static public bool ValidateAppUserAuthToken(string secret, string key, bool slideExpiration, out Int64 appUserId, out Int64 appUserAuthTokenId) { try { List <object> token = new Query(AppUserAuthToken.TableSchema) .Select(AppUserAuthToken.Columns.AppUserAuthTokenId) .AddSelect(AppUserAuthToken.Columns.AppUserId) .AddSelect(AppUserAuthToken.Columns.Expiry) .Where(AppUserAuthToken.Columns.Secret, secret) .AND(AppUserAuthToken.Columns.Key, key) .LimitRows(1) .ExecuteOneRowToList(); if (token != null) { DateTime expiry = Convert.ToDateTime(token[2]); if (expiry < DateTime.UtcNow || key != EncodeKey(Convert.ToInt64(token[1]), AuthTokenKeySalt_AppUserId)) { AppUserAuthToken.Delete(Convert.ToInt64(token[0])); appUserId = appUserAuthTokenId = 0; return(false); } else { appUserId = Convert.ToInt64(token[1]); appUserAuthTokenId = Convert.ToInt64(token[0]); if (slideExpiration && AuthTokenSlidingExpiration_AppUserId) { DateTime newExpiry = DateTime.UtcNow.AddHours(AuthTokenLifeSpan_AppUserId); if (newExpiry > expiry) { Query.New <AppUserAuthToken>() .Update(AppUserAuthToken.Columns.Expiry, newExpiry) .Where(AppUserAuthToken.Columns.AppUserAuthTokenId, appUserAuthTokenId) .Execute(); } } return(true); } } else { appUserId = appUserAuthTokenId = 0; return(false); } } catch { appUserId = appUserAuthTokenId = 0; return(false); } }
static public AppUserAuthToken GenerateAuthTokenForAppUserId(Int64 AppUserId, int LifeTimeInHours) { int tries = 3; AppUserAuthToken token = new AppUserAuthToken(); token.AppUserId = AppUserId; token.CreatedDate = DateTime.UtcNow; token.Expiry = token.CreatedDate.AddHours(LifeTimeInHours > 0 ? LifeTimeInHours : AuthTokenLifeSpan_AppUserId); token.Key = EncodeKey(AppUserId, AuthTokenKeySalt_AppUserId); while (tries > 0) { try { token.Secret = Guid.NewGuid(); token.Save(); return(token); } catch (System.Data.Common.DbException) { tries--; } } return(null); }
static public string AccessToken(AppUserAuthToken authToken) { return(AccessToken(authToken.Secret.ToString(), authToken.Key)); }
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams) { Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.Cache.SetMaxAge(TimeSpan.Zero); JObject inputData = null; try { using (StreamReader reader = new StreamReader(Request.InputStream)) { using (JsonTextReader jsonReader = new JsonTextReader(reader)) { inputData = JObject.Load(jsonReader); } } } catch { RespondBadRequest(Response); } string accessToken = inputData.Value <string>(@"access_token") ?? ""; Response.ContentType = @"application/json"; AppUser user; AppMembership.AppUserFacebookConnectResults res = AppMembership.ConnectAppUserToFacebook(accessToken, out user); switch (res) { case AppMembership.AppUserFacebookConnectResults.Success: { AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(user.AppUserId, 0); using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream)) { using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter)) { jsonWriter.WriteStartObject(); jsonWriter.WritePropertyName(@"access_token"); jsonWriter.WriteValue(AuthTokens.AccessToken(at)); jsonWriter.WritePropertyName(@"user_id"); jsonWriter.WriteValue(user.AppUserId); Int64?cityId = user.CityId; jsonWriter.WritePropertyName(@"is_city_exists"); jsonWriter.WriteValue(cityId != null && cityId != 0); jsonWriter.WriteEndObject(); } } } break; default: case AppMembership.AppUserFacebookConnectResults.LoginError: { RespondForbidden(Response); } break; } }
