/// <summary>
/// POST api/CustomLogin HTTP request handler
/// </summary>
public HttpResponseMessage Post(LoginRequest Request)
{
// Use local database context for testing local to service
//alltheairgeadmobileContext context = new alltheairgeadmobileContext();
// Setup the connection to the remote database
alltheairgeadContext context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
try
{
// Look for an account with the provided details
UserProfile account = context.UserProfiles.Where(a => a.Email == Request.Email).SingleOrDefault();
if (account != null)
{
// Store membership data from database in a webpages_Membership
webpages_Membership membership = context.Memberships.Where(a => a.UserId == account.UserId).SingleOrDefault();
// Attempt to verify the supplied password
if (Crypto.VerifyHashedPassword(membership.Password, Request.Password))
{
// Generate authentication token
ClaimsIdentity claimsIdentity = new ClaimsIdentity();
claimsIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, Request.Email));
LoginResult loginResult = new CustomLoginProvider(handler).CreateLoginResult(claimsIdentity, Services.Settings.MasterKey);
return(this.Request.CreateResponse(HttpStatusCode.OK, loginResult));
}
}
// If an account could not be found with the username, return an unautherized response
return(this.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid username or password"));
}
catch
{
return(this.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid username or password"));
}
}
/// <summary>
/// POST api/CustomRegistration
/// </summary>
public HttpResponseMessage Post(RegistrationRequest Request)
{
// Validate the email format
if (!EmailValidator.Validate(Request.Email, true))
{
return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid email format"));
}
// Validate the password
else if (Request.Password.Length < 6)
{
return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid password (at least 8 chars required)"));
}
// Use local database context for testing local to service
//alltheairgeadmobileContext context = new alltheairgeadmobileContext();
// Setup the database connection to the remote server
alltheairgeadContext context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
// Check that the account doesn't already exist
UserProfile account = context.UserProfiles.Where(a => a.Email == Request.Email).SingleOrDefault();
if (account != null)
{
return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Email already exists"));
}
// Otherwise create a new account
else
{
// Build new account from provided email.
UserProfile newAccount = new UserProfile
{
Email = Request.Email
};
// Add the email to the userprofiles table
context.UserProfiles.Add(newAccount);
context.SaveChanges();
// Get autogenerated UserId to use.
newAccount = context.UserProfiles.Where(a => a.Email == Request.Email).SingleOrDefault();
// Build a new membership item for the webpages_Membershup table
webpages_Membership newMembership = new webpages_Membership
{
UserId = newAccount.UserId,
CreateDate = DateTime.Now,
IsConfirmed = true,
LastPasswordFailureDate = null,
PasswordFailuresSinceLastSuccess = 0,
Password = Crypto.HashPassword(Request.Password),
PasswordChangedDate = null,
PasswordSalt = "blank",
PasswordVerificationToken = null,
PasswordVerificationTokenExpirationDate = null
};
// Add to the table
context.Memberships.Add(newMembership);
context.SaveChanges();
// Return the successful response
return(this.Request.CreateResponse(HttpStatusCode.Created));
}
}
// Initialize the table controller to accept HTTP requests
protected override void Initialize(HttpControllerContext controllerContext)
{
base.Initialize(controllerContext);
// Setup the connection to the database
alltheairgeadContext context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
// set DomainManger to the new one that we created
DomainManager = new SimpleMappedEntityDomainManager <CategoryDto, Catagory>(
context,
Request,
Services,
Category => Category.CategoryName);
}
/// <summary>
/// Initialize the table controller
/// </summary>
protected override void Initialize(HttpControllerContext controllerContext)
{
base.Initialize(controllerContext);
//modify the context to use the constructor that will take a connection string - stored in web.config
alltheairgeadContext context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
// set DomainManger to a new one that we created
DomainManager = new SimpleMappedEntityDomainManager <ExpenseDto, Expense>(
context,
Request,
Services,
Expense => Expense.ExpenseId);
}
/// <summary>
/// Get the email from the current user structure
/// </summary>
private UserProfile ValidateUser(ServiceUser CurrentUser)
{
try
{
// Extract email from user
string Email = CurrentUser.Id.Substring(CurrentUser.Id.IndexOf(':') + 1);
// Get the UserId from UserProfiles table
alltheairgeadContext context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
return(context.UserProfiles.Where(a => a.Email == Email).SingleOrDefault());
}
catch
{
throw new HttpResponseException(System.Net.HttpStatusCode.Unauthorized);
}
}
/// <summary>
/// GET api/EmailCheck Checks that an email doesn't already exist
/// </summary>
/// <param name="Email"></param>
/// <returns></returns>
public HttpResponseMessage Get(string Email)
{
alltheairgeadContext Context = new alltheairgeadContext(Services.Settings["ExistingDbConnectionString"]);
try
{
// Check for email and return a response based on whether it exists already or not
if (Context.UserProfiles.Where(a => a.Email == Email).Any())
{
return(this.Request.CreateResponse(HttpStatusCode.Found, "Email already exists"));
}
else
{
return(this.Request.CreateResponse(HttpStatusCode.OK));
}
}
catch
{
// Return an error response if something goes wrong
return(this.Request.CreateBadRequestResponse());
}
}
