/// <summary>
 /// Renews a LoginSession and replaces an already existing session.
 /// </summary>
 /// <param name="context">DataContext</param>
 /// <param name="session">LoginSession</param>
 /// <param name="person">Person (user)</param>
 /// <returns>LoginSession</returns>
 public static LoginSession RenewSession(DataContext context,LoginSession session,Person person)
 {
     session = new LoginSession (Guid.NewGuid ().ToString (), DateTime.Now);
     if (person.LoginSession != null)
         context.LoginSessions.Remove (person.LoginSession);
     person.LoginSession = session;
     context.SaveChanges();
     return session;
 }
        /// <summary>
        /// Validates a string token representing a LoginSession. Will keep the LoginSession up to date if it's valid.
        /// </summary>
        /// <param name="context">DateContext</param>
        /// <param name="token">String token</param>
        /// <returns>bool valid</returns>
        public static bool ValidateLoginSession(DataContext context,string token)
        {
            Person person = context.Persons.FirstOrDefault (x => x.LoginSessionToken != null && x.LoginSessionToken == token);

            int loginLifetimeMs = Convert.ToInt32(WebConfigurationManager.AppSettings["LoginLifetimeMs"]);
            if (person == null)
                return false;
            if (DateTime.Now - person.LoginSession.LastUpdatedDateTime > new TimeSpan (0, 0, 0, 0, loginLifetimeMs)) {
                context.LoginSessions.Remove (person.LoginSession);
                person.LoginSession = null;
                context.SaveChanges ();
                return false;
            }
            return true;
        }
        public ActionResult CreateNewStatement(TrustLessModelLib.Statement statement)
        {
            using (DataContext context = new DataContext())
            {
                if (!PersonController.ValidateLoginSession(context,statement.Person.LoginSession.Token))
                    return new HttpStatusCodeResult((int)HttpStatusCode.Forbidden);

                var match =
                    context.Statements.FirstOrDefault(x => x.MedicinOne == statement.MedicinOne && x.MedicinTwo == statement.MedicinTwo);

                //Does a statement already exists with the same two medicins.
                if (match != null) // && IsStatementValid(context,match)
                    return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

                //Security: Don't allow user to specify the person who created the statement. Set it to the current user logged in.
                statement.Person =
                    context.Persons.FirstOrDefault(x => x.Username == statement.Person.Username);

                //If the person does not exist, abort.
                if (statement.Person == null)
                    return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

                //Rule: refuse a user with zero trust from creating statements.
                if (CalculateBayesianModelTrust(statement.Person) == 0)
                    return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

                context.Statements.Add(statement);

                //Add recommendation from user
                var recommendation = new TrustLessModelLib.Recommendation(){ Person = statement.Person, Statement = statement, IsRecommended = true, Transaction = null, Description = statement.Description, CreationDate = DateTime.Now};

                //This will fail if a racecondition was to add two recommendations (given that our key assignment of the table ensures only one of the same recommendation exist).
                context.Recommendations.Add (recommendation);
                context.SaveChanges ();

                BlockChain.MakeRecommendation (context, recommendation);

                return new HttpStatusCodeResult((int)HttpStatusCode.Created);
            }
        }
        public ActionResult Login(Person person)
        {
            using (DataContext context = new DataContext())
            {
                var match =
                    context.Persons.FirstOrDefault(x => x.PublicKey == person.PublicKey &&x.Username == person.Username && x.Password == person.Password);

                if (match == null) {
                    if (!CreateNewPerson (person))
                        return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);
                    match =
                        context.Persons.FirstOrDefault(x => x.PublicKey == person.PublicKey &&x.Username == person.Username && x.Password == person.Password);
                }

                if (match.LoginSession != null)
                    return Content ( JsonConvert.SerializeObject(RenewSession(context,match.LoginSession,match)));

                match.LoginSession = RenewSession(context,null,match);
                context.SaveChanges();

                return Content ( JsonConvert.SerializeObject(match.LoginSession));
            }
        }
 /// <summary>
 /// Refreshes a LoginSession such that the login token won't expire.
 /// </summary>
 /// <param name="context">DataContext</param>
 /// <param name="session">LoginSession</param>
 public static void UpdateLoginSession(DataContext context,LoginSession session)
 {
     session.LastUpdatedDateTime = DateTime.Now;
         context.SaveChanges();
 }
        /// <summary>
        /// Creates a new user and returns a boolean (success).
        /// </summary>
        /// <param name="person">Person</param>
        /// <returns>Success boolean</returns>
        private bool CreateNewPerson(Person person)
        {
            using (DataContext context = new DataContext())
            {
                var match =
                    context.Persons.FirstOrDefault(x => x.PublicKey == person.PublicKey);

