public override void OnActionExecuting(HttpActionContext actionContext)
{
base.OnActionExecuting(actionContext);
if (actionContext.RequestContext.Url.Request.GetQueryNameValuePairs()?.FirstOrDefault(each => each.Key == "username").Value is string usernameValue)
{
using (HomeM8Entities db = new HomeM8Entities())
{
if (HomeM8.GetUserByUsername(usernameValue, db) is Users requestedUser)
{
try
{
var decryptedContent = Security.DecryptAES(requestedUser.SharedSecret, actionContext.Request.Content.ReadAsStringAsync().Result);
actionContext.Request.Content = new StringContent(decryptedContent);
}
catch
{
actionContext.Request.Content = new StringContent(HomeM8.DecryptionFailedString);
return;
}
}
else
{
actionContext.Request.Content = new StringContent(HomeM8.UsernameNotFoundString);
return;
}
}
}
}
public HttpResponseMessage CheckUsername(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
//Thread.Sleep(3000);
#region Parameters Check
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
#endregion
#region Main Process
if (!error)
{
if (!HomeM8.UsernameValid(username))
{
responseVal = 7;
responseText = HomeM8.GetWarningString(7);
error = true;
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(JsonConvert.SerializeObject(new
{
responseVal,
responseText
}))
});
}
public async Task <HttpResponseMessage> CreateHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeName = default(string),
HomeAddress = default(string)
};
Users requesterUser = default(Users);
Homes createdHome = default(Homes);
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && string.IsNullOrWhiteSpace(parameters.HomeAddress))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeAddress));
error = true;
}
if (!error && string.IsNullOrWhiteSpace(parameters.HomeName))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeName));
error = true;
}
var minNum = 6;
var maxNum = 12;
if (!error && (parameters.HomeName.Length > maxNum || parameters.HomeName.Length < minNum))
{
responseVal = 9;
responseText = HomeM8.GetWarningString(9).Replace("#Parameter#", nameof(parameters.HomeName)).Replace("#smallnumber#", minNum.ToString()).Replace("#bignumber#", maxNum.ToString());
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (!HomeM8.HomeNameValid(parameters.HomeName))
{
responseVal = 4015;
responseText = HomeM8.GetWarningString(4015);
error = true;
}
if (!error)
{
createdHome = new Homes()
{
CurManagerUserID = requesterUser.UserID,
HomeName = parameters.HomeName,
Address = parameters.HomeAddress,
CreateDate = DateTime.Now,
Joinable = true,
State = true,
};
var hc = new HomeConnections()
{
HomeID = createdHome.HomeID,
UserID = requesterUser.UserID,
CreateDate = DateTime.Now,
State = true,
};
db.Homes.Add(createdHome);
db.HomeConnections.Add(hc);
requesterUser.CurrentHome = createdHome.HomeID;
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = responseVal == 0 ? JsonConvert.SerializeObject(new
{
responseVal,
responseText,
createdHome.HomeID
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent(requesterUser != null ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetNotifications(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = null;
Homes requestedHome = null;
var notificationsList = new[]
{
new
{
OwnerNameSurname = default(string),
NotificationMessage = default(string),
NotificationName = default(string),
NotificationCommentCount = default(string),
NotificationType = default(string),
CreateDate = default(string),
ExpectedAnswerRange = default(int)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
}
if (!error)
{
notificationsList = await db.Notifications
.Join(db.NotificationType, n => n.NotificationType, nt => nt.NotificationTypeID, (n, nt) => new { n, nt })
.Join(db.Users, main => main.n.OwnerUserID, u => u.UserID, (main, u) => new { main, u })
.Where(each => each.main.n.HomeID == parameters.HomeID)
.Select(each => new
{
OwnerNameSurname = each.u.NameSurname,
each.main.n.NotificationMessage,
each.main.nt.NotificationName,
NotificationCommentCount = "(" + db.NotificationComments.Where(each2 => each2.NotificationID == each.main.n.NotificationID).Count() + ")",
NotificationType = each.main.nt.NotificationName,
CreateDate = each.main.n.CreateDate.ToString() ?? null,
ExpectedAnswerRange = each.main.n.ExpectedAnswerRange ?? 0
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
notificationsList
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetCalendarEvents(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = null;
Homes requestedHome = null;
var requestedEvents = new[]
{
new
{
PayerName = default(string),
EventExplanation = default(string),
PaymentAmount = default(decimal),
Paid = default(bool),
ExpectedDate = default(string)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
}
if (!error)
{
requestedEvents = await db.CalendarEvents
.GroupJoin(db.Users, ce => ce.PayerUserID, u => u.UserID, (ce, u) => new { ce, u })
.SelectMany(e => e.u.DefaultIfEmpty(), (ce, u) => new { ce.ce, u })
