/// <summary>
/// Returns auth token for the validated user.
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
private HttpResponseMessage GetAuthToken(BasicAuthenticationIdentity userId)
{
LoginResponseObject obj = new LoginResponseObject();
CustomerAPI objCus = new CustomerAPI();
objCus.EmailAddress = userId.UserName;
objCus.UserType = userId.UserType;
var token = _tokenServices.GenerateToken(objCus);
obj.Authorized = "Authorized:";
obj.access_token = token;
obj.userName = userId.UserName.ToString();
//obj.expiration = token.ExpiresOn.ToLongDateString();
obj.userData.email = userId.UserId.ToString();
// obj.userData.id = userId.ToString();
var response = Request.CreateResponse(HttpStatusCode.OK, obj);
response.Headers.Add("Token", token.AuthToken);
response.Headers.Add("UserID", userId.UserId.ToString());
// response.Headers.Add("TokenExpiry", ConfigurationManager.AppSettings["AuthTokenExpiry"]);
response.Headers.Add("Access-Control-Expose-Headers", "Token,TokenExpiry");
response.Content.Headers.Add("access_token", token.AuthToken);
//response.Content.Headers.Add("userName", userId.ToString());
var session = HttpContext.Current.Session;
//if(session!=null)
//{
// if(session["AuthUser"]==null)
// {
// session["AuthUser"] = token;
// }
//}
return(response);
}
public void OnAuthorization(AuthorizationFilterContext context)
{
string authHeader = context.HttpContext.Request.Headers["Authorization"];
if (authHeader == null || !authHeader.StartsWith("Basic "))
{
SetUnauthorizedResult(context);
}
else
{
try
{
BasicAuthenticationIdentity identity = GetIdentity(authHeader);
if (Autherize(identity.Name, identity.Password))
{
var principal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = principal;
context.HttpContext.User = principal;
return;
}
else
{
SetUnauthorizedResult(context);
}
}
catch
{
SetUnauthorizedResult(context);
}
}
}
public List <ShopDto> ShopsInNoUserDropdown()
{
List <ShopDto> DtoList;
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Shops.Where(x => x.IsActive == true && context.Users.Where(y => y.IsActive == true && y.ShopId == x.Id).Count() == 0);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var data = query
.Select(x => new ShopDto
{
Id = x.Id,
IsActive = x.IsActive,
Name = x.Name,
}).ToList();
DtoList = data;
}
return(DtoList);
}
public List <LocationDto> LocationInDropdownAdmin()
{
List <LocationDto> DtoList;
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Locations.Where(x => x.IsActive == true);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.Id == user.Employee.LocationId);
}
}
var data = query
.Select(x => new LocationDto
{
Id = x.Id,
IsActive = x.IsActive,
Name = x.Name,
Lat = x.Lat,
Lng = x.Lng,
DeliveryCharge = x.DeliveryCharge,
DeliveryRange = x.DeliveryRange,
}).ToList();
DtoList = data;
}
return(DtoList);
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var crendentials = ParseHeader(request);
if (crendentials != null)
{
var identity = new BasicAuthenticationIdentity(crendentials.Name, crendentials.Password);
var principal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = principal;
//针对于ASP.NET设置
//if (HttpContext.Current != null)
// HttpContext.Current.User = principal;
}
return(base.SendAsync(request, cancellationToken).ContinueWith(task => {
var response = task.Result;
if (crendentials == null && response.StatusCode == HttpStatusCode.Unauthorized)
{
Challenge(request, response);
}
return response;
}));
}
public DataSourceResult ShopsInMultiSelect(DataSourceRequest Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var shops = context.Shops.Where(x => x.IsActive);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
shops = shops.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var dataSourceResult = shops
.Select(x => new ShopDto
{
Id = x.Id,
IsActive = x.IsActive,
Name = x.Name,
MobileNo = x.MobileNo,
}).OrderByDescending(x => x.Id).ToDataSourceResult(Request);
DataSourceResult kendoResponseDto = new DataSourceResult();
kendoResponseDto.Data = dataSourceResult.Data;
