/// <summary>
/// Adds a new user.
/// </summary>
/// <param name="phoneNumber"></param>
/// <param name="name"></param>
/// <returns></returns>
public DAL.UserCookie AddUser(string phoneNumber, string name, string deviceId)
{
string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber);
if (string.IsNullOrEmpty(normalizedPhone))
{
return null;
}
DAL.User user = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone);
if (user == null)
{
user = DAL.UserService.Register(normalizedPhone, name);
}
else
{
DAL.UserService.Instance.UpdateName(user, name);
}
DateTime syncTime = DateTime.Now - new TimeSpan(7, 0, 0, 0);
DataAccessLayer.UserService.UpdateUserLastSyncTime((int)user.Id, syncTime);
if (DAL.PhoneNumberUtils.IsDebugPhoneNumber(normalizedPhone))
{
DAL.UserService.Instance.UpdateDeviceId(user, deviceId);
DAL.UserCookie cookie = new DAL.UserCookie(user, deviceId);
return cookie;
}
this.SendSmsWithConfirmationCode(user);
return null;
}
/// <summary>
/// Reads the auth cookie and validates the user and returns the User object
/// </summary>
/// <returns></returns>
private DAL.User GetAuthenticatedUser()
{
HttpRequestMessageProperty reqMsg = OperationContext.Current.IncomingMessageProperties["httpRequest"] as HttpRequestMessageProperty;
DAL.UserCookie cookie = DAL.UserCookie.Parse((string)reqMsg.Headers[Globals.AuthTokenCookie]);
if (cookie == null || !cookie.IsValid())
{
return(null);
}
return(cookie.User);
}
public override bool Equals(object obj)
{
UserCookie otherCookie = obj as UserCookie;
if (otherCookie == null)
{
return(false);
}
if (this.User.Id == otherCookie.User.Id &&
this.DeviceId.Equals(otherCookie.DeviceId) &&
this.AuthCookie.Equals(otherCookie.AuthCookie))
{
return(true);
}
return(false);
}
/// <summary>
/// Validates the one-time password for the user
/// </summary>
/// <param name="phoneNumber"></param>
/// <param name="cookie"></param>
/// <returns></returns>
public DAL.UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random)
{
string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber);
DAL.User existingUser = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone);
if (existingUser == null)
{
throw new Exception("User not registered");
}
Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.Secret, 30, 6);
if (!oneTimePasswordValidator.Verify(oneTimePassword))
{
throw new Exception("Invalid one-time password");
}
DAL.UserService.Instance.UpdateDeviceId(existingUser, deviceId);
DAL.UserCookie cookie = new DAL.UserCookie(existingUser, deviceId);
return(cookie);
}
public static UserCookie Parse(string cookieString)
{
string[] parts = cookieString.Split(new char[] { '|' }, StringSplitOptions.RemoveEmptyEntries);
if (parts.Length != 5)
{
return(null);
}
int version;
if (!parts[0].StartsWith(UserCookie.CookieVersionPrefix) ||
!Int32.TryParse(parts[0].Substring(UserCookie.CookieVersionPrefix.Length), out version))
{
return(null);
}
if (version == 1)
{
return(UserCookie.ParseV1Cookie(parts));
}
return(null);
}
/// <summary>
/// Adds a new user.
/// </summary>
/// <param name="phoneNumber"></param>
/// <param name="name"></param>
/// <returns></returns>
public DAL.UserCookie AddUser(string phoneNumber, string name, string deviceId)
{
string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber);
if (string.IsNullOrEmpty(normalizedPhone))
{
return(null);
}
DAL.User user = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone);
if (user == null)
{
user = DAL.UserService.Register(normalizedPhone, name);
}
else
{
DAL.UserService.Instance.UpdateName(user, name);
}
DateTime syncTime = DateTime.Now - new TimeSpan(7, 0, 0, 0);
DataAccessLayer.UserService.UpdateUserLastSyncTime((int)user.Id, syncTime);
if (DAL.PhoneNumberUtils.IsDebugPhoneNumber(normalizedPhone))
{
DAL.UserService.Instance.UpdateDeviceId(user, deviceId);
DAL.UserCookie cookie = new DAL.UserCookie(user, deviceId);
return(cookie);
}
this.SendSmsWithConfirmationCode(user);
return(null);
}
/// <summary>
/// Validates the one-time password for the user
/// </summary>
/// <param name="phoneNumber"></param>
/// <param name="cookie"></param>
/// <returns></returns>
public DAL.UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random)
{
string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber);
DAL.User existingUser = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone);
if (existingUser == null)
{
throw new Exception("User not registered");
}
Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.Secret, 30, 6);
if (!oneTimePasswordValidator.Verify(oneTimePassword))
{
throw new Exception("Invalid one-time password");
}
DAL.UserService.Instance.UpdateDeviceId(existingUser, deviceId);
DAL.UserCookie cookie = new DAL.UserCookie(existingUser, deviceId);
return cookie;
}
