static public bool ValidateAppUserAuthToken(string secret, string key, bool slideExpiration, out Int64 appUserId, out Int64 appUserAuthTokenId)
{
try
{
List <object> token = new Query(AppUserAuthToken.TableSchema)
.Select(AppUserAuthToken.Columns.AppUserAuthTokenId)
.AddSelect(AppUserAuthToken.Columns.AppUserId)
.AddSelect(AppUserAuthToken.Columns.Expiry)
.Where(AppUserAuthToken.Columns.Secret, secret)
.AND(AppUserAuthToken.Columns.Key, key)
.LimitRows(1)
.ExecuteOneRowToList();
if (token != null)
{
DateTime expiry = Convert.ToDateTime(token[2]);
if (expiry < DateTime.UtcNow || key != EncodeKey(Convert.ToInt64(token[1]), AuthTokenKeySalt_AppUserId))
{
AppUserAuthToken.Delete(Convert.ToInt64(token[0]));
appUserId = appUserAuthTokenId = 0;
return(false);
}
else
{
appUserId = Convert.ToInt64(token[1]);
appUserAuthTokenId = Convert.ToInt64(token[0]);
if (slideExpiration && AuthTokenSlidingExpiration_AppUserId)
{
DateTime newExpiry = DateTime.UtcNow.AddHours(AuthTokenLifeSpan_AppUserId);
if (newExpiry > expiry)
{
Query.New <AppUserAuthToken>()
.Update(AppUserAuthToken.Columns.Expiry, newExpiry)
.Where(AppUserAuthToken.Columns.AppUserAuthTokenId, appUserAuthTokenId)
.Execute();
}
}
return(true);
}
}
else
{
appUserId = appUserAuthTokenId = 0;
return(false);
}
}
catch
{
appUserId = appUserAuthTokenId = 0;
return(false);
}
}
static public AppUserAuthToken GenerateAuthTokenForAppUserId(Int64 AppUserId, int LifeTimeInHours)
{
int tries = 3;
AppUserAuthToken token = new AppUserAuthToken();
token.AppUserId = AppUserId;
token.CreatedDate = DateTime.UtcNow;
token.Expiry = token.CreatedDate.AddHours(LifeTimeInHours > 0 ? LifeTimeInHours : AuthTokenLifeSpan_AppUserId);
token.Key = EncodeKey(AppUserId, AuthTokenKeySalt_AppUserId);
while (tries > 0)
{
try
{
token.Secret = Guid.NewGuid();
token.Save();
return(token);
}
catch (System.Data.Common.DbException)
{
tries--;
}
}
return(null);
}
static public string AccessToken(AppUserAuthToken authToken)
{
return(AccessToken(authToken.Secret.ToString(), authToken.Key));
}
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams)
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetMaxAge(TimeSpan.Zero);
JObject inputData = null;
try
{
using (StreamReader reader = new StreamReader(Request.InputStream))
{
using (JsonTextReader jsonReader = new JsonTextReader(reader))
{
inputData = JObject.Load(jsonReader);
}
}
}
catch
{
RespondBadRequest(Response);
}
string accessToken = inputData.Value <string>(@"access_token") ?? "";
Response.ContentType = @"application/json";
AppUser user;
AppMembership.AppUserFacebookConnectResults res = AppMembership.ConnectAppUserToFacebook(accessToken, out user);
switch (res)
{
case AppMembership.AppUserFacebookConnectResults.Success:
{
AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(user.AppUserId, 0);
using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream))
{
using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter))
{
jsonWriter.WriteStartObject();
jsonWriter.WritePropertyName(@"access_token");
jsonWriter.WriteValue(AuthTokens.AccessToken(at));
jsonWriter.WritePropertyName(@"user_id");
jsonWriter.WriteValue(user.AppUserId);
Int64?cityId = user.CityId;
jsonWriter.WritePropertyName(@"is_city_exists");
jsonWriter.WriteValue(cityId != null && cityId != 0);
jsonWriter.WriteEndObject();
}
}
}
break;
default:
case AppMembership.AppUserFacebookConnectResults.LoginError:
{
RespondForbidden(Response);
}
break;
}
}
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams)
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetMaxAge(TimeSpan.Zero);
JObject inputData = null;
try
{
using (StreamReader reader = new StreamReader(Request.InputStream))
{
using (JsonTextReader jsonReader = new JsonTextReader(reader))
{
inputData = JObject.Load(jsonReader);
}
}
}
catch
{
RespondBadRequest(Response);
}
string email = inputData.Value <string>(@"email") ?? "";
string password = inputData.Value <string>(@"password") ?? "";
string lang_code = inputData.Value <string>(@"lang_code") ?? "";