kendoResponseDto.Aggregates = dataSourceResult.Aggregates;
kendoResponseDto.Total = dataSourceResult.Total;
return(kendoResponseDto);
}
}
public static void SetCurrentPrincipal(HttpActionContext actionContext, string userName, string password)
{
var identity = new BasicAuthenticationIdentity(userName, password);
var principal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = principal;
actionContext.RequestContext.Principal = principal;
}
public DataSourceResult ShopsInView(DataSourceRequest Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Shops.Where(x => x.IsActive == true);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var dataSourceResult = query
.Select(x => new ShopDto
{
Id = x.Id,
ShopCategoryId = x.ShopCategoryId,
Description = x.Description,
Name = x.Name,
Order = x.Order,
AverageRating = x.AverageRating,
MobileNo = x.MobileNo,
MobileNo2 = x.MobileNo2,
MobileNo3 = x.MobileNo3,
CommissionPercentage = x.CommissionPercentage,
AverageCost = x.AverageCost,
Address = x.Address,
OpeningHours = x.OpeningHours,
TagLine = x.TagLine,
Cuisines = x.Cuisines,
Image = x.Image,
Preference = x.Preference,
DeliveryTime = x.DeliveryTime,
DeliveryCharge = x.DeliveryCharge,
StartTime = x.StartTime,
EndTime = x.EndTime,
Lng = x.Lng,
Lat = x.Lat,
DeliveryRange = x.DeliveryRange,
LocationId = x.LocationId,
Location = new LocationDto
{
Id = x.Location != null ? x.Location.Id : 0,
Name = x.Location != null ? x.Location.Name : "",
},
IsActive = x.IsActive,
}).OrderByDescending(x => x.Id).ToDataSourceResult(Request);
DataSourceResult kendoResponseDto = new DataSourceResult();
kendoResponseDto.Data = dataSourceResult.Data;
kendoResponseDto.Aggregates = dataSourceResult.Aggregates;
kendoResponseDto.Total = dataSourceResult.Total;
return(kendoResponseDto);
}
}
public void Have_a_basic_authentication_type()
{
// Arrange
// Act
BasicAuthenticationIdentity auth = new BasicAuthenticationIdentity("", "");
// Assert
Assert.AreEqual(auth.AuthenticationType, "Basic");
}
public void Set_a_correct_password()
{
// Arrange
string password = "******";
// Act
BasicAuthenticationIdentity auth = new BasicAuthenticationIdentity("", password);
// Assert
Assert.AreEqual(auth.Password, password);
}
public void Set_a_correct_username()
{
// Arrange
string username = "******";
// Act
BasicAuthenticationIdentity auth = new BasicAuthenticationIdentity(username, "");
// Assert
Assert.AreEqual(auth.Name, username);
}
public HttpResponseMessage Authenticate()
{
if (Thread.CurrentPrincipal != null && Thread.CurrentPrincipal.Identity.IsAuthenticated)
{
BasicAuthenticationIdentity identity = Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
if (identity != null)
{
return(GetAuthToken());
}
}
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "No Token Created"));
}
public DataSourceResult ItemsInView(DataSourceRequest Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Items.Where(x => x.IsActive == true);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.Shop.LocationId == user.Employee.LocationId);
}
}
var dataSourceResult = query
.Select(x => new ItemDto
{
Id = x.Id,
Name = x.Name,
IsActive = x.IsActive,
Image = x.Image,
TagLine = x.TagLine,
Description = x.Description,
Price = x.Price,
CommissionPercentage = x.CommissionPercentage,
ShopId = x.ShopId,
ItemCategoryId = x.ItemCategoryId,
Preference = x.Preference,
OfferId = x.OfferId,
OfferPrice = x.OfferPrice,
InActive = x.InActive,
Shop = new ShopDto
{
Name = x.Shop.Name,
Id = x.Shop.Id,
DeliveryCharge = x.Shop.DeliveryCharge,
},
ItemsCategory = new ItemCategoryDto
{
Name = x.ItemsCategory.Name,
Id = x.ItemsCategory.Id,
}
}).OrderByDescending(x => x.Id).ToDataSourceResult(Request);
DataSourceResult kendoResponseDto = new DataSourceResult();
kendoResponseDto.Data = dataSourceResult.Data;
kendoResponseDto.Aggregates = dataSourceResult.Aggregates;
kendoResponseDto.Total = dataSourceResult.Total;
return(kendoResponseDto);
}
}
/// <summary>
/// Returns auth token for the validated user.