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams) { Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.Cache.SetMaxAge(TimeSpan.Zero); JObject inputData = null; try { using (StreamReader reader = new StreamReader(Request.InputStream)) { using (JsonTextReader jsonReader = new JsonTextReader(reader)) { inputData = JObject.Load(jsonReader); } } } catch { RespondBadRequest(Response); } string email = inputData.Value <string>(@"email") ?? ""; string password = inputData.Value <string>(@"password") ?? ""; string lang_code = inputData.Value <string>(@"lang_code") ?? ""; bool isTestUser = inputData.Value <bool>(@"is_test_user"); Int64 tempAppUserId = inputData.Value <Int64>(@"temp_app_user_id"); Response.ContentType = @"application/json"; if (isTestUser) { User userBack; Membership.TestUser(email, password.Trim(), out userBack); RespondBadRequest(Response, @"is_succeeded", (userBack != null).ToString()); } AppUser user; AppMembership.AppUserCreateResults res = AppMembership.CreateAppUser(email, password, lang_code, out user); switch (res) { case AppMembership.AppUserCreateResults.Success: { using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream)) { using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter)) { if (!user.IsVerified && Settings.GetSettingBool(Settings.Keys.APPUSER_VERIFY_EMAIL, false)) { jsonWriter.WriteStartObject(); jsonWriter.WritePropertyName(@"needs_verification"); jsonWriter.WriteValue(true); jsonWriter.WriteEndObject(); } else { AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(user.AppUserId, 0); jsonWriter.WriteStartObject(); //jsonWriter.WritePropertyName(@"auth_token_secret"); //jsonWriter.WriteValue(at.Secret.ToString(@"N")); //jsonWriter.WritePropertyName(@"auth_token_key"); //jsonWriter.WriteValue(at.Key); if (tempAppUserId != 0) { BidController.UpdateTempAppUserBidsToUserBid(tempAppUserId, user.AppUserId); } jsonWriter.WritePropertyName(@"access_token"); jsonWriter.WriteValue(AuthTokens.AccessToken(at)); jsonWriter.WritePropertyName(@"user_id"); jsonWriter.WriteValue(user.AppUserId); jsonWriter.WriteEndObject(); } } } } break; case AppMembership.AppUserCreateResults.AlreadyExists: { RespondBadRequest(Response, @"user-already-exists", @"the supplied email address is in use"); } break; case AppMembership.AppUserCreateResults.InvalidEmailAddress: { RespondBadRequest(Response, @"invalid-email", @"the supplied email address is invalid"); } break; default: case AppMembership.AppUserCreateResults.UnknownError: { RespondInternalServerError(Response); } break; } }
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams) { Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.Cache.SetMaxAge(TimeSpan.Zero); JObject inputData = null; try { using (StreamReader reader = new StreamReader(Request.InputStream)) { using (JsonTextReader jsonReader = new JsonTextReader(reader)) { inputData = JObject.Load(jsonReader); } } } catch { RespondBadRequest(Response); } string email = inputData.Value <string>(@"email") ?? ""; string password = inputData.Value <string>(@"password") ?? ""; Response.ContentType = @"application/json"; Int64 AppUserId; AppMembership.AppUserAuthenticateResults res = AppMembership.AuthenticateAppUser(email, password, out AppUserId); switch (res) { case AppMembership.AppUserAuthenticateResults.Success: { AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(AppUserId, 0); try { AppMembership.AppUserLoggedInAction(AppUserId); } catch { } using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream)) { using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter)) { jsonWriter.WriteStartObject(); jsonWriter.WritePropertyName(@"access_token"); jsonWriter.WriteValue(AuthTokens.AccessToken(at)); jsonWriter.WritePropertyName(@"user_id"); jsonWriter.WriteValue(AppUserId); Int64?cityId = AppUser.FetchByID(AppUserId).CityId; jsonWriter.WritePropertyName(@"is_city_exists"); jsonWriter.WriteValue(cityId != null && cityId != 0); jsonWriter.WriteEndObject(); } } } break; default: case AppMembership.AppUserAuthenticateResults.LoginError: { RespondBadRequest(Response); } break; case AppMembership.AppUserAuthenticateResults.NotVerified: { RespondError(Response, HttpStatusCode.Forbidden, @"not-verified"); } break; case AppMembership.AppUserAuthenticateResults.NoMatch: { RespondError(Response, HttpStatusCode.Forbidden, @"no-match"); } break; case AppMembership.AppUserAuthenticateResults.Locked: { RespondError(Response, HttpStatusCode.Forbidden, @"locked"); } break; } }