Esempio n. 1
0
        /// <summary>
        /// Authenticates from local.
        /// </summary>
        /// <returns>The from local.</returns>
        /// <param name="headers">Headers.</param>
        /// <param name="si">Si.</param>
        /// <param name="postData">Post data.</param>
        public HttpResponse AuthenticateFromLocal(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData)
        {
            if (si.Guest)
            {
                string username = postData["USERNAME"];
                string password = postData["PASSWORD"];

                CustomUserAccount zlu = CustomUserAccount.Retrieve(username, si);
                if (zlu == null)
                {
                    return(HttpResponse.NewResponse().AddPOSTDataError(
                               new POSTDataError
                    {
                        FieldName = "USERNAME",
                        Error = "is not valid"
                    }));
                }

                if (BCrypt.Net.BCrypt.Verify(password, zlu.Password))
                {
                    var newSessionIdentity = SessionManager.Instance.CreateAuthenticatedUserSessionIdentity(zlu, si);
                    if (newSessionIdentity == null)
                    {
                        return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
                    }

                    return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
                }
                else
                {
                    return(HttpResponse.NewResponse().AddPOSTDataError(
                               new POSTDataError
                    {
                        FieldName = "PASSWORD",
                        Error = "did not match"
                    }));
                }
            }
            else
            {
                return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated));
            }
        }
Esempio n. 2
0
 /// <summary>
 /// Gets the state of the session.
 /// </summary>
 /// <returns>The session state.</returns>
 /// <param name="headers">Headers.</param>
 /// <param name="si">Si.</param>
 public HttpResponse GetSessionState(Dictionary <string, string> headers, CustomSessionIdentity si)
 {
     if (si.Guest)
     {
         CustomUserAccount zlu = new CustomUserAccount();
         zlu.UserName = "******";
         zlu.ObjectID = System.Guid.Empty;
         return(HttpResponse.NewResponse().AddData(zlu));
     }
     else
     {
         CustomUserAccount zlu = CustomUserAccount.Retrieve(si);
         if (zlu != null)
         {
             return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject()));
         }
         else
         {
             return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError));
         }
     }
 }