public static Common.Models.External.ExternalSession Update(
Common.Models.External.ExternalSession model,
IDbConnection conn = null,
bool closeConnection = true)
{
Delete(model, conn, false);
return(Create(model, conn, closeConnection));
}
public static Common.Models.External.ExternalSession Delete(Common.Models.External.ExternalSession model)
{
using (IDbConnection conn = Database.Instance.GetConnection())
{
conn.Execute("DELETE FROM \"external_session\" WHERE \"id\"=@Id",
new { Id = model.Id.Value });
}
return(model);
}
public static Common.Models.External.ExternalSession Renew(Common.Models.External.ExternalSession model)
{
Common.Models.External.ExternalSession curSes = Get(model.Id.Value);
using (IDbConnection conn = Database.Instance.GetConnection())
{
conn.Execute("UPDATE \"external_session\" SET " +
"\"utc_expires\"=@UtcExpires WHERE \"id\"=@Id",
new { Id = model.Id.Value, UtcExpires = DateTime.UtcNow.AddSeconds(curSes.Timeout) });
}
return(model);
}
public static Common.Models.External.ExternalSession Delete(
Common.Models.External.ExternalSession model,
IDbConnection conn = null,
bool closeConnection = true)
{
conn = DataHelper.OpenIfNeeded(conn);
conn.Execute("DELETE FROM \"external_session\" WHERE \"id\"=@Id",
new { Id = model.Id.Value });
DataHelper.Close(conn, closeConnection);
return(model);
}
public static Common.Models.External.ExternalSession Renew(
Common.Models.External.ExternalSession model,
IDbConnection conn = null,
bool closeConnection = true)
{
Common.Models.External.ExternalSession curSes = Get(model.Id.Value);
conn = DataHelper.OpenIfNeeded(conn);
conn.Execute("UPDATE \"external_session\" SET " +
"\"utc_expires\"=@UtcExpires WHERE \"id\"=@Id",
new { Id = model.Id.Value, UtcExpires = DateTime.UtcNow.AddSeconds(curSes.Timeout) });
DataHelper.Close(conn, closeConnection);
return(model);
}
public static Common.Models.External.ExternalSession Create(Common.Models.External.ExternalSession model)
{
model.Id = Guid.NewGuid();
model.Created = DateTime.UtcNow;
model.Timeout = 15 * 60; // 15 minutes
model.Expires = model.Created.AddSeconds(model.Timeout);
DBOs.External.ExternalSession dbo = Mapper.Map <DBOs.External.ExternalSession>(model);
using (IDbConnection conn = Database.Instance.GetConnection())
{
conn.Execute("INSERT INTO \"external_session\" (\"id\", \"user_pid\", \"app_name\", \"utc_created\", \"utc_expires\", \"timeout\", \"machine_id\") " +
"VALUES (@Id, @UserPId, @AppName, @UtcCreated, @UtcExpires, @Timeout, @MachineId)",
dbo);
}
return(model);
}
private bool VerifyToken(Data.Transaction trans, Guid token, bool renewSession = true)
{
Common.Models.External.ExternalSession session = Data.External.ExternalSession.Get(trans, token);
if (session == null)
{
return(false);
}
if (session.Expires < DateTime.Now)
{
return(false);
}
if (renewSession)
{
session = Data.External.ExternalSession.Renew(trans, session);
}
return(true);
}
public static Common.Models.External.ExternalSession Create(
Common.Models.External.ExternalSession model,
IDbConnection conn = null,
bool closeConnection = true)
{
model.Id = Guid.NewGuid();
model.Created = DateTime.UtcNow;
model.Timeout = 15 * 60; // 15 minutes
model.Expires = model.Created.AddSeconds(model.Timeout);
DBOs.External.ExternalSession dbo = Mapper.Map <DBOs.External.ExternalSession>(model);
conn = DataHelper.OpenIfNeeded(conn);
conn.Execute("INSERT INTO \"external_session\" (\"id\", \"user_pid\", \"app_name\", \"utc_created\", \"utc_expires\", \"timeout\", \"machine_id\") " +
