/// <summary>
/// Returns true if this is a valid token. Removes token and returns false if the token is invalid or outdated.
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
static bool ValidateAuthToken(SystemUserTokenKey token)
{
if (token == null) {
return false;
}
// TODO: Check if token should expire (to old for reuse)?
TimeSpan ts = new TimeSpan(DateTime.UtcNow.Ticks - token.LastUsed.Ticks);
if (token.User == null || ts.TotalDays > 7) {
Db.Transact(() => {
DeleteToken(token);
});
return false;
}
return true;
}
/// <summary>
/// Removes SystemUserTokenKey and all assosiated SystemUserSessions
/// </summary>
/// <param name="Token">Instance of SystemUserTokenKey to remove</param>
private static void DeleteToken(SystemUserTokenKey Token)
{
QueryResultRows<SystemUserSession> sessions = Db.SQL<SystemUserSession>("SELECT o FROM Simplified.Ring5.SystemUserSession o WHERE o.Token=?", Token);
foreach (var session in sessions) {
session.Delete();
}
Token.Delete();
}
/// <summary>
/// Signs in user by Username and Password
/// </summary>
/// <param name="Username">Username</param>
/// <param name="Password">Password</param>
/// <returns>Newly created SystemUserSession or null if authentication failed</returns>
public static SystemUserSession SignInSystemUser(string Username, string Password)
{
string hashedPassword;
SystemUser systemUser = Db.SQL<SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username = ?", Username).First;
if (systemUser == null) {
return null;
}
GeneratePasswordHash(Username.ToLower(), Password, systemUser.PasswordSalt, out hashedPassword);
if (systemUser.Password != hashedPassword) {
return null;
}
SystemUserSession userSession = null;
Db.Transact(() => {
SystemUserTokenKey token = new SystemUserTokenKey();
token.Created = token.LastUsed = DateTime.UtcNow;
token.Token = CreateAuthToken(systemUser.Username);
token.User = systemUser;
userSession = AssureSystemUserSession(token);
});
return userSession;
}
/// <summary>
/// Checks existing or creates new SystemUserSession per tooken
/// </summary>
/// <param name="Token">Instance of SystemUserTokenKey</param>
/// <returns>SystemUserSession assosiated with provided token</returns>
private static SystemUserSession AssureSystemUserSession(SystemUserTokenKey Token)
{
SystemUserSession userSession = null;
Db.Transact(() => {
userSession = Db.SQL<SystemUserSession>("SELECT o FROM Simplified.Ring5.SystemUserSession o WHERE o.SessionIdString=?", Session.Current.SessionIdString).First;
if (userSession == null) {
userSession = new SystemUserSession();
userSession.Created = DateTime.UtcNow;
userSession.SessionIdString = Session.Current.SessionIdString;
}
userSession.Token = Token;
userSession.Touched = DateTime.UtcNow;
});
return userSession;
}
/// <summary>
/// Signs in SystemUser without checking password
/// </summary>
/// <param name="systemUser">Instance of SystemUser to sign in</param>
/// <returns>Newly created SystemUserSession</returns>
public static SystemUserSession SignInSystemUser(SystemUser systemUser)
{
if (systemUser == null) {
return null;
}
SystemUserSession userSession = null;
Db.Transact(() => {
SystemUserTokenKey token = new SystemUserTokenKey();
token.Created = token.LastUsed = DateTime.UtcNow;
token.Token = CreateAuthToken(systemUser.Username);
token.User = systemUser;
userSession = AssureSystemUserSession(token);
});
return userSession;
}