protected override void Initialize(HttpControllerContext controllerContext) { base.Initialize(controllerContext); dev_sbpcoveragetoolContext context = new dev_sbpcoveragetoolContext(); DomainManager = new EntityDomainManager <DiscrepancyType>(context, Request); }
protected override void Initialize(HttpControllerContext controllerContext) { base.Initialize(controllerContext); dev_sbpcoveragetoolContext context = new dev_sbpcoveragetoolContext(); DomainManager = new EntityDomainManager <TestPointAttempt>(context, Request); }
public CustomLoginController() { _context = new dev_sbpcoveragetoolContext(); _signingKey = Environment.GetEnvironmentVariable("WEBSITE_AUTH_SIGNING_KEY") ?? "devSigningKey123devSigningKey123devSigningKey123devSigningKey123devSigningKey123devSigningKey123devSigningKey123"; var website = Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME") ?? "localhost"; _audience = $"https://{website}/"; _issuer = $"https://{website}/"; }
// POST api/CustomLogin public IHttpActionResult Post([FromBody] LoginRequest loginRequest) { if (loginRequest == null || loginRequest.Username == null || loginRequest.Password == null || loginRequest.Username.Length == 0 || loginRequest.Password.Length == 0) { return(BadRequest());; } // TODO: This should also contain a brute-force detection strategy. // TODO: Inject this in the constructor var context = new dev_sbpcoveragetoolContext(); // Check to see that the user exists var account = context.Accounts.Where(a => a.Username == loginRequest.Username).OrderBy(a => a.CreatedAt).FirstOrDefault(); if (account == null) { return(Unauthorized()); } var incoming = CustomLoginProviderUtils.Hash(loginRequest.Password, account.Salt); if (!CustomLoginProviderUtils.SlowEquals(incoming, account.SaltedAndHashedPassword)) { return(Unauthorized()); } var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, loginRequest.Username), new Claim(JwtRegisteredClaimNames.Exp, TimeSpan.FromDays(30).ToString()), new Claim(JwtRegisteredClaimNames.Email, account.Email), new Claim(JwtRegisteredClaimNames.GivenName, account.FirstName), new Claim(JwtRegisteredClaimNames.FamilyName, account.LastName) }; var token = AppServiceLoginHandler.CreateToken( claims, _signingKey, _audience, _issuer, TimeSpan.FromDays(30)); return(Ok(new LoginResult() { AuthenticationToken = token.RawData, User = new LoginResultUser { UserId = loginRequest.Username } })); }
protected override void Initialize(HttpControllerContext controllerContext) { base.Initialize(controllerContext); _context = new dev_sbpcoveragetoolContext(); }