.Where(each => each.ce.HomeID == requestedHome.HomeID)
.Select(each => new
{
PayerName = each.u.NameSurname,
each.ce.EventExplanation,
each.ce.PaymentAmount,
each.ce.Paid,
ExpectedDate = each.ce.ExpectedDate.ToString()
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
requestedEvents
}) :
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> SendRequestHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variable
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Homes requestedHome = null;
Users requesterUser = null;
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
db.ConnectionRequests.Add(new ConnectionRequests()
{
HomeID = requestedHome.HomeID,
UserID = requesterUser.UserID,
State = true,
CreateDate = DateTime.Now
});
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetHomesByName(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
Thread.Sleep(3000);
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
Substring = default(string)
};
Users requesterUser = null;
var requestedHomes = new[]
{
new
{
HomeName = default(string),
HomeManager = default(string),
PeopleCount = default(int),
HomeID = default(int),
AlreadyRequested = default(bool)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (string.IsNullOrWhiteSpace(parameters.Substring))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.Substring));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else
{
requestedHomes = await db.Homes
.Where(each => each.HomeName.Contains(parameters.Substring) && each.State)
.Select(each => new
{
each.HomeName,
HomeManager = db.Users.FirstOrDefault(user => user.UserID == each.CurManagerUserID).NameSurname,
PeopleCount = db.HomeConnections.Where(hc => hc.HomeID == each.HomeID && hc.State).Count(),
each.HomeID,
AlreadyRequested = db.ConnectionRequests.FirstOrDefault(req => req.HomeID == each.HomeID && req.UserID == requesterUser.UserID && req.State) != null
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
requestedHomes
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetAccountInfo(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string)
};
Homes currentHome = null;
Users requesterUser = null;
var accountInfo = new
{
HomeName = default(string),
HomeAddress = default(string),
ConnectedHomesInfo = new[]
{
new
{
HomeName = default(string),
HomeID = default(int)
}
}.ToList(),
HomeMembers = default(List <string>),
HomeManager = default(string),
HomeRules = default(List <string>),
HomePermissions = default(List <string>)
};
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else
{
if (requesterUser.CurrentHome != null)
{
currentHome = await db.Homes.FirstOrDefaultAsync(each => each.HomeID == requesterUser.CurrentHome);
var homeUseRules = await db.HomeUseRules.Where(each => each.HomeID == currentHome.HomeID).ToListAsync();
accountInfo = new
{
currentHome.HomeName,
HomeAddress = currentHome.Address,
ConnectedHomesInfo = await db.HomeConnections
.Join(db.Homes, hc => hc.HomeID, h => h.HomeID, (hc, h) => new { hc, h })
.Where(each => each.hc.UserID == requesterUser.UserID && each.hc.State)
.Select(each => new
{
each.h.HomeName,
each.h.HomeID
}).ToListAsync(),
HomeMembers = await db.HomeConnections
.Join(db.Users, hc => hc.UserID, u => u.UserID, (hc, u) => new { hc, u })
.Where(each => each.hc.HomeID == currentHome.HomeID && each.hc.State && each.u.State)
.Select(each => each.u.NameSurname)
.ToListAsync() ?? new List <string>(),
HomeManager = (await db.Users.FirstOrDefaultAsync(each => each.UserID == currentHome.CurManagerUserID)).NameSurname,
HomeRules = homeUseRules.Where(each => each.RuleType == 2).Select(each => each.Detail).ToList(),
HomePermissions = db.HomeUseRules.Where(each => each.RuleType == 1).Select(each => each.Detail).ToList()
};
}
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
accountInfo
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> SetNewPassword(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var cipheredParameters = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var plainParameters = new
{
NewPassword = default(string),
ValidationCode = default(int)
};
byte[] sharedSecret = null;
#endregion
#region Parameter Controls
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre", nameof(username));
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
var requestedUser = db.Users
.Join(db.ForgotPass, u => u.UserID, fp => fp.UserID, (u, fp) => new { u, fp })
.FirstOrDefault(each => each.u.Username == username && each.u.State);
if (requestedUser != null)
{
sharedSecret = requestedUser.u.SharedSecret;
#region Decryption
try
{
string plainJsonString = Security.DecryptAES(sharedSecret, cipheredParameters);
try
{
plainParameters = JsonConvert.DeserializeAnonymousType(plainJsonString, plainParameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
catch
{
responseVal = 8;
responseText = HomeM8.GetWarningString(8);
error = true;
}
#endregion
#region Plain Parameters Control
if (!error)
{
