public async Task <IActionResult> Login([FromBody, Bind("ListIdentifier", "Keyword")] AuthorizationModel auth)
{
if (!auth.Validate())
{
return(BadRequest(ErrorModel.BadRequest()));
}
auth.LowerIdentifier();
var list = db.Lists.FirstOrDefault(l => l.Identifier == auth.ListIdentifier);
if (list == null)
{
return(Unauthorized());
}
if (!keywordAccess.ValidateLogin(list, auth.Keyword))
{
return(Unauthorized());
}
var claims = new List <Claim>
{
new Claim(ExtendedClaimTypes.ListIdentifier, list.Identifier),
new Claim(ExtendedClaimTypes.ListGUID, list.GUID.ToString()),
};
var identity = new ClaimsIdentity(claims, "login");
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(principal);
return(Ok());
}
public async Task <IActionResult> CreateList(
[FromBody, Bind("Listidentifier", "Keyword")] AuthorizationModel listAuth)
{
if (!listAuth.Validate())
{
return(BadRequest(ErrorModel.BadRequest()));
}
listAuth.LowerIdentifier();
if (db.Lists.FirstOrDefault(l => l.Identifier == listAuth.ListIdentifier) != null)
{
return(BadRequest(ErrorModel.AlreadyExists()));
}
var list = new List(listAuth.ListIdentifier, listAuth.Keyword);
var masterKey = SecureRandom.GenerateMasterKey(32);
list.MasterKeyHash = Hashing.CreatePasswordHash(masterKey);
await db.Lists.AddAsync(list);
await db.SaveChangesAsync();
var outList = new ListCreated(list, masterKey);
return(Created("list", outList));
}