public override void OnAuthorization(HttpActionContext actionContext) { bool loggedIn = false; //got username + password here in server if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, "You must send user name and password in basic authentication"); return; } string authenticationToken = actionContext.Request.Headers.Authorization.Parameter; string decodedAuthenticationToken = Encoding.UTF8.GetString( Convert.FromBase64String(authenticationToken)); string[] usernamePasswordArray = decodedAuthenticationToken.Split(':'); string username = usernamePasswordArray[0]; string password = usernamePasswordArray[1]; //search the username and password in the DB (with admin user Facade): ILoginToken LoginUser = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login("admin", "9999"); LoginToken <Administrator> AdminLoginToken = (LoginToken <Administrator>)LoginUser; LoggedInAdministratorFacade AdminLoginIFacade = (LoggedInAdministratorFacade)FlyingCenterSystem.GetFlyingCenterSystemInstance().GetFacade(AdminLoginToken); IList <AirlineCompany> airlineCompanies = new List <AirlineCompany>(); airlineCompanies = AdminLoginIFacade.GetAllAirLineCompanies(); //Add the request to the table in DB: AdminLoginIFacade.AddRequestToTableInDB(AdminLoginToken, username); if (!AdminLoginIFacade.IsUserBlocked(AdminLoginToken, username)) { foreach (AirlineCompany alc in airlineCompanies) { if (username == alc.UserName && password == alc.Password) { loggedIn = true; //create loginToken for AirlineCompany ILoginToken AirlineUserLoginToken = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login(username, password); actionContext.Request.Properties["login-airline-company"] = alc; actionContext.Request.Properties["airline-company-login-token"] = AirlineUserLoginToken; } if (username == alc.UserName && password != alc.Password) { loggedIn = true; //Add the request to the table in DB: AdminLoginIFacade.AddRequestToTableInDB(AdminLoginToken, username); //if times of login from the same user more than 3 - block the user: AdminLoginIFacade.CheckIfBlockUser(AdminLoginToken, username); string answerWrongpassword = "******"; if (AdminLoginIFacade.IsUserBlocked(AdminLoginToken, username)) { answerWrongpassword += " Your user was blocked."; } actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, answerWrongpassword); } } if (!loggedIn) { //stops the request - will not arrive to web api controller actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "You are not authorized. Your Username is not registered."); } } else { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "You are not authorized. Your user was blocked."); } }
public void GenerateData() { log.Info("Creating admin user"); MainWindowViewModel.ListForLog.Add("Creating admin user"); //Creating admin user: IloginAdministrator = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login("admin", "9999"); loginTokenAdministrator = IloginAdministrator as LoginToken <Administrator>; administratorFacade = (LoggedInAdministratorFacade)FlyingCenterSystem.GetFlyingCenterSystemInstance().GetFacade(IloginAdministrator); //Adds the countries first (foreign key constrain considaration): log.Info("Adds the countries first"); MainWindowViewModel.ListForLog.Add("Adds the countries first"); for (int i = 0; i < _CountriesNoToAdd; i++) { administratorFacade.CreateNewCountry(loginTokenAdministrator, new Country() { CountryName = listOfThings.CountriesArray[rnd.Next(listOfThings.CountriesArray.Length)] }); if (i >= listOfThings.CountriesArray.Length) { administratorFacade.CreateNewCountry(loginTokenAdministrator, new Country() { CountryName = RandomString(5) }); } } //Get All Countries and add country codes for filling the airline companies: log.Info("Adds the Airline Companies"); MainWindowViewModel.ListForLog.Add("Adds the Airline Companies"); IList <Country> countries = new List <Country>(); countries = administratorFacade.GetAllCountries(loginTokenAdministrator); //Adds the Airline Companies: for (int i = 0; i < _AirlineCompaniesNo; i++) { administratorFacade.CreateNewAirline(loginTokenAdministrator, new AirlineCompany() { AirLineName = RandomString(5), CountryCode = countries[rnd.Next(0, countries.Count)].CountyID, Password = RandomString(6), UserName = RandomString(4) }); } //Adds the Customers: log.Info("Adds the Customers"); MainWindowViewModel.ListForLog.Add("Adds the Customers"); //FillCustomerTableFromUserApi(CustomersNo); - will not use, site is down (although it's working) FillCustomerTableRandomly(rnd, _CustomersNo); //Get All AirlineCompanies for the id: IList <AirlineCompany> airlineCompanies = administratorFacade.GetAllAirLineCompanies(); //Adds the Flights Per Company: log.Info("Adds the Flights Per Company"); MainWindowViewModel.ListForLog.Add("Adds the Flights Per Company"); for (int i = 0; i < _FlightsPerCompany; i++) { administratorFacade.CreateFlight(loginTokenAdministrator, new Flight() { AirLineCompany_ID = airlineCompanies[rnd.Next(0, airlineCompanies.Count)].Airline_ID, Origin_Country_Code = countries[rnd.Next(0, countries.Count)].CountyID, Destination_Country_Code = countries[rnd.Next(0, countries.Count)].CountyID, DepartureTime = createRandomDate(), LandingTime = createRandomDate(), Remaining_Tickets = rnd.Next(5, 51) }); } log.Info("Adds the Tickets per Customer"); MainWindowViewModel.ListForLog.Add("Adds the Tickets per Customer"); //Get All customers: IList <Customer> customers = new List <Customer>(); customers = administratorFacade.GetAllCustomers(loginTokenAdministrator); //Get All flights : IList <Flight> flights = new List <Flight>(); flights = administratorFacade.GetAllFlights(); //Adds the Tickets per Customer: for (int i = 0; i < _TicketsPerCustomer; i++) { administratorFacade.AddTicketsToCustomer(loginTokenAdministrator, customers[rnd.Next(0, customers.Count)].Customer_ID, flights[rnd.Next(0, flights.Count)].FlightID); } log.Info("Finished puting data in DB!"); MainWindowViewModel.ListForLog.Add("Finished puting data in DB!"); }