if (string.IsNullOrWhiteSpace(plainParameters.NewPassword))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.NewPassword));
error = true;
}
else
{
if (plainParameters.NewPassword.Length < 6 || plainParameters.NewPassword.Length > 12)
{
responseVal = 3009;
responseText = HomeM8.GetWarningString(3009);
error = true;
}
}
}
#endregion
if (!error)
{
if (requestedUser.fp.ValidationCode == plainParameters.ValidationCode)
{
PBKDF2 hashing = new PBKDF2();
requestedUser.u.Userpass = hashing.Compute(plainParameters.NewPassword);
requestedUser.u.Salt = hashing.Salt;
db.ForgotPass.Remove(requestedUser.fp);
await db.SaveChangesAsync();
}
else
{
responseVal = 10;
responseText = HomeM8.GetWarningString(10);
error = true;
}
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((sharedSecret != null) ? Security.EncryptAES(sharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetValidationCode(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
#region Parameter Control
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
#region Delete Older ForgotPass Requests
{
var dt = DateTime.Now.AddHours(-1);
IEnumerable <ForgotPass> deleteList = db.ForgotPass.Where(each => each.CreateDate < dt);
db.ForgotPass.RemoveRange(deleteList);
await db.SaveChangesAsync();
}
#endregion
if (db.Users.FirstOrDefault(each => each.Username == username && each.State) is Users requestedUser)
{
var ValidationCode = new Random().Next(100000, 999999);
if (db.ForgotPass.FirstOrDefault(each => each.UserID == requestedUser.UserID) is ForgotPass fRequestedUser)
{
if (fRequestedUser.AttemptCount < 3)
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
fRequestedUser.AttemptCount++;
fRequestedUser.ValidationCode = ValidationCode;
}
else
{
//sms fail
}
}
else
{
var dt = DateTime.Now.AddHours(-1);
if (fRequestedUser.CreateDate < dt)
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
fRequestedUser.ValidationCode = ValidationCode;
fRequestedUser.AttemptCount = 1;
fRequestedUser.CreateDate = DateTime.Now;
}
else
{
//sms fail
}
}
else
{
responseVal = 1008;
responseText = HomeM8.GetWarningString(1008);
error = true;
}
}
}
else
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
db.ForgotPass.Add(new ForgotPass
{
UserID = requestedUser.UserID,
ValidationCode = ValidationCode,
AttemptCount = 1,
CreateDate = DateTime.Now
});
}
else
{
//sms fail
}
}
await db.SaveChangesAsync();
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(JsonConvert.SerializeObject(new
{
responseVal,
responseText
}))
});
}
public async Task <HttpResponseMessage> Register(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
string cipheredParameters = Request.Content.ReadAsStringAsync().Result;
#region Method Specific Variables
var plainParameters = new
{
Email = default(string),
Password = default(string),
PhoneNumber = default(string),
NameSurname = default(string)
};
byte[] sharedSecret = null;
#endregion
#region Parameters Control
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(cipheredParameters))
{
responseVal = 1;
responseText = HomeM8.GetWarningString(1);
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
if (db.FromRegister.FirstOrDefault(each => each.Username == username) is FromRegister registeredUser)
{
sharedSecret = registeredUser.SharedSecret;
#region Decryption
try
{
string plainJsonString = Security.DecryptAES(registeredUser.SharedSecret, cipheredParameters);
try
{
plainParameters = JsonConvert.DeserializeAnonymousType(plainJsonString, plainParameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
catch (Exception)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(cipheredParameters));
error = true;
}
#endregion
#region Plain Parameters Control
if (!error)
{
if (string.IsNullOrWhiteSpace(plainParameters.Email) &&
string.IsNullOrWhiteSpace(plainParameters.NameSurname) &&
string.IsNullOrWhiteSpace(plainParameters.Password) &&
string.IsNullOrWhiteSpace(plainParameters.PhoneNumber))
{
responseVal = 2008;
responseText = HomeM8.GetWarningString(2008);
error = true;
}
else
{
if (!(new Regex(@"^(?("")("".+?(?<!\\)""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
@"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-0-9a-z]*[0-9a-z]*\.)+[a-z0-9][\-a-z0-9]{0,22}[a-z0-9]))$", RegexOptions.IgnoreCase)
.IsMatch(plainParameters.Email)))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.Email));
error = true;
}
else if (!HomeM8.EmailValid(plainParameters.Email))
{
responseVal = 3008;
responseText = HomeM8.GetWarningString(3008);
error = true;
}
else
{
if (plainParameters.Password.Length < 6 || plainParameters.Password.Length > 12)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.Password));
error = true;
}
else
{
if (plainParameters.PhoneNumber.Length != 10 || plainParameters.PhoneNumber[0] != '5')
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.PhoneNumber));
error = true;
}
}
}
}
}
#endregion
if (!error)
{
PBKDF2 hashing = new PBKDF2();
db.Users.Add(new Users
{
Username = username,
Userpass = hashing.Compute(plainParameters.Password),
Salt = hashing.Salt,
