public User AuthenticateLogin([FromBody]Tuple<string, string> usernamePassword)
{
using (var db = new VideoQuizRepository<User>())
{
var user = db.GetFirstOrDefault(u => u.UserName == usernamePassword.Item1);
//From here, we are actually being redundant to prevent timing attacks. If the user is null, the fail is already set, but we continue assuming that is not the case.
var userPassword = user == null ? PasswordAuthenticator.CreateHash("Password1") : user.Password;
var isAuthenticated = user != null;
isAuthenticated = PasswordAuthenticator.ValidatePassword(usernamePassword.Item2, userPassword) && isAuthenticated;
if (isAuthenticated)
return user;
return null;
}
}
public User Post([FromBody]User user)
{
using (var db = new VideoQuizRepository<User>())
return db.Add(user);
}
public User[] Get()
{
using (var db = new VideoQuizRepository<User>())
return db.GetAll().ToArray();
}
public User Get(int id)
{
using (var db = new VideoQuizRepository<User>())
return db.GetById(id);
}
//POST: /api/ErrorApi
public void Post(ErrorLog log)
{
using (var db = new VideoQuizRepository<ErrorLog>())
db.Add(log);
}
// GET: api/VideoApi
public IEnumerable<LessonFile> Get()
{
using (var db = new VideoQuizRepository<LessonFile>())
return db.GetAll(f => f.FileTypeName == FileType.Video.ToString()).ToArray();
}
