protected override void Initialize(HttpControllerContext controllerContext) { base.Initialize(controllerContext); myanmarticketContext context = new myanmarticketContext(); DomainManager = new EntityDomainManager <Booking>(context, Request, Services); }
// POST api/CustomLogin public HttpResponseMessage Post(LoginRequest loginRequest) { myanmarticketContext context = new myanmarticketContext(); Account account = context.Accounts.Where(a => a.Email == loginRequest.email).SingleOrDefault(); if (account != null) { byte[] incoming = CustomLoginProviderUtils.hash(loginRequest.password, account.Salt); if (CustomLoginProviderUtils.slowEquals(incoming, account.SaltedAndHashedPassword)) { ClaimsIdentity claimsIdentity = new ClaimsIdentity(); claimsIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, loginRequest.email)); LoginResult loginResult = new CustomLoginProvider(handler).CreateLoginResult(claimsIdentity, Services.Settings.MasterKey); return(this.Request.CreateResponse(HttpStatusCode.OK, loginResult)); } } return(this.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid email or password")); }
// POST api/CustomRegistration public HttpResponseMessage Post(RegistrationRequest registrationRequest) { if (!RegexUtilities.IsValidUserName(registrationRequest.username)) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid username (at least 4 chars, alphanumeric only)")); } else if (!RegexUtilities.IsValidEmail(registrationRequest.email)) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid email")); } else if (registrationRequest.password.Length < 8) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid password (at least 8 chars required)")); } myanmarticketContext context = new myanmarticketContext(); Account account = context.Accounts.Where(a => a.Email == registrationRequest.email).SingleOrDefault(); if (account != null) { return(this.Request.CreateResponse(HttpStatusCode.BadRequest, "Email already exists")); } else { byte[] salt = CustomLoginProviderUtils.generateSalt(); Account newAccount = new Account { Id = Guid.NewGuid().ToString(), Email = registrationRequest.email, Username = registrationRequest.username, Phone = registrationRequest.phone, Salt = salt, SaltedAndHashedPassword = CustomLoginProviderUtils.hash(registrationRequest.password, salt) }; context.Accounts.Add(newAccount); context.SaveChanges(); return(this.Request.CreateResponse(HttpStatusCode.Created)); } }