Exemple #1
0
        public SecureModule() : base("api/secure")
        {
            this.RequiresAuthentication();


            Get("/", args =>
            {
                //Context.CurrentUser foi definido pela StatelessAuthentication no pipeline
                var identity = this.Context.CurrentUser;

                //Retornar as informações seguras em uma resposta json
                var userModel = new UserModel(identity.Identity.Name);
                return(this.Response.AsJson(new
                {
                    SecureContent = "Aqui está um conteúdo seguro que você só pode ver se você fornecer uma chave correta api",
                    User = userModel
                }));
            });

            Post("/Usuario/Novo", args =>
            {
                Tuple <string, string> user = UserDatabase.CreateUser(this.Context.Request.Form["username"], this.Context.Request.Form["password"]);
                return(this.Response.AsJson(new { username = user.Item1 }));
            });
        }
Exemple #2
0
        public Auth() : base("auth")
        {
            // post route with custom headers
            Post("/custom", (args) => {
                Console.WriteLine(args);
                Console.WriteLine(this.Request.Headers.Authorization);

                string xToken = this.Request.Headers["x-token"].FirstOrDefault();
                string xKey   = this.Request.Headers["x-key"].FirstOrDefault();

                var xAuth = this.BindTo(
                    new
                {
                    XToken = xToken,
                    XKey   = xKey
                }
                    );

                return(Response.AsJson(xAuth)
                       .WithHeader("Foo", "Bar"));
            });

            Post("/create_user", args =>
            {
                Tuple <string, string> user = UserDatabase.CreateUser(this.Context.Request.Form["username"], this.Context.Request.Form["password"]);
                return(this.Response.AsJson(new { username = user.Item1 }));
            });

            // The Post["/login"] method is used mainly to fetch the api key for subsequent calls
            Post("/login", args =>
            {
                var apiKey = UserDatabase.ValidateUser(
                    (string)this.Request.Form.Username,
                    (string)this.Request.Form.Password);

                return(string.IsNullOrEmpty(apiKey)
                    ? new Response {
                    StatusCode = HttpStatusCode.Unauthorized
                }
                    : this.Response.AsJson(new { ApiKey = apiKey }));
            });

            //do something to destroy the api key, maybe?
            Delete("/delete/{userId}", args =>
            {
                var apiKey = (string)this.Request.Form.ApiKey;
                UserDatabase.RemoveApiKey(apiKey);
                return(new Response {
                    StatusCode = HttpStatusCode.OK
                });
            });
        }
Exemple #3
0
 public UserInfoDTO RegisterUser(UserDTO userDTO)
 {
     if (userDatabase.IsUserExists(userDTO.Email))
     {
         throw new UserIsAlreadyExists();
     }
     else
     {
         userDTO.HashPassword = PasswordHelper.HashPassword(userDTO.Password);
         UserInfoDTO addedUser = userDatabase.CreateUser(userDTO);
         return(addedUser);
     }
 }
Exemple #4
0
        //by this time, the api key should have already been pulled out of our querystring
        //and, using the api key, an identity assigned to our NancyContext
        public SecureModule() : base("secure")
        {
            this.RequiresAuthentication();

            Get("/", args =>
            {
                //Context.CurrentUser was set by StatelessAuthentication earlier in the pipeline
                var identity = this.Context.CurrentUser;

                //return the secure information in a json response
                var userModel = new User(identity.Identity.Name);
                return(this.Response.AsJson(new
                {
                    SecureContent = "here's some secure content that you can only see if you provide a correct apiKey",
                    User = userModel
                }));
            });

            Post("/create_user", args =>
            {
                Tuple <string, string> user = UserDatabase.CreateUser(this.Context.Request.Form["username"], this.Context.Request.Form["password"]);
                return(this.Response.AsJson(new { username = user.Item1 }));
            });
        }