public Identity(IEnumerable<Claim> claims, User user, Session session)
{
User = user;
Session = session;
Claims = claims.Select(c => c.Name).ToArray();
}
public Session(User user)
{
UserId = user.Id;
using (RandomNumberGenerator rng = new RNGCryptoServiceProvider())
{
byte[] tokenData = new byte[32];
rng.GetBytes(tokenData);
SessionKey = BitConverter.ToString(tokenData).Replace("-", "");
}
}
/// <summary>
/// Set to true to recreate the database (losing all data)
/// </summary>
/// <param name="clean"></param>
/// <param name="connectionString"></param>
public Database(bool clean = false, string connectionString = null)
{
_connectionFactory = new OrmLiteConnectionFactory(connectionString, SqliteDialect.Provider);
using (var db = _connectionFactory.Open())
{
var models = new[]
{
typeof(Device),
typeof(Sensor),
typeof(StringReading),
typeof(DecimalReading),
typeof(BlobReading),
typeof(User),
typeof(Session),
typeof(Claim),
};
if (clean)
{
foreach (var model in models)
db.CreateTable(true, model);
using (var transaction = db.OpenTransaction())
{
//Create admin user with null password
var admin = new User(DEFAULT_ADMINISTRATOR_USERNAME, DEFAULT_ADMINISTRATOR_PASSWORD);
db.Save(admin);
//Create some sensible claims for an admin user
string[] claims = {
"superuser"
};
foreach (var claim in claims)
db.Save(new Claim(admin, claim));
transaction.Commit();
}
}
else
{
foreach (var model in models)
db.CreateTableIfNotExists(model);
}
}
}
private Task<dynamic> CreateUser(dynamic parameters, CancellationToken ct)
{
return Task<dynamic>.Factory.StartNew(() =>
{
this.RequiresAuthentication();
this.RequiresAnyClaim(new[] { "superuser", "create-user" });
var userName = (string)Request.Query.UserName ?? (string)Request.Form.UserName;
var password = (string)Request.Query.Password ?? (string)Request.Form.Password;
using (var transaction = _connection.OpenTransaction())
{
//Find the user with the given name (and correct password)
var user = _connection.Select<User>(a => a.Username == userName).SingleOrDefault();
if (user != null)
{
return Negotiate
.WithModel(new { Error = "User With This Username Already Exists" })
.WithStatusCode(HttpStatusCode.Conflict);
}
//Create a new user
user = new User(userName, password);
_connection.Save(user);
// HACK: TEMP ADDING SUPERUSER CLAIM
_connection.Save(new Claim(user, "superuser"));
//Save any changes made
transaction.Commit();
//Return the user
return SerializeUser(user);
}
}, ct);
}
public Claim(User user, string claimName)
{
UserId = user.Id;
Name = claimName;
}
private object SerializeUser(User user)
{
return new
{
Username = user.Username,
Claims = ModuleHelpers.CreateUrl(Request, ClaimsModule.PATH.Replace("{username}", Uri.EscapeUriString(user.Username)))
};
}
public static IEnumerable<Claim> GetClaims(User user, IDbConnection connection)
{
return connection.Select<Claim>(c => c.UserId == user.Id);
}