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
private HttpResponseMessage GetAuthToken(BasicAuthenticationIdentity basicAuthenticationIdentity)
{
var userId = basicAuthenticationIdentity.UserId;
TokenServices tokenService = new TokenServices();
var token = tokenService.GenerateToken(userId);
var response = Request.CreateResponse(HttpStatusCode.OK, "Authorized");
response.Headers.Add("Token", token.AuthToken);
response.Headers.Add("UserId", userId.ToString());
response.Headers.Add("TokenExpiry", ConfigurationManager.AppSettings["AuthTokenExpiry"]);
response.Headers.Add("Access-Control-Expose-Headers", "Token,TokenExpiry");
return(response);
}
public DataSourceResult EmployeesInView(DataSourceRequest Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Employees.Where(x => x.IsActive == true);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var dataSourceResult = query
.Select(x => new EmployeeDto
{
Id = x.Id,
Name = x.Name,
IsActive = x.IsActive,
Designation = x.Designation,
Email = x.Email,
MobileNo = x.MobileNo,
TelephoneNo = x.TelephoneNo,
Address = x.Address,
LocationId = x.LocationId,
Location = new LocationDto
{
Id = x.Location != null ? x.Location.Id : 0,
Name = x.Location != null ? x.Location.Name : "",
},
BankName = x.BankName,
BankAccount = x.BankAccount,
JoiningDate = x.JoiningDate,
IsTemp = x.IsTemp,
IsInActive = x.IsInActive,
IsOwnEmployee = x.IsOwnEmployee,
NormalWorkingHours = x.NormalWorkingHours,
}).OrderByDescending(x => x.Id).ToDataSourceResult(Request);
DataSourceResult kendoResponseDto = new DataSourceResult();
kendoResponseDto.Data = dataSourceResult.Data;
kendoResponseDto.Aggregates = dataSourceResult.Aggregates;
kendoResponseDto.Total = dataSourceResult.Total;
return(kendoResponseDto);
}
}
public List <EmployeeDto> EmployeesInNoUserDropdown()
{
List <EmployeeDto> DtoList;
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Employees.Where(x => x.IsActive == true && context.Users.Where(y => y.IsActive == true && y.EmployeeId == x.Id).Count() == 0);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var data = query
.Select(x => new EmployeeDto
{
Id = x.Id,
Name = x.Name,
IsActive = x.IsActive,
Designation = x.Designation,
Email = x.Email,
MobileNo = x.MobileNo,
TelephoneNo = x.TelephoneNo,
Address = x.Address,
LocationId = x.LocationId,
Location = new LocationDto
{
Id = x.Location != null ? x.Location.Id : 0,
Name = x.Location != null ? x.Location.Name : "",
},
BankName = x.BankName,
BankAccount = x.BankAccount,
JoiningDate = x.JoiningDate,
IsTemp = x.IsTemp,
IsInActive = x.IsInActive,
IsOwnEmployee = x.IsOwnEmployee,
NormalWorkingHours = x.NormalWorkingHours,
}).ToList();
DtoList = data;
}
return(DtoList);
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var credentials = ParseAuthorizationHeader(request);
if (credentials != null && CredentialsAreValid(credentials))
{
var identity = new BasicAuthenticationIdentity(credentials.Name, credentials.Password);
Thread.CurrentPrincipal = new GenericPrincipal(identity, null);
return(base.SendAsync(request, cancellationToken));
}
else
{
var response = request.CreateResponse(HttpStatusCode.Unauthorized, "Access denied");
AddChallengeHeader(request, response);
return(Task.FromResult(response));
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
try
{
if (actionContext.Request.Headers.Authorization == null)
{
var dnsHost = actionContext.Request.RequestUri.DnsSafeHost;
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue("Basic", $"realm=\"{dnsHost}\""));
}
else
{
string authHeader = null;
var auth = actionContext.Request.Headers.Authorization;
if (auth != null && auth.Scheme == "Basic")
{
authHeader = auth.Parameter;
}
authHeader = Encoding.Default.GetString(Convert.FromBase64String(authHeader));
string[] httpRequestHeaderValues = authHeader.Split(':');
var username = httpRequestHeaderValues[0];
var password = httpRequestHeaderValues[1];
var identity = new BasicAuthenticationIdentity(username, password);
if (!AreValidCredentials(identity))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
;
// Client is authentic, therefore we create a principal here.
