public API.LoginResponse Login(API.LoginRequest request)
{
// find user
var user = _db.Users.AsQueryable().FirstOrDefault(u => u.Email == request.Email);
if (null == user)
{
HistoryEntry(null, null, null, null, "Failed login for bad user {0}", request.Email);
return(new API.LoginResponse()
{
RequestId = request.RequestId, Status = (int)HttpStatusCode.Unauthorized, StatusDescription = "Username or Password is incorrect"
});
}
// only allow the admin password via the command line
if (user.Email == "admin" && !_isCommandLine)
{
HistoryEntry(null, null, null, null, "Failed login for bad user {0}", request.Email);
return(new API.LoginResponse()
{
RequestId = request.RequestId, Status = (int)HttpStatusCode.Unauthorized, StatusDescription = "Username or Password is incorrect"
});
}
// verify password
var hash = HashPassword(request.Password, user.PasswordSalt);
if (hash != user.PasswordHash)
{
HistoryEntry(null, null, null, null, "Failed login for user {0}. Bad password.", user);
return(new API.LoginResponse()
{
RequestId = request.RequestId, Status = (int)HttpStatusCode.Unauthorized, StatusDescription = "Username or Password is incorrect"
});
}
user.LastLoggedIn = DateTime.Now;
var sessionKey = new byte[8];
_rng.GetBytes(sessionKey);
var now = DateTime.UtcNow;
// create session
UserSession session = new UserSession()
{
IsCommandLine = _isCommandLine,
SessionId = Convert.ToBase64String(sessionKey),
Timeout = now.AddHours(1),
UserId = user.Id
};
var deadSessions = _db.UserSessions.DeleteMany(s => s.Timeout < now);
_db.UserSessions.InsertOne(session);
_db.History.InsertOne(HistoryEntry(user.Id, null, null, null, "User {0} logged in.", user));
return(new API.LoginResponse()
{
RequestId = request.RequestId,
SessionId = session.SessionId,
UserId = user.Id,
Name = user.Name,
Profile = user.Profile,
Permissions = user.Permissions,
Status = (int)HttpStatusCode.OK
});
}
private bool RunCommand(string[] args, CommandRunnerMongo cmd)
{
if (args.Length == 0)
{
return(false);
}
string sessionId = cmd.GetAdminSession();
Console.WriteLine("sessionId = {0}", sessionId);
CommandArgs commandArgs = new CommandArgs()
{
a = args,
response = "Not Implemented"
};
if (null == _commands)
{
_commands = new Dictionary <string, Action <CommandArgs, CommandRunnerMongo> >()
{
{ "quit", (a, c) => { a.quit = true; Console.WriteLine("Quitting..."); } },
{ "bootstrap", (a, c) => c.BootStrap() },
{ "listusers", (a, c) =>
{
var users = cmd.UserList(new API.UserListRequest()
{
RequestId = 0, SessionId = sessionId
});
foreach (var u in users.Users)
{
Console.WriteLine($"{u.Name} {u.Email} {u.IsActive} {u.LastLoggedIn} ");
}
} },
{ "adduser", (a, c) =>
{
if (a.a.Length == 4 || a.a.Length == 3)
{
string password = (a.a.Length == 3) ? string.Empty : a.a[3];
a.response = c.AddUser(new API.UserAddRequest()
{
Email = a.a[1], Name = a.a[2], Password = password, Profile = string.Empty
});
}
else
{
a.response = "Invalid command: adduser <email> <name> [<password>]";
}
} },
{ "listsessions", (a, c) => a.response = c.SessionList(new API.SessionListRequest()) },
{ "resetuserpassword", (a, c) =>
{
if (a.a.Length != 2)
{
a.response = "Invalid Command: resetuserpassword <email>";
}
else
{
a.response = c.ResetPassword(new API.UserResetPasswordRequest()
{
Email = a.a[1]
});
}
} },
{ "listallcaves", (a, c) =>
{
a.response = c.CaveList(new API.CaveListRequest()
{
SessionId = sessionId, allCaves = true
})
.Caves
.Select(cv => new { cv.Number, cv.Name, cv.LocalString })
.ToArray();
} },
{ "login", (a, c) =>
{
string email = "admin";
string password;
if (a.a.Length == 3)
{
email = a.a[1];
password = a.a[2];
}
else if (a.a.Length == 2)
{
password = a.a[1];
a.response = "Invalid Command: login <Name> <Password>";
}
else
{
password = "******";
}
var login = new API.LoginRequest()
{
Email = email,
Password = password,
RequestId = 0,
};
a.response = cmd.Login(login);
} },
{ "addcave", (a, c) =>
{
if (a.a.Length < 7)
{
a.response = "Invalid Command: addcave <Name> <Description> <Latitude> <Longitude> <Accuracy> <Altitude>";
}
else
{
a.response = c.CaveAddUpdate(new API.CaveUpdateRequest()
{
SessionId = sessionId,
Name = a.a[1],
Description = a.a[2],
LocationId = 1,
Locations = new MongoDb.CaveLocation[] {
new MongoDb.CaveLocation {
Latitude = decimal.Parse(a.a[3]),
Longitude = decimal.Parse(a.a[4]),
Accuracy = int.Parse(a.a[5]),
Altitude = int.Parse(a.a[6])
}
}
});
}
} },
{ "removecave", (a, c) =>
{
if (a.a.Length < 2)
{
a.response = "Invalid Command: removecave <cave id>";
}
else
{
a.response = c.CaveRemove(new API.CaveRemoveRequest()
{
CaveId = ObjectId.Parse(a.a[1])
});
}
} },
{ "listcaves", (a, c) =>
{
a.response =
c.CaveList(new API.CaveListRequest()
{
allCaves = false, SessionId = sessionId
})
.Caves
.Select(cv => new { cv.Number, cv.Name, cv.LocalString })
.ToArray();
} },
{ "usergetinfo", (a, c) => a.response = c.UserGetInfo(new API.UserGetInfoRequest()
{
SessionId = sessionId
}) },
{ "cleanmedia", (a, c) => a.response = c.CleanMedia(new API.CleanMediaRequest()
{
SessionId = sessionId
}) },
{ "help", (a, c) =>
{
a.response = string.Join(",", _commands.Keys);
} },
{ "http", (a, c) => {
using (var api = new CaveCacheHttp(_config, _mediaCache, _db))
{
while (true)
{
System.Threading.Thread.Sleep(250);
}
}
} }
};
}
if (_commands.TryGetValue(args[0], out var action))
{
try
{
action(commandArgs, cmd);
if (commandArgs.quit)
{
return(true);
}
DumpJson(commandArgs.response);
}
catch (Exception ex)
{
Console.WriteLine($"{ex.Message}\r\n{ex.StackTrace}");
}
}
else
{
Console.WriteLine($"No command {args[0]}");
}
return(false);
}
