public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.");
string token = req.Query["token"]; // Get token from post data, token from post data
string token_in_database = null; //token in database
//deserialize and read
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
dynamic data = JsonConvert.DeserializeObject(requestBody);
token = token ?? data?.token;
DatabaseConnector conn = new DatabaseConnector();
SqlConnection connection = conn.connector("Users");
GenerateResponses Gr = new GenerateResponses();
connection.Open();
//check if token exists
SqlCommand cmd = new SqlCommand("select session_token from Users where session_token=@token", connection);
cmd.Parameters.AddWithValue("@token", token);
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
token_in_database = rdr[0].ToString(); //get token value in database
}
connection.Close();
if (token_in_database == token) //check if the tokens match
{
//If tokens match, check if the token is valid
Token tk = new Token();
bool isValid = tk.IsTokenValid(token);
if (!isValid) //If Token isn't valid remove token
{
if (DeleteTokenFromDataBase(token, connection))
{
return(Gr.NotAcceptable("Token Expired"));
}
else
{
return(Gr.InternalServerError("Internal Server error"));
}
}
else //Valid token
{
return(Gr.OkResponse("Valid Token"));
}
}
else //If token doesn't match remove the token from database
{
if (DeleteTokenFromDataBase(token, connection))
{
return(Gr.NotAcceptable("Invalid Token"));
}
else
{
return(Gr.InternalServerError("Internal Server error")); //If Internal server error occurs
}
}
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("C# HTTP trigger function processed a request.- Verification");
string VerifCode = req.Query["code"]; //Get Verification Code
string email = req.Query["email"]; //Get Email
string uname = req.Query["uname"];
string pswrd = req.Query["pswrd"];
string fname = req.Query["fname"];
string dptmt = req.Query["dptmt"];
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
dynamic data = JsonConvert.DeserializeObject(requestBody);
VerifCode = VerifCode ?? data?.code;
email = email ?? data?.email;
uname = uname ?? data?.uname;
pswrd = pswrd ?? data?.pswrd;
fname = fname ?? data?.fname;
dptmt = dptmt ?? data?.dptmt;
string[] Data = { email, uname, pswrd, fname, dptmt };
GenerateHash GH = new GenerateHash(); //Object for Hash Generating class
string Hash = GH.Generate(email + VerifCode); // Generate SHA256 hash from email and verification code
string Hash_val = null; //Initialize Hash_val
SqlDataReader rdr; //SQL Data Reader
DatabaseConnector DBConn = new DatabaseConnector(); //Database Connection class object
SqlConnection connection = DBConn.connector("Users"); //Connect to the Database
GenerateResponses Gr = new GenerateResponses();
//Check if connection is null, if null return internal server error since database is not connected
if (connection == null)
{
Gr.InternalServerError("Error connecting to database - Verification");
}
// End if database cannot be connected
//Open connection
connection.Open();
//Console.WriteLine("Hash:" + Hash);
//Generate SQL query
SqlCommand cmd = new SqlCommand("select OTP_Hash from OTP where OTP_hash=@hash", connection);
cmd.Parameters.AddWithValue("@hash", Hash);
//Execute query and put data into rdr
rdr = cmd.ExecuteReader();
//Read data, get the first data in the array since there's only one coloumn
while (rdr.Read())
{
Hash_val = rdr[0].ToString();
}
rdr.Close();
//Console.WriteLine(Hash_val); //Debug
//If Val is null or empty, it means that specific hash doesn't exist and OTP is invalid for that email
if (string.IsNullOrEmpty(Hash_val))
{
return(Gr.NotAcceptable("Invalid OTP"));// Ends if OTP is invalid
}
connection.Close();
PushUserData(Data, connection);
connection.Open();
//Generate SQL query to delete OTP_Hash from the table
cmd = new SqlCommand("delete from OTP where OTP_hash=@hash", connection);
cmd.Parameters.AddWithValue("@hash", Hash);
cmd.ExecuteNonQuery(); //Execute the command
connection.Close();
//Return value
return(Gr.OkResponse("Valid OTP"));
}