NameSurname = plainParameters.NameSurname,
ContactInfo = plainParameters.PhoneNumber,
Email = plainParameters.Email,
SharedSecret = sharedSecret,
AccessToken = Guid.NewGuid().ToString("N"),
Type = 2,
CreateDate = DateTime.Now,
State = true
});
db.FromRegister.Remove(db.FromRegister.FirstOrDefault(each => each.Username == username));
await db.SaveChangesAsync();
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(Security.EncryptAES(sharedSecret, JsonConvert.SerializeObject(new
{
responseVal,
responseText,
})))
});
}
public async Task <HttpResponseMessage> EstablishSharedSecret(string username, [FromBody] EstablishSharedSecretParams Parameters, bool fromRegister = false)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
#region Method Specific Variables
string serverPublicKey = default(string);
#endregion
#region Parameter Controls
if (!error)
{
if (string.IsNullOrWhiteSpace(Parameters.publicKey))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(Parameters.publicKey));
error = true;
}
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
try
{
#region Handshake
byte[] sharedSecret = null;
ECDHKeyExchange serverECDH = new ECDHKeyExchange();
serverECDH.SetClientXml(Parameters.publicKey);
sharedSecret = serverECDH.GenerateSharedSecret();
serverPublicKey = serverECDH.GetPublicKeyXmlString();
#endregion
using (HomeM8Entities db = new HomeM8Entities())
{
if (fromRegister)
{
#region Delete Older Register Requests
DateTime val = DateTime.Now.AddMinutes(-5);
IEnumerable <FromRegister> deleteList = db.FromRegister.Where(each => each.CreateDate.Value < val);
db.FromRegister.RemoveRange(deleteList);
await db.SaveChangesAsync();
#endregion
if (db.Users.FirstOrDefault(each => each.Username == username) == null)
{
if (db.FromRegister.FirstOrDefault(each => each.Username == username) is FromRegister registerUser)
{
registerUser.SharedSecret = sharedSecret;
registerUser.CreateDate = DateTime.Now;
}
else
{
if (username.Length < 4 || username.Length > 12)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
else
{
db.FromRegister.Add(new FromRegister
{
Username = username,
SharedSecret = sharedSecret,
CreateDate = DateTime.Now
});
}
}
await db.SaveChangesAsync();
}
else
{
responseVal = 7;
responseText = HomeM8.GetWarningString(7);
error = true;
}
}
else
{
if (db.Users.FirstOrDefault(each => each.Username == username & each.State) is Users requestUser)
{
requestUser.SharedSecret = sharedSecret;
await db.SaveChangesAsync();
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
}
catch (Exception e)
{
responseVal = -5;
responseText = e.Message;
error = true;
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(JsonConvert.SerializeObject(new
{
responseVal,
responseText,
ECDHPublicKeyBase64 = (responseVal == 0) ? Convert.ToBase64String(new UTF8Encoding().GetBytes(serverPublicKey)) : null,
ECDHSignedPublicKeyBase64_RSA = (responseVal == 0) ? Security.SignDataRSA(serverPublicKey) : null
})),
});
}
public async Task <HttpResponseMessage> Login(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
Users requestedUser = null;
List <int> ConnectedHomes = null;
var parameters = new
{
Password = default(string)
};
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.Password) || string.IsNullOrWhiteSpace(username))
{
responseVal = 1;
responseText = HomeM8.GetWarningString(1);
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requestedUser = db.Users.FirstOrDefault(each => each.Username == username && each.State);
if (requestedUser != null)
{
PBKDF2 hashing = new PBKDF2();
var hashedPassword = hashing.Compute(parameters.Password, requestedUser.Salt);
if (hashedPassword != requestedUser.Userpass)
{
responseVal = 5;
responseText = HomeM8.GetWarningString(5);
error = true;
}
if (!error)
{
ConnectedHomes = db.HomeConnections.Where(each => each.UserID == requestedUser.UserID).Select(each => each.HomeID).ToList();
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
nameSurname = requestedUser.NameSurname,
accessToken = requestedUser.AccessToken,
ConnectedHomes,
requestedUser.CurrentHome,
userType = requestedUser.Type //Düzenle
}) :
JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requestedUser != null) ? Security.EncryptAES(requestedUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> LeaveHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variable
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = default(Users);
Homes requestedHome = default(Homes);
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
if (!error)
{
var hc = db.HomeConnections.FirstOrDefault(connection => connection.HomeID == requestedHome.HomeID && connection.UserID == requesterUser.UserID);
db.HomeConnections.Remove(hc);
if (db.HomeConnections.Where(connection => connection.HomeID == requestedHome.HomeID).Count() == 1)
{
db.Homes.Remove(requestedHome);
}
requesterUser.CurrentHome = db.HomeConnections.FirstOrDefault(connection => connection.UserID == requesterUser.UserID).HomeID;
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
