public async Task <IHttpActionResult> RemoveAllAdvertisementBookmark(SessionInfoObject session)
{
if (ModelState.IsValid)
{
var sessionInDb = await
db.Sessions.SingleOrDefaultAsync(QueryHelper.GetSessionObjectValidationQuery(session));
if (sessionInDb != null)
{
var user = sessionInDb.User;
var advertisementIds = user.SavedAdvertisements.Select(b => b.AdvertisementId);
foreach (var advertisementId in advertisementIds)
{
user.DeleteAdBookmark(db, advertisementId);
}
db.SaveChanges();
return(Ok());
}
return(Unauthorized());
}
return(BadRequest());
}
public async Task <IHttpActionResult> GetUserSessions(SessionInfoObject sessionInfoObj)
{
if (ModelState.IsValid)
{
Session session = await db.Sessions.Include(u => u.User).SingleOrDefaultAsync(QueryHelper.GetSessionObjectValidationQuery(sessionInfoObj));
if (session != null)
{
User user = session.User;
return(Ok(
user.Sessions.Select(q => new
{
ActivationMoment = q.ActivationMoment,
DeactivationMoment = q.DeactivationMoment,
UniqueCode = q.UniqueCode,
State = q.State
}).ToList()
));
}
return(NotFound());
}
return(BadRequest());
}
public async Task <IHttpActionResult> Active(NoncePairDto pendingSession)
{
if (ModelState.IsValid)
{
var session =
await db
.Sessions
.Where(QueryHelper.GetPendingSessionQuery(pendingSession))
.SingleOrDefaultAsync();
if (session == null)
{
return(NotFound()); //Wrong Nonce Entered
}
session.User.State = UserState.ACTIVE;
session.User.UpdatedAt = DateTime.Now;
session.ActivationMoment = DateTime.Now;
session.State = SessionState.ACTIVE;
//We add the registered phone number to user's validated phone number.
if (session.User.PhoneNumber != null)
{
var newValidator = new UserPhoneNumberValidator()
{
UserId = session.User.Id,
TargetNumber = session.User.PhoneNumber,
SecurityToken = HasherHelper.sha256_hash(pendingSession.Nonce.ToString()),
IsValidated = true,
CreatedAt = DateTime.Now,
ValidatedAt = DateTime.Now
};
db.UserPhoneNumberValidators.Add(newValidator);
}
await db.SaveChangesAsync();
SessionInfoObject sessionInfo = new SessionInfoObject()
{
SessionKey = session.SessionKey,
SessionId = session.Id
};
return(Ok(sessionInfo));
}
return(BadRequest());
}
public async Task <IHttpActionResult> GetBookmarkedAdvertisements(SessionInfoObject sessionInfoObject)
{
if (ModelState.IsValid)
{
var sessionInDb = await
db.Sessions.SingleOrDefaultAsync(QueryHelper.GetSessionObjectValidationQuery(sessionInfoObject));
if (sessionInDb != null)
{
var user = sessionInDb.User;
return(Ok(user.GetAdBookmark(db).ToList()));
}
return(Unauthorized());
}
return(BadRequest());
}
public async Task <IHttpActionResult> Verify(SessionInfoObject sessionInfo)
{
if (ModelState.IsValid)
{
var session =
await db
.Sessions
.Where(QueryHelper.GetSessionObjectValidationQuery(sessionInfo))
.SingleOrDefaultAsync();
if (session == null)
{
return(NotFound());
}
return(Ok());
}
return(BadRequest());
}
public async Task <IHttpActionResult> GetNotifications(SessionInfoObject sessionInfoObject)
{
if (ModelState.IsValid)
{
var sessionInDb = await
db.Sessions.SingleOrDefaultAsync(QueryHelper.GetSessionObjectValidationQuery(sessionInfoObject));
if (sessionInDb != null)
{
var user = sessionInDb.User;
var notifications = user.GetNotifications(db).ToList();
return(Ok(notifications));
}
return(Unauthorized());
}
return(BadRequest());
}
