private TcpMessage HandleInsertRelation(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType(TcpRequestType.InsertRelation))
{
return(null);
}
if (!IsAuthenticated(host))
{
throw AuthException.NotLoggedIn();
}
var request = new ObjectTcpMessage <DbRelation>(message);
var response = new ObjectTcpMessage <DbRelation>(TcpRequestType.List);
var relation = request.Item;
if (relation != null)
{
_dataService.Insert(relation);
response.Add(relation); // Send the item back to report assigned Id
}
return(response);
}
public override void Insert(DbItem item)
{
if (!IsAuthenticated)
{
throw AuthException.NotLoggedIn();
}
_dataService.Insert(item);
}
private TcpMessage HandleLoginRequest(TcpConnectedHost host, TcpMessage message)
{
if (!message.HasType("loginbasic"))
{
return(null);
}
var request = new ParamTcpMessage(message);
var username = request.GetParam("username");
var password = request.GetParam("password");
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
var userItem = _dataService.GetItemByRelation(UsersParentId, username);
if (userItem == null)
{
if (!AutoRegisterUsers)
{
return(TcpMessage.Error("User not found. Automatic registering of users is currently disabled."));
}
// Register
userItem = new DbItem(username);
_dataService.Insert(userItem);
_dataService.Insert(new DbRelation(UsersParentId, username, userItem.Id));
var saltItem = new DbItem(HashHelper.CreateSaltString(10));
_dataService.Insert(saltItem);
_dataService.Insert(new DbRelation(userItem.Id, "salt", saltItem.Id));
var passwordItem = new DbItem(HashHelper.GenerateSaltedHash(password, saltItem.Value));
_dataService.Insert(passwordItem);
_dataService.Insert(new DbRelation(userItem.Id, "password", passwordItem.Id));
}
else
{
// Login
var saltItem = _dataService.GetItemByRelation(userItem.Id, "salt");
var passwordItem = _dataService.GetItemByRelation(userItem.Id, "password");
if (saltItem == null || saltItem.Value == null || passwordItem == null || passwordItem.Value == null || !HashHelper.ConfirmPassword(passwordItem.Value, password, saltItem.Value))
{
return(TcpMessage.Error("Login failed. Wrong password."));
}
}
_hostUsers[host] = userItem;
var response = new ObjectTcpMessage <DbItem>(TcpRequestType.Ok);
response.Add(userItem);
return(response);
}
return(TcpMessage.Error("Missing or badly formatted login parameters"));
}