public string GetUser([FromBody] CRUDRequest req) { bool IsAccessTokenExpired = false; ResponseData Resp = new ResponseData(); IsAccessTokenExpired = MySQLDapperQueries.IsAccessTokenExpired(req.accesstoken); if (IsAccessTokenExpired) { Resp = new ResponseData { Code = "600", Message = "Access Token Expired", Data = null }; } else { Resp = new ResponseData { Code = "200", Message = "OK", Data = MySQLDapperQueries.GetUserByID(req.id) }; } return(JsonConvert.SerializeObject(Resp, Formatting.None)); }
public string CreateUser([FromBody] SignUpUserRequest user) { ResponseData Resp = new ResponseData(); try { User u = new User(); string IP = GetIP(); string response = ""; string salt = Authentication.GenerateRandomSalt(15); u.id = System.Guid.NewGuid().ToString(); u.username = user.username; u.salt = salt; u.password = Authentication.GenerateHashedPWD(user.password, salt); u.name = user.name; u.email = user.email; u.created = DateTime.Now; u.modified = DateTime.Now; RefreshToken rtoken = Authentication.GenerateRefreshToken(IP); u.refresh_token = rtoken.Token; u.refresh_token_expiration = rtoken.ExpiryDate; AccessToken atoken = Authentication.GenerateAccessToken(IP); u.token = atoken.Token; u.token_expiration = atoken.ExpiryDate; response = MySQLDapperQueries.InsertUser(u); if (response == "ok") { Resp = new ResponseData { Code = "200", Message = "User Created", Data = null }; } else { Resp = new ResponseData { Code = "502", Message = response, Data = null }; } } catch (Exception ex) { Resp = new ResponseData { Code = "502", Message = ex.Message, Data = null }; } return(JsonConvert.SerializeObject(Resp, Formatting.None)); }
public string Login([FromBody] LogInRequest req) { ResponseData Resp = new ResponseData(); User u = MySQLDapperQueries.GetUserByUserName(req.username); if (u == null) { Resp = new ResponseData { Code = "501", Message = "User Not found", Data = null }; } else { string hashedpassword = Authentication.GenerateHashedPWD(req.password, u.salt.ToString()); if (u.password == hashedpassword) { AccessToken atoken = Authentication.GenerateAccessToken(GetIP()); RefreshToken rtoken = Authentication.GenerateRefreshToken(GetIP()); MySQLDapperQueries.UpdateUserTokens(u.id, atoken.Token, atoken.ExpiryDate, rtoken.Token, rtoken.ExpiryDate); Resp = new ResponseData { Code = "200", Message = "Verified", Data = new { Accesstoken = atoken.Token, RefreshToken = rtoken.Token, ID = u.id } }; } else { Resp = new ResponseData { Code = "503", Message = "Wrong Password", Data = null }; } } return(JsonConvert.SerializeObject(Resp, Formatting.None)); }
public string DeleteUser([FromBody] CRUDRequest req) { bool IsAccessTokenExpired = false; ResponseData Resp = new ResponseData(); IsAccessTokenExpired = MySQLDapperQueries.IsAccessTokenExpired(req.accesstoken); if (IsAccessTokenExpired) { Resp = new ResponseData { Code = "600", Message = "Access Token Expired", Data = null }; } else { string response = MySQLDapperQueries.DeleteUser(req.id); if (response == "ok") { Resp = new ResponseData { Code = "200", Message = "User Deleted Sucessfully", Data = null }; } else { Resp = new ResponseData { Code = "502", Message = response, Data = null }; } } return(JsonConvert.SerializeObject(Resp, Formatting.None)); }
public string RefreshToken([FromBody] RefreshTokenRequest request) { ResponseData resp = new ResponseData(); string accesstoken = request.accesstoken; string oldrefreshtoken = request.refreshtoken; User u = MySQLDapperQueries.GetUserByAccessTokenAndRefreshToken(accesstoken, oldrefreshtoken); // if refresh token if expired... return to login page // if not use it to generate new access token and new refreshtoken if (u == null) { resp = new ResponseData { Code = "506", Message = "invalid user", Data = null }; } else if (u.refresh_token_expiration < DateTime.Now) { // return to login page resp = new ResponseData { Code = "700", Message = "refresh token has expired", Data = null }; } else { RefreshToken rtoken = Authentication.RefreshToken(GetIP(), accesstoken, oldrefreshtoken); u.refresh_token = rtoken.Token; u.refresh_token_expiration = rtoken.ExpiryDate; AccessToken atoken = Authentication.GenerateAccessToken(GetIP()); u.token = atoken.Token; u.token_expiration = atoken.ExpiryDate; int updatedrow = MySQLDapperQueries.UpdateUserTokens(u.id, u.token, u.token_expiration, u.refresh_token, u.refresh_token_expiration); if (updatedrow > 0) { resp = new ResponseData { Code = "200", Message = "Tokens Refreshed", Data = new { Accesstoken = u.token, RefreshToken = u.refresh_token, ID = u.id } }; } else { resp = new ResponseData { Code = "508", Message = "Couldn't Refresh Tokens", Data = null }; } } return(JsonConvert.SerializeObject(resp, Formatting.None)); }
public string UpdateUser([FromBody] CRUDRequest req) { ResponseData Resp = new ResponseData(); if (!this.ModelState.IsValid) { Resp = new ResponseData { Code = "404", Message = "Invalid Parameters", Data = null }; return(JsonConvert.SerializeObject(Resp, Formatting.None)); } bool IsAccessTokenExpired = false; IsAccessTokenExpired = MySQLDapperQueries.IsAccessTokenExpired(req.accesstoken); if (IsAccessTokenExpired) { Resp = new ResponseData { Code = "600", Message = "Access Token Expired", Data = null }; } else { try { string salt = ""; string hashedpassword = ""; if (!String.IsNullOrEmpty(req.password.Trim())) { salt = Authentication.GenerateRandomSalt(15); hashedpassword = Authentication.GenerateHashedPWD(req.password, salt); } string response = MySQLDapperQueries.UpdateUser(req.id, req.username, hashedpassword, salt, req.name, req.email); if (response == "ok") { Resp = new ResponseData { Code = "200", Message = "User Created", Data = null }; } else { Resp = new ResponseData { Code = "502", Message = response, Data = null }; } } catch { Resp = new ResponseData { Code = "502", Message = "An Error Occured", Data = null }; } } return(JsonConvert.SerializeObject(Resp, Formatting.None)); }