/// <summary>
/// Creates the account.
/// </summary>
/// <returns>The account.</returns>
/// <param name="headers">Headers.</param>
/// <param name="si">Si.</param>
/// <param name="postData">Post data.</param>
public HttpResponse CreateAccount(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData)
{
if (si.Guest)
{
var result = CustomUserAccount.UserNameExists(postData["USERNAME"]);
if (result == BackendQueryStatus.ReturnCode.Exists)
{
return(HttpResponse.NewResponse().AddPOSTDataError(
new POSTDataError
{
FieldName = "USERNAME",
Error = "User already exists"
}));
}
else if (result != BackendQueryStatus.ReturnCode.DoesntExist)
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendUserQueryError));
}
DomainObjectRepository <DomainObjectBase> repo = new DomainObjectRepository <DomainObjectBase>(si);
CustomUserAccount zlu = new CustomUserAccount
{
Email = postData["EMAIL"],
//FirstName = postData["FIRSTNAME"],
//LastName = postData["LASTNAME"],
LinkCategories = new string[] { "default" },
UserName = postData["USERNAME"],
Password = BCrypt.Net.BCrypt.HashPassword(postData["PASSWORD"]),
Following = new string[] {},
};
repo.Add(zlu);
if (repo.Save().Any(q => q != BackendQueryStatus.ReturnCode.Success))
{
//TODO Rollback
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendUserQueryError));
}
return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
}
else
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated));
}
}
/// <summary>
/// Authenticates from local.
/// </summary>
/// <returns>The from local.</returns>
/// <param name="headers">Headers.</param>
/// <param name="si">Si.</param>
/// <param name="postData">Post data.</param>
public HttpResponse AuthenticateFromLocal(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData)
{
if (si.Guest)
{
string username = postData["USERNAME"];
string password = postData["PASSWORD"];
CustomUserAccount zlu = CustomUserAccount.Retrieve(username, si);
if (zlu == null)
{
return(HttpResponse.NewResponse().AddPOSTDataError(
new POSTDataError
{
FieldName = "USERNAME",
Error = "is not valid"
}));
}
if (BCrypt.Net.BCrypt.Verify(password, zlu.Password))
{
var newSessionIdentity = SessionManager.Instance.CreateAuthenticatedUserSessionIdentity(zlu, si);
if (newSessionIdentity == null)
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
}
return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
}
else
{
return(HttpResponse.NewResponse().AddPOSTDataError(
new POSTDataError
{
FieldName = "PASSWORD",
Error = "did not match"
}));
}
}
else
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated));
}
}
/// <summary>
/// Gets the state of the session.
/// </summary>
/// <returns>The session state.</returns>
/// <param name="headers">Headers.</param>
/// <param name="si">Si.</param>
public HttpResponse GetSessionState(Dictionary <string, string> headers, CustomSessionIdentity si)
{
if (si.Guest)
{
CustomUserAccount zlu = new CustomUserAccount();
zlu.UserName = "******";
zlu.ObjectID = System.Guid.Empty;
return(HttpResponse.NewResponse().AddData(zlu));
}
else
{
CustomUserAccount zlu = CustomUserAccount.Retrieve(si);
if (zlu != null)
{
return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
}
else
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
}
}
}
