttpStatusCode.Conflict, "Username already exists!"));
}
existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Email == model.Email);
if (existingUser != null)
{
return(ErrorResponse(HttpStatusCode.Conflict, "E-mail is already registered!"));
}
var salt = Encoding.UTF8.GetBytes(Guid.NewGuid().ToString());
var hashPassword = _passwordManager.HashPassword(model.Password, salt);
var user = new TrackingUser(model.Username, hashPassword, salt)
{
Name = model.Name,
Email = model.Email,
};
_trackingUsers.Add(user);
return(Response.AsJson(new UserModel(user), HttpStatusCode.Created));
};
Delete["/{id}"] = parameters =>
{
string id = parameters.Id;
var currentUser = Context.CurrentUser as UserIdentity;
if (currentUser == null)
{
return(HttpStatusCode.Unauthorized);
}
var accessToken = currentUser.AccessToken;
this.RequiresClaims(new[] { "Admin" });
var user = _trackingUsers.Get(id);
if (currentUser.Claims.All(x => x != "Admin"))
{
if (user.AccessToken == null || user.AccessToken.Token != accessToken.Token)
{
return(HttpStatusCode.Unauthorized);
}
}
if (user == null)
{
return(HttpStatusCode.NotFound);
}
_trackingUsers.Delete(id);
return(HttpStatusCode.OK);
};
}
public TrackingModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingSessions trackingSessions, ErrorCodes errorCodes)
: base("/tracking", dataStore, trackingUsers, errorCodes)
{
Before += ctx =>
{
var user = Context.CurrentUser as UserIdentity;
return(user == null
? ErrorResponse(HttpStatusCode.Unauthorized, "Invalid access token! Please login to obtain a new access token.")
: null);
};
_trackingSessions = trackingSessions;
Get["/{sessionid}"] = parameters =>
{
var user = Context.CurrentUser as UserIdentity;
string sessionId = parameters.sessionId;
if (sessionId == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
var trackingSession = _trackingSessions.Get(sessionId);
if (trackingSession == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
if (user == null || trackingSession.UserId != user.UserId)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
if (trackingSession.Expires <= DateTime.Now)
{
return(ErrorResponse(HttpStatusCode.Forbidden, "Session has expired!"));
}
return(Response.AsJson(trackingSession));
};
Post["/"] = parameters =>
{
var user = Context.CurrentUser as UserIdentity;
if (user == null)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
Response response;
if (!CheckSaveRetention(SessionCache, out response))
{
return(response);
}
var trackingSession = this.Bind <TrackingSession>();
trackingSession.UserId = user.UserId;
_trackingSessions.Add(trackingSession);
return(Response.AsJson(trackingSession));
};
Put["/{sessionid}"] = parameters =>
{
var user = Context.CurrentUser as UserIdentity;
if (user == null)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
Response response;
if (!CheckSaveRetention(SessionCache, out response))
{
return(response);
}
string sessionId = parameters.sessionId;
if (sessionId == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
var trackingSession = this.Bind <TrackingSession>();
trackingSession.Id = sessionId;
trackingSession.UserId = user.UserId;
_trackingSessions.Update(trackingSession);
return(Response.AsJson(trackingSession));
};
Delete["/{sessionid}"] = parameters =>
{
var user = Context.CurrentUser as UserIdentity;
if (user == null)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
string sessionId = parameters.sessionId;
if (sessionId != null)
{
var trackingSession = _trackingSessions.Get(sessionId);
if (trackingSession == null)
{
return(ErrorResponse(HttpStatusCode.NotFound));
}
if (trackingSession.UserId != user.UserId)
{
return(ErrorResponse(HttpStatusCode.Unauthorized));
}
_trackingSessions.Delete(sessionId);
return(ErrorResponse(HttpStatusCode.OK,
string.Format("Tracking session '{0}' including all its positions is removed.", sessionId)));
}
return(ErrorResponse(HttpStatusCode.BadRequest));
};
}