"VALUES (@Id, @UserPId, @AppName, @UtcCreated, @UtcExpires, @Timeout, @MachineId)",
dbo);
DataHelper.Close(conn, closeConnection);
return(model);
}
public bool VerifyToken(IDbConnection conn, Guid token, bool renewSession = true)
{
Common.Models.External.ExternalSession session =
Data.External.ExternalSession.Get(token, conn, false);
if (session == null)
{
return(false);
}
if (session.Expires < DateTime.Now)
{
return(false);
}
if (renewSession)
{
session = Data.External.ExternalSession.Renew(session, conn, false);
}
return(true);
}
public static Common.Models.External.ExternalSession Create(
Transaction t,
Common.Models.External.ExternalSession model)
{
return(Create(model, t.Connection, false));
}
public ActionResult Authenticate()
{
Common.Net.AuthPackage authPackage;
Common.Net.Response <Guid> response = new Common.Net.Response <Guid>();
response.RequestReceived = DateTime.Now;
authPackage = Request.InputStream.JsonDeserialize <Common.Net.AuthPackage>();
using (Data.Transaction trans = Data.Transaction.Create(true))
{
try
{
dynamic profile;
Common.Models.Account.Users user = Data.Account.Users.Get(trans, authPackage.Username);
profile = ProfileBase.Create(user.Username);
// decrypt password
Common.Encryption enc = new Common.Encryption();
Common.Encryption.Package package;
enc.IV = authPackage.IV;
if (profile != null && profile.ExternalAppKey != null &&
!string.IsNullOrEmpty(profile.ExternalAppKey))
{
enc.Key = profile.ExternalAppKey;
}
else
{
response.Successful = false;
response.Package = Guid.Empty;
response.ResponseSent = DateTime.Now;
return(Json(response, JsonRequestBehavior.AllowGet));
}
package = enc.Decrypt(new Common.Encryption.Package()
{
Input = authPackage.Password
});
if (string.IsNullOrEmpty(package.Output))
{
response.Successful = false;
response.Package = Guid.Empty;
response.ResponseSent = DateTime.Now;
return(Json(response, JsonRequestBehavior.AllowGet));
}
authPackage.Password = package.Output;
string hashFromDb = Security.ClientHashPassword(user.Password);
string hashFromWeb = Security.ClientHashPassword(authPackage.Password);
if (MembershipService.ValidateUser(authPackage.Username, authPackage.Password))
{
Common.Models.External.ExternalSession session =
Data.External.ExternalSession.Get(trans, authPackage.AppName, authPackage.MachineId, authPackage.Username);
user = Data.Account.Users.Get(trans, authPackage.Username);
if (session == null)
{ // create
session = Data.External.ExternalSession.Create(trans, new Common.Models.External.ExternalSession()
{
MachineId = authPackage.MachineId,
User = user,
AppName = authPackage.AppName
});
}
else
{ // update
session = Data.External.ExternalSession.Update(trans, new Common.Models.External.ExternalSession()
{
Id = session.Id,
MachineId = authPackage.MachineId,
User = user,
AppName = authPackage.AppName
});
}
response.Successful = true;
response.Package = session.Id.Value;
trans.Commit();
}
else
{
response.Successful = false;
response.Package = Guid.Empty;
response.Error = "Invalid security credentials.";
}
}
catch
{
trans.Rollback();
response.Successful = false;
response.Package = Guid.Empty;
response.Error = "Unexpected server error.";
}
}
response.ResponseSent = DateTime.Now;
return(Json(response, JsonRequestBehavior.AllowGet));
}
public static Common.Models.External.ExternalSession Update(Common.Models.External.ExternalSession model)
{
Delete(model);
return(Create(model));
}
