// POST /api/<controller> public Authorization Post(Login value) { Security s=new Security(); Authorization a = s.AuthorizeCustomer(value); if (a == null) throw new HttpResponseException("Invalid credentials", System.Net.HttpStatusCode.Forbidden); return a; }
public Authorization AuthorizeCustomer(Login l) { ICustomerRepository repo = Models.RepoFactory.GetCustomerRepo(); Customer c=null; if (!l.EmailAddress.Equals("")) { c = repo.GetWithEmailAddress(l.EmailAddress); if (c == null) return null; if (!l.Password.ToUpper().Equals(c.Password.ToUpper())) return null; } else { Facebook.FacebookClient fb = new Facebook.FacebookClient(); c = repo.GetWithFacebookID(l.FacebookID); if (c == null) return null; fb.AccessToken = l.FacebookToken; try { dynamic me = fb.Get("me"); if (me == null || me.first_name.Equals("")) return null; } catch (Exception e) { return null; } c.FacebookAccessToken = l.FacebookToken; repo.Update(c); // store the newest Facebook access token since it may have changed } Authorization a = new Authorization("test" + System.DateTime.Now.Ticks.ToString()); a.CustomerID = c.ID; a.EmailAddress = c.EmailAddress; a.Type = c.Type; IAuthorizationRepository authRepo = new AuthorizationRepository(); authRepo.Add(a); // store the auth token in the repo return a; }