/// <summary> /// Authenticates from local. /// </summary> /// <returns>The from local.</returns> /// <param name="headers">Headers.</param> /// <param name="si">Si.</param> /// <param name="postData">Post data.</param> public HttpResponse AuthenticateFromLocal(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData) { if (si.Guest) { string username = postData["USERNAME"]; string password = postData["PASSWORD"]; CustomUserAccount zlu = CustomUserAccount.Retrieve(username, si); if (zlu == null) { return(HttpResponse.NewResponse().AddPOSTDataError( new POSTDataError { FieldName = "USERNAME", Error = "is not valid" })); } if (BCrypt.Net.BCrypt.Verify(password, zlu.Password)) { var newSessionIdentity = SessionManager.Instance.CreateAuthenticatedUserSessionIdentity(zlu, si); if (newSessionIdentity == null) { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError)); } return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject())); } else { return(HttpResponse.NewResponse().AddPOSTDataError( new POSTDataError { FieldName = "PASSWORD", Error = "did not match" })); } } else { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated)); } }
/// <summary> /// Gets the state of the session. /// </summary> /// <returns>The session state.</returns> /// <param name="headers">Headers.</param> /// <param name="si">Si.</param> public HttpResponse GetSessionState(Dictionary <string, string> headers, CustomSessionIdentity si) { if (si.Guest) { CustomUserAccount zlu = new CustomUserAccount(); zlu.UserName = "******"; zlu.ObjectID = System.Guid.Empty; return(HttpResponse.NewResponse().AddData(zlu)); } else { CustomUserAccount zlu = CustomUserAccount.Retrieve(si); if (zlu != null) { return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject())); } else { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError)); } } }