/// <summary>
/// Authenticates from local.
/// </summary>
/// <returns>The from local.</returns>
/// <param name="headers">Headers.</param>
/// <param name="si">Si.</param>
/// <param name="postData">Post data.</param>
public HttpResponse AuthenticateFromLocal(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData)
{
if (si.Guest)
{
string username = postData["USERNAME"];
string password = postData["PASSWORD"];
CustomUserAccount zlu = CustomUserAccount.Retrieve(username, si);
if (zlu == null)
{
return(HttpResponse.NewResponse().AddPOSTDataError(
new POSTDataError
{
FieldName = "USERNAME",
Error = "is not valid"
}));
}
if (BCrypt.Net.BCrypt.Verify(password, zlu.Password))
{
var newSessionIdentity = SessionManager.Instance.CreateAuthenticatedUserSessionIdentity(zlu, si);
if (newSessionIdentity == null)
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
}
return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
}
else
{
return(HttpResponse.NewResponse().AddPOSTDataError(
new POSTDataError
{
FieldName = "PASSWORD",
Error = "did not match"
}));
}
}
else
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated));
}
}
/// <summary>
/// Gets the state of the session.
/// </summary>
/// <returns>The session state.</returns>
/// <param name="headers">Headers.</param>
/// <param name="si">Si.</param>
public HttpResponse GetSessionState(Dictionary <string, string> headers, CustomSessionIdentity si)
{
if (si.Guest)
{
CustomUserAccount zlu = new CustomUserAccount();
zlu.UserName = "******";
zlu.ObjectID = System.Guid.Empty;
return(HttpResponse.NewResponse().AddData(zlu));
}
else
{
CustomUserAccount zlu = CustomUserAccount.Retrieve(si);
if (zlu != null)
{
return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
}
else
{
return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
}
}
}
