public HttpResponseMessage Login(LoginModel model)
{
if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
{
string userName = db.UserNames.Where <UserName>(a => a.userName1.Equals(model.UserName)).FirstOrDefault().userName1;
AuthToken token;
try
{
token = db.AuthTokens.Where <AuthToken>(t => t.userName.Equals(userName)).First();
//User already has a token -> update token
token.token = Guid.NewGuid().ToString() + ":" + token.authTokenID;
if (model.RememberMe)
{
token.expirationDate = DateTime.Now.AddYears(50); //Expires in 50 years
}
else
{
token.expirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
}
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
catch (InvalidOperationException ioe)
{
//Token does not already exist for the user -> create token
token = new AuthToken();
token.userName = userName;
token.token = Guid.NewGuid().ToString();
if (model.RememberMe)
{
token.expirationDate = DateTime.Now.AddYears(50); //Expires in 50 years
}
else
{
token.expirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
}
token = db.AuthTokens.Add(token);
db.SaveChanges();
string role = auth.getRoleFromUser(userName);
token.token = token.token + ":" + token.authTokenID + "," + role;
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
var response = Request.CreateResponse <string>(HttpStatusCode.OK, token.token);
return(response);
}
else
{
return(Request.CreateResponse(HttpStatusCode.Forbidden));
}
}
public ActionResult Finish(int taskID)
{
db.usertasks.Find(System.Web.Security.Membership.GetUser().ProviderUserKey, taskID).lastCompleted = DateTime.Now;
db.SaveChanges();
return(RedirectToAction("Index"));
}
//POST .../api/Login
public HttpResponseMessage Post(LoginModel model)
{
if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
{
IQueryable <UserName> matchingUserNames = db.UserNames.Where <UserName>(a => a.UserName1.Equals(model.UserName));
if (matchingUserNames.Count() == 0)
{
//This is user's first Web API login; create API record
UserName userNameRecord = new UserName()
{
UserName1 = model.UserName
};
userNameRecord.UserID = (Guid)System.Web.Security.Membership.FindUsersByName(model.UserName).Cast <System.Web.Security.MembershipUser>().FirstOrDefault().ProviderUserKey;
db.UserNames.Add(userNameRecord);
db.SaveChanges();
}
string userName = db.UserNames.Where <UserName>(a => a.UserName1.Equals(model.UserName)).FirstOrDefault().UserName1;
AuthToken token;
try
{
token = db.AuthTokens.Where <AuthToken>(t => t.UserName.Equals(userName)).First();
//User already has a token -> update token
token.Token = Guid.NewGuid().ToString() + ":" + token.AuthTokenID;
token.ExpirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
catch (InvalidOperationException ioe)
{
//Token does not already exist for the user -> create token
token = new AuthToken();
token.UserName = userName;
token.Token = Guid.NewGuid().ToString();
token.ExpirationDate = DateTime.Now.AddMinutes(10); //Expires in 10 minutes
token = db.AuthTokens.Add(token);
db.SaveChanges();
token.Token = token.Token + ":" + token.AuthTokenID;
db.Entry(token).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
var response = Request.CreateResponse <string>(HttpStatusCode.OK, token.Token);
return(response);
}
else
{
return(Request.CreateResponse(HttpStatusCode.Forbidden));
}
}
public ActionResult Create(job job)
{
if (ModelState.IsValid)
{
db.jobs.Add(job);
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(job));
}
// POST api/<controller>
public HttpResponseMessage Post(Hello hello)
{
db.Helloes.Add(hello);
db.SaveChanges();
var response = Request.CreateResponse <Hello>(HttpStatusCode.Created, hello);
string uri = Url.Link("DefaultApi", new { id = hello.helloID });
response.Headers.Location = new Uri(uri);
return(response);
}
public ActionResult Create(task task, List <prompt> prompts)
{
//validate
if (ModelState.IsValid)
{
db.tasks.Add(task);
db.SaveChanges();
//return RedirectToAction("Index");//default code
return(Redirect("/Prompt/Index/" + task.taskID));
}
ViewBag.taskCategoryID = new SelectList(db.taskcategories, "categoryID", "categoryName", task.taskCategoryID);
return(View(task));
}
/* Saves the given debug message into the database.
* @param message: The debug message to save.
