public static bool isTokenValid(string token)
{
if (token.Length < 38)
{
return(false);
}
string guid = token.Substring(0, 36);
int id = Int32.Parse(token.Substring(37));
AuthToken authToken = db.AuthTokens.Find(id);
if (authToken == null)
{
return(false);
}
if (!authToken.Token.Equals(token))
{
db.Entry(authToken).Reload();
if (!authToken.Token.Equals(token))
{
return(false);
}
}
if (isExpired(authToken.ExpirationDate))
{
return(false);
}
return(true);
}
public HttpResponseMessage Login(LoginModel model)
{
if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
{
string userName = db.UserNames.Where <UserName>(a => a.userName1.Equals(model.UserName)).FirstOrDefault().userName1;
AuthToken token;
try
{
token = db.AuthTokens.Where <AuthToken>(t => t.userName.Equals(userName)).First();
//User already has a token -> update token
token.token = Guid.NewGuid().ToString() + ":" + token.authTokenID;
if (model.RememberMe)
{
token.expirationDate = DateTime.Now.AddYears(50); //Expires in 50 years
}
else
{
token.expirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
}
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
catch (InvalidOperationException ioe)
{
//Token does not already exist for the user -> create token
token = new AuthToken();
token.userName = userName;
token.token = Guid.NewGuid().ToString();
if (model.RememberMe)
{
token.expirationDate = DateTime.Now.AddYears(50); //Expires in 50 years
}
else
{
token.expirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
}
token = db.AuthTokens.Add(token);
db.SaveChanges();
string role = auth.getRoleFromUser(userName);
token.token = token.token + ":" + token.authTokenID + "," + role;
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
var response = Request.CreateResponse <string>(HttpStatusCode.OK, token.token);
return(response);
}
else
{
return(Request.CreateResponse(HttpStatusCode.Forbidden));
}
}
//POST .../api/Login
public HttpResponseMessage Post(LoginModel model)
{
if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
{
IQueryable <UserName> matchingUserNames = db.UserNames.Where <UserName>(a => a.UserName1.Equals(model.UserName));
if (matchingUserNames.Count() == 0)
{
//This is user's first Web API login; create API record
UserName userNameRecord = new UserName()
{
UserName1 = model.UserName
};
userNameRecord.UserID = (Guid)System.Web.Security.Membership.FindUsersByName(model.UserName).Cast <System.Web.Security.MembershipUser>().FirstOrDefault().ProviderUserKey;
db.UserNames.Add(userNameRecord);
db.SaveChanges();
}
string userName = db.UserNames.Where <UserName>(a => a.UserName1.Equals(model.UserName)).FirstOrDefault().UserName1;
AuthToken token;
try
{
token = db.AuthTokens.Where <AuthToken>(t => t.UserName.Equals(userName)).First();
//User already has a token -> update token
token.Token = Guid.NewGuid().ToString() + ":" + token.AuthTokenID;
token.ExpirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
catch (InvalidOperationException ioe)
{
//Token does not already exist for the user -> create token
token = new AuthToken();
token.UserName = userName;
token.Token = Guid.NewGuid().ToString();
token.ExpirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
token = db.AuthTokens.Add(token);
db.SaveChanges();
token.Token = token.Token + ":" + token.AuthTokenID;
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
var response = Request.CreateResponse <string>(HttpStatusCode.OK, token.Token);
return(response);
}
else
{
return(Request.CreateResponse(HttpStatusCode.Forbidden));
}
}
public ActionResult Edit(job job)
{
if (ModelState.IsValid)
{
db.Entry(job).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(job));
}
public ActionResult Edit(task task)
{
if (ModelState.IsValid)
{
db.Entry(task).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.taskCategoryID = new SelectList(db.taskcategories, "categoryID", "categoryName", task.taskCategoryID);
return(View(task));
}
// PUT api/DeleteHello/5
public HttpResponseMessage PutHello(int id, Hello hello)
{
if (ModelState.IsValid && id == hello.helloID)
{
db.Entry(hello).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
return(Request.CreateResponse(HttpStatusCode.OK));
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
}
public ActionResult Edit(prompt prompt)
{
if (ModelState.IsValid)
{
db.Entry(prompt).State = EntityState.Modified;
db.SaveChanges();
//return RedirectToAction("Index", prompt.taskID);
return(Redirect("/Prompt/Index/" + prompt.taskID));
}
ViewBag.taskID = new SelectList(db.tasks, "taskID", "taskName", prompt.taskID);
ViewBag.typeID = new SelectList(db.prompttypes, "typeID", "typeName", prompt.typeID);
return(View(prompt));
}
public void updateJobCoachAssignment(string assignee, string jobCoach)
{
UserName user = findUserName(assignee);
if (jobCoach == null)
{
user.UserName3 = null;
}
else
{
//UserName3 is the job coach
user.UserName3 = findUserName(jobCoach);
}
db.Entry <UserName>(user).State = System.Data.EntityState.Modified;
db.SaveChanges();
}