                if (match != null)
                    return false;

                if (String.IsNullOrEmpty(person.PublicKey) || String.IsNullOrEmpty(person.Username) || String.IsNullOrEmpty(person.Password))
                    return false;

                person.LoginSession = null;
                context.Persons.Add(person);
                context.SaveChanges();
                BlockChain.ImportPublicKeyToWallet (person);
                return true;
            }
        }
Esempio n. 7
0
        /// <summary>
        /// Reserves/locks away one S and F asset and sets the recommendation to reference these assets.
        /// </summary>
        /// <param name="db">DataContext</param>
        /// <param name="recommendation">Recommendation</param>
        public static void MakeRecommendation(DataContext db, TrustLessModelLib.Recommendation recommendation)
        {
            string chainName = WebConfigurationManager.AppSettings["ChainName"];
            string nodeIp = WebConfigurationManager.AppSettings["NodeIp"];
            MultiChainClient client = new MultiChainClient(chainName,nodeIp);
            Dictionary<string,int> dictionary = new Dictionary<string, int>();
            AddressBalance[] addressBalances = client.GetTotalBalances ().Balances;
            var lastFasset = addressBalances.OrderBy (x => x.name).LastOrDefault (x => x.name.StartsWith ("F_"));
            var lastSasset = addressBalances.OrderBy (x => x.name).LastOrDefault (x => x.name.StartsWith ("S_"));
            if (lastFasset == null || lastSasset == null) {
                GenerateFunds (client);
                MakeRecommendation (db, recommendation);
                return;
            }
            string lastF = lastFasset.name;
            string lastS = lastSasset.name;

            dictionary.Add(lastF,1);
            dictionary.Add(lastS,1);
            try
            {
                var resp = client.PrepareLockUnspent(dictionary);

                recommendation.Transaction = new ReservedTransaction()
                {
                    Tx = resp.txid,
                    Vout = resp.vout
                };
            }
            catch {
                //Insurficient funds
                GenerateFunds(client);
                MakeRecommendation (db, recommendation);
                return;
            }

            db.SaveChanges ();
        }
        public ActionResult Recommend(int statement, string token, bool trust)
        {
            var possibleStatements = GetStatements (token);
            if(possibleStatements.GetType() != typeof(ContentResult))
                return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

            if (!JsonConvert.DeserializeObject<List<Statement>>(((ContentResult)possibleStatements).Content, new JsonSerializerSettings{
                    MissingMemberHandling = MissingMemberHandling.Ignore
            }).Any(x => x.Id == statement))
                return new HttpStatusCodeResult((int)HttpStatusCode.Forbidden);

            Stream req = Request.InputStream;
            req.Seek (0, System.IO.SeekOrigin.Begin);
            string description = new StreamReader(req).ReadToEnd();
            using (DataContext context = new DataContext())
            {
                if (!PersonController.ValidateLoginSession(context,token))
                    return new HttpStatusCodeResult((int)HttpStatusCode.Forbidden);

                Person person = context.Persons.FirstOrDefault (x => x.LoginSessionToken != null && x.LoginSessionToken == token);

                var statementObject =
                    context.Statements.FirstOrDefault(x => x.Id == statement);

                if (statementObject == null)
                    return new HttpStatusCodeResult((int)HttpStatusCode.NotFound);

                var recommendation =
                    context.Recommendations.FirstOrDefault(x => x.StatementId== statement && x.PersonUsername == person.Username);

                if (recommendation != null)
                    return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

                if (IsStatementRecommendationsComplete (context, statementObject))
                    return new HttpStatusCodeResult((int)HttpStatusCode.Forbidden);

                recommendation = new TrustLessModelLib.Recommendation(){ Person = person, Statement = statementObject, IsRecommended = trust, Transaction = null, Description = description, CreationDate = DateTime.Now};

                lock (recommendationLock)
                {
                    if (IsStatementRecommendationsComplete(context, statementObject))
                        return new HttpStatusCodeResult((int)HttpStatusCode.BadRequest);

                    //This will fail if a racecondition was to add two recommendations (given that our key assignment of the table ensures only one of the same recommendation exist).
                    context.Recommendations.Add(recommendation);

                    //Race condition is not possible after the next line of code, only one will succeed in adding the row below from the same user.
                    context.SaveChanges();
                }

                BlockChain.MakeRecommendation(context, recommendation);

                if (IsStatementRecommendationsComplete (context, statementObject))
                    IssueTrustForStatement (context, statementObject);

                return new HttpStatusCodeResult((int)HttpStatusCode.Created);
            }
        }