/// <summary> /// Adds a new user. /// </summary> /// <param name="phoneNumber"></param> /// <param name="name"></param> /// <returns></returns> public DAL.UserCookie AddUser(string phoneNumber, string name, string deviceId) { string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber); if (string.IsNullOrEmpty(normalizedPhone)) { return null; } DAL.User user = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone); if (user == null) { user = DAL.UserService.Register(normalizedPhone, name); } else { DAL.UserService.Instance.UpdateName(user, name); } DateTime syncTime = DateTime.Now - new TimeSpan(7, 0, 0, 0); DataAccessLayer.UserService.UpdateUserLastSyncTime((int)user.Id, syncTime); if (DAL.PhoneNumberUtils.IsDebugPhoneNumber(normalizedPhone)) { DAL.UserService.Instance.UpdateDeviceId(user, deviceId); DAL.UserCookie cookie = new DAL.UserCookie(user, deviceId); return cookie; } this.SendSmsWithConfirmationCode(user); return null; }
/// <summary> /// Reads the auth cookie and validates the user and returns the User object /// </summary> /// <returns></returns> private DAL.User GetAuthenticatedUser() { HttpRequestMessageProperty reqMsg = OperationContext.Current.IncomingMessageProperties["httpRequest"] as HttpRequestMessageProperty; DAL.UserCookie cookie = DAL.UserCookie.Parse((string)reqMsg.Headers[Globals.AuthTokenCookie]); if (cookie == null || !cookie.IsValid()) { return(null); } return(cookie.User); }
public override bool Equals(object obj) { UserCookie otherCookie = obj as UserCookie; if (otherCookie == null) { return(false); } if (this.User.Id == otherCookie.User.Id && this.DeviceId.Equals(otherCookie.DeviceId) && this.AuthCookie.Equals(otherCookie.AuthCookie)) { return(true); } return(false); }
/// <summary> /// Validates the one-time password for the user /// </summary> /// <param name="phoneNumber"></param> /// <param name="cookie"></param> /// <returns></returns> public DAL.UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random) { string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber); DAL.User existingUser = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone); if (existingUser == null) { throw new Exception("User not registered"); } Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.Secret, 30, 6); if (!oneTimePasswordValidator.Verify(oneTimePassword)) { throw new Exception("Invalid one-time password"); } DAL.UserService.Instance.UpdateDeviceId(existingUser, deviceId); DAL.UserCookie cookie = new DAL.UserCookie(existingUser, deviceId); return(cookie); }
public static UserCookie Parse(string cookieString) { string[] parts = cookieString.Split(new char[] { '|' }, StringSplitOptions.RemoveEmptyEntries); if (parts.Length != 5) { return(null); } int version; if (!parts[0].StartsWith(UserCookie.CookieVersionPrefix) || !Int32.TryParse(parts[0].Substring(UserCookie.CookieVersionPrefix.Length), out version)) { return(null); } if (version == 1) { return(UserCookie.ParseV1Cookie(parts)); } return(null); }
/// <summary> /// Adds a new user. /// </summary> /// <param name="phoneNumber"></param> /// <param name="name"></param> /// <returns></returns> public DAL.UserCookie AddUser(string phoneNumber, string name, string deviceId) { string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber); if (string.IsNullOrEmpty(normalizedPhone)) { return(null); } DAL.User user = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone); if (user == null) { user = DAL.UserService.Register(normalizedPhone, name); } else { DAL.UserService.Instance.UpdateName(user, name); } DateTime syncTime = DateTime.Now - new TimeSpan(7, 0, 0, 0); DataAccessLayer.UserService.UpdateUserLastSyncTime((int)user.Id, syncTime); if (DAL.PhoneNumberUtils.IsDebugPhoneNumber(normalizedPhone)) { DAL.UserService.Instance.UpdateDeviceId(user, deviceId); DAL.UserCookie cookie = new DAL.UserCookie(user, deviceId); return(cookie); } this.SendSmsWithConfirmationCode(user); return(null); }
/// <summary> /// Validates the one-time password for the user /// </summary> /// <param name="phoneNumber"></param> /// <param name="cookie"></param> /// <returns></returns> public DAL.UserCookie ValidateUser(string phoneNumber, int oneTimePassword, string deviceId, string random) { string normalizedPhone = DAL.PhoneNumberUtils.ValidatePhoneNumber(phoneNumber); DAL.User existingUser = DAL.UserService.Instance.GetUserFromPhone(normalizedPhone); if (existingUser == null) { throw new Exception("User not registered"); } Authenticator.TOTP oneTimePasswordValidator = new Authenticator.TOTP(existingUser.Secret, 30, 6); if (!oneTimePasswordValidator.Verify(oneTimePassword)) { throw new Exception("Invalid one-time password"); } DAL.UserService.Instance.UpdateDeviceId(existingUser, deviceId); DAL.UserCookie cookie = new DAL.UserCookie(existingUser, deviceId); return cookie; }