*/
public void createDebugMessageInDatabase(string message)
{
db.Debugs.Add(new Debug()
{
debugMessage = message.Substring(0, 199)
});
db.SaveChanges();
}
public ActionResult Create(prompt prompt)
{
if (ModelState.IsValid)
{
if (prompt.typeID == 1)
{
string[] url = prompt.description.Split('/');
prompt.description = "https://www.youtube.com/embed/" + url[url.Length - 1];
}
db.prompts.Add(prompt);
db.SaveChanges();
//return RedirectToAction("Index");
return(Redirect("/Prompt/Index/" + prompt.taskID));
}
ViewBag.taskID = new SelectList(db.tasks, "taskID", "taskName", prompt.taskID);
ViewBag.typeID = new SelectList(db.prompttypes, "typeID", "typeName", prompt.typeID);
return(View(prompt));
}
public ActionResult Create(job job, string[] taskList)
{
if (ModelState.IsValid)
{
foreach (var item in taskList)
{
if (item != "false")
{
job.tasks.Add(db.tasks.Find(Convert.ToInt32(item)));
}
}
db.jobs.Add(job);
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(job));
}
// GET api/DeleteHello/5
// To Delete
public HttpResponseMessage GetHello(int id)
{
Hello hello = db.Helloes.Find(id);
if (hello == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
db.Helloes.Remove(hello);
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
return(Request.CreateResponse(HttpStatusCode.OK, hello));
}
public static void authorizeToken(string token)
{
if (!isTokenValid(token))
{
throw new HttpResponseException(new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized));
}
int id = Int32.Parse(token.Substring(37));
AuthToken authToken = db.AuthTokens.Find(id);
//update expiration, 10 minutes of inactivity
authToken.ExpirationDate = DateTime.Now.AddMinutes(10);
db.Entry(authToken).State = System.Data.EntityState.Modified;
db.SaveChanges();
}
// POST api/AuthTest?token=<token>
//public HttpResponseMessage Post(Token<AuthTest> packet)
public HttpResponseMessage Post(string token, AuthTest test)
{
//string token = packet.token;
//AuthTest test = packet.obj;
APIAuth.authorizeToken(token);
test.UserName = APIAuth.getUserNameFromToken(token);
db.AuthTests.Add(test);
db.SaveChanges();
var response = Request.CreateResponse <AuthTest>(HttpStatusCode.Created, test);
//var response = Request.CreateResponse(HttpStatusCode.Created);
return(response);
}
public ActionResult Edit(string UserName, string Email, string usertype, string[] selectedUsers, string job, string applyJobTemplate, string phonenumber)
{
if (Roles.IsUserInRole("Administrator") || Roles.IsUserInRole("Job Coach") || Roles.IsUserInRole("Parent"))
{
MembershipUser user = System.Web.Security.Membership.GetUser(UserName);
ProfileBase profile = ProfileBase.Create(UserName, true);
profile.SetPropertyValue("PhoneNumber", phonenumber);
profile.Save();
//Assigned Users
db.Users.Find(user.ProviderUserKey).Users.Clear();
if (selectedUsers != null)
{
foreach (string id in selectedUsers)
{
db.Users.Find(user.ProviderUserKey).Users.Add(db.Users.Find(Guid.Parse(id)));
}
}
//Jobs
db.Users.Find(user.ProviderUserKey).jobs.Clear();
if (job != "")
{
db.Users.Find(user.ProviderUserKey).jobs.Add(db.jobs.Find(Convert.ToInt32(job)));
}
if (Convert.ToBoolean(applyJobTemplate))
{
foreach (PJCAdmin.Models.task t in db.jobs.Find(Convert.ToInt32(job)).tasks)
{
db.Users.Find(user.ProviderUserKey).usertasks.Add(new usertask {
task = t, User = db.Users.Find(user.ProviderUserKey), daysOfWeek = ""
});
}
}
db.SaveChanges();
user.Email = Email;
System.Web.Security.Membership.UpdateUser(user);
foreach (string aRole in Roles.GetAllRoles())
{
//Only Let the user be in one role
try
{
Roles.RemoveUserFromRole(user.UserName, aRole);
}
catch
{
// Don't Worry About It.... :)
}
}
Roles.AddUserToRole(user.UserName, usertype);
return(RedirectToAction("List"));
}
else
{
Response.Redirect("~/Unauthorized");
}
return(View());
}
public void createUserName(object providerUserKey)
{
User user = db.Users.Find(providerUserKey);
db.UserNames.Add(new UserName()
{
userID = user.UserId, userName1 = user.UserName
});
db.SaveChanges();
}
public ActionResult Create(taskcategory taskcategory)
{
db.taskcategories.Add(taskcategory);
db.SaveChanges();
return(RedirectToAction("Index"));
}