public async Task <IActionResult> RawData(string type)
{
string userId = this.User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
if (userId != null)
{
if (quser == null)
{
QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
}
else
{
QuantApp.Kernel.User.ContextUser = quser.ToUserData();
}
}
else
{
QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
}
M m = M.Base(type);
var res = m.RawEntries();
QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
return(Ok(res));
}
public async Task <IActionResult> Data(string type)
{
string userId = this.User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
if (quser == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User.ContextUser = quser.ToUserData();
// if (userId != null)
// {
// if(quser == null)
// QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
// else
// QuantApp.Kernel.User.ContextUser = quser.ToUserData();
// }
// else
// QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
M m = M.Base(type);
var res = m.KeyValues();
QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
return(Ok(res));
}
public async Task <IActionResult> Save(string type)
{
string userId = this.User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
if (quser == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User.ContextUser = quser.ToUserData();
M m = M.Base(type);
m.Save();
QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData();
return(Ok(new { Result = "saved" }));
}
public async Task <ActionResult> Register([FromBody] SecureRegisterViewModel model)
{
if (ModelState.IsValid)
{
string id = "QuantAppSecure_" + model.Email.ToLower().Replace('@', '.').Replace(':', '.');
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id);
if (quser == null)
{
var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure");
user.FirstName = model.FirstName;
user.LastName = model.LastName;
user.Email = model.Email.ToLower();
string profile = model.GroupID;
user.TenantName = id;
user.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(model.Password);
if (model.Secret != null)
{
if (_secrets.ContainsKey(model.Secret))
{
user.Secret = _secrets[model.Secret];
}
}
var sessionKey = System.Guid.NewGuid().ToString();
sessionKeys.TryAdd(sessionKey, user.Secret);
revSessionKeys.TryAdd(user.Secret, sessionKey);
Response.Cookies.Append("coflows", sessionKey, new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
var claims = new[]
{
new Claim(ClaimTypes.Email, user.Email)
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "coflows-ce",
audience: "coflows-ce",
claims: claims,
expires: DateTime.Now.AddDays(10),
signingCredentials: creds);
quser = QuantApp.Kernel.User.FindUser(id);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public");
group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
QuantApp.Kernel.Group gp = Group.FindGroup(profile);
if (gp != null)
{
gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
}
return(Ok(new
{
User = quser.ToUserData(),
token = new JwtSecurityTokenHandler().WriteToken(token),
Secret = quser.Secret,
Session = sessionKey
}));
}
else
{
return(BadRequest(new { Value = false, ID = "Email is already in use..." }));
}
}
string messages = string.Join("<br\\> ", ModelState.Values
.SelectMany(x => x.Errors)
.Select(x => x.ErrorMessage));
return(Ok(new { Value = false, ID = messages }));
}
public async Task <ActionResult> Login([FromBody] SecureLogOnViewModel model)
{
string id = null;
QuantApp.Kernel.User user = null;
bool secretLogin = false;
if (model.Username != null)
{
id = "QuantAppSecure_" + model.Username.ToLower().Replace('@', '.').Replace(':', '.');
user = QuantApp.Kernel.User.FindUser(id);
}
else if (model.Code != null)
{
user = QuantApp.Kernel.User.FindUserBySecret(model.Code);
if (user != null)
{
id = user.ID;
secretLogin = true;
}
}
else
{
return(BadRequest(new { Data = "Could not verify user" }));
}
var group = QuantApp.Kernel.Group.FindGroup(model.GroupID);
var permission = user == null ? QuantApp.Kernel.AccessType.Denied : group == null ? QuantApp.Kernel.AccessType.Read : group.Permission(null, user);
if (user != null && permission != QuantApp.Kernel.AccessType.Denied && (secretLogin ? true : user.VerifyPassword(model.Password)))
{
var remoteIpAddress = Request.HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress;
string ip = remoteIpAddress.ToString();
if (ip.Contains(":"))
{
ip = ip.Substring(ip.LastIndexOf(":") + 1);
}
//string ip = (Request.ServerVariables["HTTP_X_FORWARDED_FOR"] ?? Request.ServerVariables["REMOTE_ADDR"]).Split(',')[0].Trim();
UserRepository.AddLoginStamp(id, DateTime.UtcNow, ip);
var claims = new[]
{
new Claim(ClaimTypes.Email, user.Email)