AuthenticationHelper.SetCurrentPrincipal(actionContext, username, password);
}
}
catch (Exception)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.InternalServerError);
}
}
public DataSourceResult OffersInView(DataSourceRequest Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Offers.Where(x => x.IsActive == true);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.Shop.LocationId == user.Employee.LocationId);
}
}
var dataSourceResult = query
.Select(x => new OfferDto
{
Id = x.Id,
Tittle = x.Tittle,
Image = x.Image,
Percentage = x.Percentage,
IsActive = x.IsActive,
IsPercentage = x.IsPercentage,
ShopId = x.ShopId,
Shop = new ShopDto
{
Id = x.Shop != null ? x.Shop.Id : 0,
Name = x.Shop != null ? x.Shop.Name : "",
},
}).OrderByDescending(x => x.Id).ToDataSourceResult(Request);
DataSourceResult kendoResponseDto = new DataSourceResult();
kendoResponseDto.Data = dataSourceResult.Data;
kendoResponseDto.Aggregates = dataSourceResult.Aggregates;
kendoResponseDto.Total = dataSourceResult.Total;
return(kendoResponseDto);
}
}
/// <summary>
/// Returns auth token for the validated user.
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
private HttpResponseMessage GetAuthenticatedUserInfo(BasicAuthenticationIdentity basicIdentity)
{
try
{
//Delete old token by userid
_tokenServices.DeleteByUserEmail(basicIdentity.UserName);
//Generate new token
var token = _tokenServices.GenerateToken(basicIdentity.UserName, basicIdentity.EloquaContactId);
var responseDTO = new ResponseDTO
{
Success = true,
StatusCode = 200,
Message = WellknownResponseMessages.Success
};
var response = Request.CreateResponse(HttpStatusCode.OK, responseDTO);
response.Headers.Add("Token", token.AuthToken);
response.Headers.Add("TokenExpiry", ConfigurationHelper.AuthTokenExpiry.ToString());
response.Headers.Add("Access-Control-Expose-Headers", "Token,TokenExpiry");
return(response);
}
catch (Exception ex)
{
//Data.EventLog.LogAPIErrorException(userId, string.Empty, ex.ToString());
return(Request.CreateResponse(HttpStatusCode.InternalServerError, new ResponseDTO
{
Success = false,
StatusCode = 500,
Message = WellknownResponseMessages.Falied,
Errors = new List <string> {
ex.Message + "\r\n" + ex.StackTrace
}
}));
}
}
public string PrintShopDyncReport(KendoFilterRequestDto Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var shops = context.Shops.Where(x => x.IsActive);
if (user.Role == "Employee")
{
if (user.Employee != null)
{
shops = shops.Where(x => x.LocationId == user.Employee.LocationId);
}
}
long[] items = shops.Select(x => x.Id).ToArray();
if (Request.Shops.Count > 0)
{
items = Request.Shops.ToArray();
}
//foreach (var det in Request.Shops)
//{
//}
ReportDocument rd = new ReportDocument();
DateReport dreport = new DateReport();
dreport.From = Request.FromDate.Value;
dreport.To = Request.ToDate.Value;
context.DateReports.Add(dreport);
context.SaveChanges();
Guid id1 = Guid.NewGuid();
var pdfName = Request.RPTName + id1 + ".pdf";
string strRptPath = System.Web.HttpContext.Current.Server.MapPath("~/") + "Reports\\" + Request.RPTName + ".rpt";
string strPdfPath = System.Web.HttpContext.Current.Server.MapPath("~/") + "Reports\\" + pdfName;
rd.Load(strRptPath);
rd.Refresh();
string connectionString =
ConfigurationManager.ConnectionStrings["EAharaDB"].ConnectionString;
SqlConnectionStringBuilder SConn = new SqlConnectionStringBuilder(connectionString);