bool isTestUser = inputData.Value <bool>(@"is_test_user");
Int64 tempAppUserId = inputData.Value <Int64>(@"temp_app_user_id");
Response.ContentType = @"application/json";
if (isTestUser)
{
User userBack;
Membership.TestUser(email, password.Trim(), out userBack);
RespondBadRequest(Response, @"is_succeeded", (userBack != null).ToString());
}
AppUser user;
AppMembership.AppUserCreateResults res = AppMembership.CreateAppUser(email, password, lang_code, out user);
switch (res)
{
case AppMembership.AppUserCreateResults.Success:
{
using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream))
{
using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter))
{
if (!user.IsVerified && Settings.GetSettingBool(Settings.Keys.APPUSER_VERIFY_EMAIL, false))
{
jsonWriter.WriteStartObject();
jsonWriter.WritePropertyName(@"needs_verification");
jsonWriter.WriteValue(true);
jsonWriter.WriteEndObject();
}
else
{
AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(user.AppUserId, 0);
jsonWriter.WriteStartObject();
//jsonWriter.WritePropertyName(@"auth_token_secret");
//jsonWriter.WriteValue(at.Secret.ToString(@"N"));
//jsonWriter.WritePropertyName(@"auth_token_key");
//jsonWriter.WriteValue(at.Key);
if (tempAppUserId != 0)
{
BidController.UpdateTempAppUserBidsToUserBid(tempAppUserId, user.AppUserId);
}
jsonWriter.WritePropertyName(@"access_token");
jsonWriter.WriteValue(AuthTokens.AccessToken(at));
jsonWriter.WritePropertyName(@"user_id");
jsonWriter.WriteValue(user.AppUserId);
jsonWriter.WriteEndObject();
}
}
}
}
break;
case AppMembership.AppUserCreateResults.AlreadyExists:
{
RespondBadRequest(Response, @"user-already-exists", @"the supplied email address is in use");
}
break;
case AppMembership.AppUserCreateResults.InvalidEmailAddress:
{
RespondBadRequest(Response, @"invalid-email", @"the supplied email address is invalid");
}
break;
default:
case AppMembership.AppUserCreateResults.UnknownError:
{
RespondInternalServerError(Response);
}
break;
}
}
public override void Post(HttpRequest Request, HttpResponse Response, params string[] PathParams)
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetMaxAge(TimeSpan.Zero);
JObject inputData = null;
try
{
using (StreamReader reader = new StreamReader(Request.InputStream))
{
using (JsonTextReader jsonReader = new JsonTextReader(reader))
{
inputData = JObject.Load(jsonReader);
}
}
}
catch
{
RespondBadRequest(Response);
}
string email = inputData.Value <string>(@"email") ?? "";
string password = inputData.Value <string>(@"password") ?? "";
Response.ContentType = @"application/json";
Int64 AppUserId;
AppMembership.AppUserAuthenticateResults res = AppMembership.AuthenticateAppUser(email, password, out AppUserId);
switch (res)
{
case AppMembership.AppUserAuthenticateResults.Success:
{
AppUserAuthToken at = AuthTokens.GenerateAuthTokenForAppUserId(AppUserId, 0);
try
{
AppMembership.AppUserLoggedInAction(AppUserId);
}
catch { }
using (StreamWriter streamWriter = new StreamWriter(Response.OutputStream))
{
using (JsonTextWriter jsonWriter = new JsonTextWriter(streamWriter))
{
jsonWriter.WriteStartObject();
jsonWriter.WritePropertyName(@"access_token");
jsonWriter.WriteValue(AuthTokens.AccessToken(at));
jsonWriter.WritePropertyName(@"user_id");
jsonWriter.WriteValue(AppUserId);
Int64?cityId = AppUser.FetchByID(AppUserId).CityId;
jsonWriter.WritePropertyName(@"is_city_exists");
jsonWriter.WriteValue(cityId != null && cityId != 0);
jsonWriter.WriteEndObject();
}
}
}
break;
default:
case AppMembership.AppUserAuthenticateResults.LoginError:
{
RespondBadRequest(Response);
}
break;
case AppMembership.AppUserAuthenticateResults.NotVerified:
{
RespondError(Response, HttpStatusCode.Forbidden, @"not-verified");
}
break;
case AppMembership.AppUserAuthenticateResults.NoMatch:
{
RespondError(Response, HttpStatusCode.Forbidden, @"no-match");
}
break;
case AppMembership.AppUserAuthenticateResults.Locked:
{
RespondError(Response, HttpStatusCode.Forbidden, @"locked");
}
break;
}
}