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "coflows-ce",
audience: "coflows-ce",
claims: claims,
expires: DateTime.Now.AddDays(10),
signingCredentials: creds);
if (String.IsNullOrEmpty(user.Secret))
{
var secret_key = QuantApp.Engine.Code.GetMd5Hash(user.ID);
user.Secret = secret_key;
}
var sessionKey = System.Guid.NewGuid().ToString();
sessionKeys[sessionKey] = user.Secret;
revSessionKeys[user.Secret] = sessionKey;
Response.Cookies.Append("coflows", sessionKey, new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
return(Ok(new
{
User = user.ToUserData(),
token = new JwtSecurityTokenHandler().WriteToken(token),
Secret = user.Secret,
Session = sessionKey
}));
}
return(BadRequest(new { Data = "Could not verify user" }));
}
public async Task Invoke(HttpContext context)
{
try
{
if (!context.WebSockets.IsWebSocketRequest)
{
try
{
await _next.Invoke(context);
}
catch {}
return;
}
QuantApp.Kernel.User quser = null;
string cokey = context.Request.Cookies["coflows"];
if (cokey == null && context.Request.Query.ContainsKey("_session"))
{
cokey = context.Request.Query["_session"];
}
if (!context.User.Identity.IsAuthenticated)
{
if (cokey != null)
{
if (CoFlows.Server.Controllers.AccountController.sessionKeys.ContainsKey(cokey))
{
quser = QuantApp.Kernel.User.FindUserBySecret(CoFlows.Server.Controllers.AccountController.sessionKeys[cokey]);
if (quser == null)
{
await _next.Invoke(context);
return;
}
}
else
{
await _next.Invoke(context);
return;
}
}
else
{
await _next.Invoke(context);
return;
}
}
var queryString = context.Request.QueryString;
var path = context.Request.Path.ToString() + queryString;
var headers = new List <KeyValuePair <string, string> >();
foreach (var head in context.Request.Headers)
{
foreach (var val in head.Value)
{
try
{
headers.Add(new KeyValuePair <string, string>(head.Key, val.Replace("%7C", "|")));
}
catch {}
}
}
var socket = await context.WebSockets.AcceptWebSocketAsync();
var id = _socketManager.AddSocket(socket);
var address = context.Connection.RemoteIpAddress;
if (path.StartsWith("/lab/"))
{
var wid = path.Replace("/lab/", "");
wid = wid.Substring(0, wid.IndexOf("/"));
int labPort = CoFlows.Server.Controllers.LabController.LabDB[cokey + wid];
var client = ProxyConnection.Client(socket, path);
client.Connect("ws://localhost:" + labPort, headers);
var _socket = client.ClientWebSocket;
_proxies.TryAdd(socket.GetHashCode() + path, client);
}
if (WebSocketListner.registered_address.ContainsKey(id))
{
WebSocketListner.registered_address[id] = address;
}
else
{
WebSocketListner.registered_address.TryAdd(id, address);
}
if (WebSocketListner.registered_sockets.ContainsKey(id))
{
WebSocketListner.registered_sockets[id] = socket;
}
else
{
WebSocketListner.registered_sockets.TryAdd(id, socket);
}
await Receive(socket, async (result, length, buffer) =>
{
if (quser != null)
{
QuantApp.Kernel.User.ContextUser = quser.ToUserData();
}
if (result.MessageType == WebSocketMessageType.Close)
{
await _socketManager.RemoveSocket(id);
QuantApp.Kernel.User.ContextUser = new UserData();
return;
}
else if (result.MessageType == WebSocketMessageType.Text)
{
string userMessage = Encoding.UTF8.GetString(buffer, 0, length);
WebSocketListner.appServer_NewMessageReceived(socket, userMessage, path, headers);
QuantApp.Kernel.User.ContextUser = new UserData();
return;
}
else
{
Console.WriteLine("REC BIN1: " + result.MessageType);
}
QuantApp.Kernel.User.ContextUser = new UserData();
});
}
catch (Exception e)
{
Console.WriteLine("Invoke " + e);
Console.WriteLine(e.StackTrace);
}
}
public async Task <ActionResult> WhoAmI()
{
var userId = User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
bool loggedin = false;
string uid = "";
string username = "";
string firstname = "";
string lastname = "";
string email = "";
string metadata = "";
string secret = "";
if (quser != null)
{
List <object> groups_serialized = new List <object>();
loggedin = true;
uid = quser.ID;
username = quser.FirstName + " " + quser.LastName;
firstname = quser.FirstName;
lastname = quser.LastName;
email = quser.Email;
metadata = quser.MetaData;
secret = quser.Secret;
if (!revSessionKeys.ContainsKey(secret))
{
var session = System.Guid.NewGuid().ToString();
sessionKeys.TryAdd(session, secret);
revSessionKeys.TryAdd(secret, session);
}
Response.Cookies.Append("coflows", revSessionKeys.ContainsKey(secret) ? revSessionKeys[secret] : "", new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
return(Ok(new
{
Loggedin = loggedin,
User = quser.ToUserData(),
Secret = secret,
Session = revSessionKeys.ContainsKey(secret) ? revSessionKeys[secret] : ""
}));
}
else
{
return(BadRequest("User not logged in"));
}
}