rd.DataSourceConnections[0].SetConnection(
SConn.DataSource, SConn.InitialCatalog, SConn.UserID, SConn.Password);
foreach (ReportDocument srd in rd.Subreports)
{
srd.DataSourceConnections[0].SetConnection(SConn.DataSource, SConn.InitialCatalog, SConn.UserID, SConn.Password);
}
rd.SetParameterValue(0, items);
rd.SetParameterValue("FromDate", Request.FromDate);
rd.SetParameterValue("ToDate", Request.ToDate);
System.IO.File.Delete(strPdfPath);
//rd.PrintOptions.PaperSize = PaperSize.PaperA5;
rd.ExportToDisk(ExportFormatType.PortableDocFormat, strPdfPath);
return(pdfName);
}
}
public string PrintBookingReportList(KendoFilterRequestDto Request)
{
using (EAharaDB context = new EAharaDB())
{
BasicAuthenticationIdentity identity = (BasicAuthenticationIdentity)User.Identity;
var user = context.Users.FirstOrDefault(x => x.Id == identity.Id);
var query = context.Bookings.Where(x => x.IsActive &&
((DbFunctions.TruncateTime(x.OrderDate)) >= (DbFunctions.TruncateTime(Request.FromDate)) &&
(DbFunctions.TruncateTime(x.OrderDate)) <= (DbFunctions.TruncateTime(Request.ToDate))));
if (user.Role == "Employee")
{
if (user.Employee != null)
{
query = query.Where(x => x.LocationId == user.Employee.LocationId);
}
}
var rep = query;
if (Request.ShopId > 0)
{
rep = rep.Where(x => x.ShopId == Request.ShopId);
}
if (Request.Paid == "Paid")
{
rep = rep.Where(x => x.IsPaid);
}
if (Request.Paid == "Not Paid")
{
rep = rep.Where(x => !x.IsPaid);
}
long[] items = rep.Select(x => x.Id).ToArray();
ReportDocument rd = new ReportDocument();
Guid id1 = Guid.NewGuid();
var pdfName = "BookingReport" + id1 + ".pdf";
string strRptPath = System.Web.HttpContext.Current.Server.MapPath("~/") + "Reports\\" + "BookingReport" + ".rpt";
string strPdfPath = System.Web.HttpContext.Current.Server.MapPath("~/") + "Reports\\" + pdfName;
rd.Load(strRptPath);
rd.Refresh();
string connectionString =
ConfigurationManager.ConnectionStrings["EAharaDB"].ConnectionString;
SqlConnectionStringBuilder SConn = new SqlConnectionStringBuilder(connectionString);
rd.DataSourceConnections[0].SetConnection(
SConn.DataSource, SConn.InitialCatalog, SConn.UserID, SConn.Password);
foreach (ReportDocument srd in rd.Subreports)
{
srd.DataSourceConnections[0].SetConnection(SConn.DataSource, SConn.InitialCatalog, SConn.UserID, SConn.Password);
}
rd.SetParameterValue(0, items);
System.IO.File.Delete(strPdfPath);
rd.PrintOptions.PaperSize = PaperSize.PaperA4;
rd.ExportToDisk(ExportFormatType.PortableDocFormat, strPdfPath);
return(pdfName);
}
}
private bool IsBasicAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (!IsBasicAuthentication(actionContext))
{
return(false);
}
string username = null;
string appName = null;
Exception outException = null;
try
{
BasicAuthenticationIdentity basicAuthenticationIdentity = GetBasicAuthenticationIdentity(actionContext);
if (!IsBasicAuthorized(basicAuthenticationIdentity, out username, out appName, out outException))
{
Exception e = outException ?? new BasicAuthorizationException();
actionContext.Response = actionContext.Request.CreateErrorResponse(
HttpStatusCode.Unauthorized, e.Message,
e);
return(true);
}
}
catch (Exception exception)
{
actionContext.Response = actionContext.Request.CreateErrorResponse(
HttpStatusCode.InternalServerError,
exception.Message);
return(true);
}