public async Task <IHttpActionResult> GetAdvertisements(SessionInfoObject sessionInfoObject)
{
if (ModelState.IsValid)
{
var sessionInDb = await
db.Sessions.SingleOrDefaultAsync(QueryHelper.GetSessionObjectValidationQuery(sessionInfoObject));
if (sessionInDb != null)
{
var user = sessionInDb.User;
var advertisement = db.Advertisements
.Where(QueryHelper.GetAdvertisementValidationQuery()).Where(c => c.User.Id == user.Id)
.Select(QueryHelper.GetAdvertisementQuery()).ToList();
return(Ok(advertisement));
}
return(Unauthorized());
}
return(BadRequest());
}
public async Task <IHttpActionResult> GetUserInfo(SessionInfoObject sessionInfoObject)
{
if (ModelState.IsValid)
{
Session session =
await db.Sessions.SingleOrDefaultAsync(
QueryHelper.GetSessionObjectValidationQuery(sessionInfoObject));
if (session == null)
{
return(Unauthorized());
}
User user = session.User;
var info = new
{
user.FirstName,
user.LastName,
user.Email,
user.PhoneNumber,
user.PSNId,
user.XBOXLive,
Location = new
{
ProvinceId = user.userProvinceId,
Province = user.userProvince?.Name,
CityId = user.userCityId,
City = user.userCity?.Name
}
};
return(Ok(info));
}
return(BadRequest());
}
public async Task <IHttpActionResult> Deactive(SessionInfoObject sessionInfo)
{
if (ModelState.IsValid)
{
var session =
await db
.Sessions
.Where(QueryHelper.GetSessionObjectValidationQuery(sessionInfo))
.SingleOrDefaultAsync();
if (session == null)
{
return(NotFound());
}
session.DeactivationMoment = DateTime.Now;
session.State = SessionState.DEACTIVE;
await db.SaveChangesAsync();
return(Ok());
}
return(BadRequest());
}
public static Expression <System.Func <Session, bool> > GetSessionObjectValidationQuery(SessionInfoObject sessionInfo)
{
return(s => s.SessionKey == sessionInfo.SessionKey &&
s.Id == sessionInfo.SessionId &&
s.State == SessionState.ACTIVE &&
s.User.State == UserState.ACTIVE);
}
public async Task <IHttpActionResult> Login(LoginDto loginInfo)
{
if (ModelState.IsValid)
{
User user = null;
var hashPassword = HasherHelper.sha256_hash(loginInfo.Password);
if (!string.IsNullOrEmpty(loginInfo.Email))
{
user = await db.Users.SingleOrDefaultAsync(q =>
q.Email == loginInfo.Email && q.Password == hashPassword);
}
else if (!string.IsNullOrEmpty(loginInfo.PhoneNumber))
{
user = await db.Users.SingleOrDefaultAsync(q =>
q.PhoneNumber == loginInfo.PhoneNumber && q.Password == hashPassword);
}
else
{
return(BadRequest());
}
if (user == null) //Not Registered User - Use Sign up form
{
return(NotFound());
}
switch (user.State)
{
case UserState.ACTIVE:
var sessionKey = RandomHelper.RandomString(32);
Session newSession = new Session()
{
Nonce = null,
State = SessionState.ACTIVE,
InitMoment = DateTime.Now,
ActivationMoment = DateTime.Now,
SessionKey = sessionKey,
FCMToken = loginInfo.FCMToken,
SessionPlatform = (SessionPlatform)loginInfo.SessionPlatform,
UniqueCode = loginInfo.UniqueCode,
User = user
};
db.Sessions.Add(newSession);
await db.SaveChangesAsync();
SessionInfoObject sessionIfInfoObject = new SessionInfoObject()
{
SessionKey = sessionKey,
SessionId = newSession.Id,
};
//OK
return(Ok(sessionIfInfoObject));
case UserState.PENDING: //Not confirmed user
return(Conflict());
case UserState.SUSPENDED:
return(StatusCode(HttpStatusCode.Forbidden));
case UserState.DELETED:
return(StatusCode(HttpStatusCode.Gone));
}
}
return(BadRequest());
}