if (!Durados.Web.Mvc.Maps.IsDevUser(username) && new Durados.Web.Mvc.UI.Helpers.DuradosAuthorizationHelper().IsAppLocked(appName))
{
actionContext.Response = actionContext.Request.CreateErrorResponse(
HttpStatusCode.Unauthorized,
string.Format(Durados.Web.Mvc.UI.Helpers.UserValidationErrorMessages.AppLocked, appName));
return(true);
}
if (!Maps.Instance.GetMap(appName).Database.EnableSecretKeyAccess)
{
actionContext.Response = actionContext.Request.CreateErrorResponse(
HttpStatusCode.Unauthorized,
new BasicAuthorizationDisabledException());
return(true);
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.Username))
{
System.Web.HttpContext.Current.Items.Add(Database.Username, username);
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName))
{
System.Web.HttpContext.Current.Items.Add(Database.AppName, appName);
}
try
{
if (SharedMemorySingeltone.Instance.Contains(appName, SharedMemoryKey.DebugMode))
{
System.Web.HttpContext.Current.Items[Durados.Workflow.JavaScript.Debug] = true;
}
}
catch { }
if (!System.Web.HttpContext.Current.Items.Contains(Database.RequestId))
{
System.Web.HttpContext.Current.Items.Add(Database.RequestId, Guid.NewGuid().ToString());
}
//NewRelic.Api.Agent.NewRelic.AddCustomParameter(Durados.Database.RequestId, System.Web.HttpContext.Current.Items[Database.RequestId].ToString());
return(true);
}
private bool IsBasicAuthorized(BasicAuthenticationIdentity basicAuthenticationIdentity, out string username, out string appName, out Exception exception)
{
appName = null;
username = null;
exception = null;
if (basicAuthenticationIdentity == null)
{
return(false);
}
try
{
appName = Maps.Instance.GetAppNameByGuid(basicAuthenticationIdentity.AppGuid);
}
catch (ArgumentException argumentException)
{
exception = argumentException;
return(false);
}
Map map = Maps.Instance.GetMap(appName);
if (map == null || map.IsMainMap)
{
return(false);
}
Guid parsedGuid;
if (!Guid.TryParse(basicAuthenticationIdentity.UserGuid, out parsedGuid))
{
return(false);
}
username = map.Database.GetUsernameByGuid(basicAuthenticationIdentity.UserGuid);
if (string.IsNullOrEmpty(username))
{
username = Maps.Instance.DuradosMap.Database.GetUsernameByGuid(basicAuthenticationIdentity.UserGuid);
if (string.IsNullOrEmpty(username))
{
return(false);
}
if (map.Database.GetUserRow(username) == null)
{
return(false);
}
}
const string AppId = "appId";
if (Durados.Web.Mvc.Maps.IsDevUser(username) && System.Web.HttpContext.Current.Request.Headers[AppId] != null)
{
int id = -1;
if (int.TryParse(System.Web.HttpContext.Current.Request.Headers[AppId], out id))
{
appName = Maps.Instance.GetAppNameById(id);
if (appName == null)
{
throw new Durados.DuradosException("App not found with id " + id);
}
}
else
{
throw new Durados.DuradosException("AppId must be a number instead of " + System.Web.HttpContext.Current.Request.Headers[AppId]);
}
}
return(true);
}
private bool AreValidCredentials(BasicAuthenticationIdentity identity)
{
// here would go your code to check username / password against your user data store.
// I´m just gonna say that the credentials are valid if the username and password are the same for the purpose of the exercise.
return(identity.Name.Equals(identity.Password));
}
protected bool CredentialsAreValid(BasicAuthenticationIdentity creds)
{
return(creds.Name == ValidUsername && creds.Password == ValidPassword);
}
