public async Task <IHttpActionResult> RegisterUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ChattyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user != null)
{
return(InternalServerError(new InvalidOperationException("This email has already taken!")));
}
user = new User {
Email = credentials.Email, Password = credentials.Password
};
user.Ticket = Guid.NewGuid().ToString();
ctx.Users.Add(user);
ctx.SaveChanges();
string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY");
SendGridAPIClient mc = new SendGridAPIClient(apiKey);
Email to = new Email(user.Email);
Email from = new Email("*****@*****.**");
string subject = "Welocme to Chatty!";
Content content = new Content("text/plain",
String.Format("Hi {0},\n\nYou registration on Chatty is almost complete. Please click on this link to confirm your registration!\n\n{1}",
user.Email.Split('@')[0],
String.Format("https://chatty-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket)));
Mail mail = new Mail(from, subject, to, content);
dynamic response = await mc.client.mail.send.post(requestBody : mail.Get());
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
AuthAccessToken = null,
AuthExpirationDate = null
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult LoginUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ListyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user == null)
{
return(Unauthorized());
}
if (!user.IsConfirmed)
{
return(InternalServerError(new InvalidOperationException("You must confirm your email first!")));
}
string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5");
string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5");
if (p1 != p2)
{
return(Unauthorized());
}
var token = GetAuthenticationTokenForUser(user.Email);
user.LoginDate = DateTime.Now.ToUniversalTime();
user.LastActiveDate = user.LoginDate;
user.AuthAccessToken = token.RawData;
user.AuthExpirationDate = token.ValidTo;
ctx.SaveChanges();
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
LoginDate = user.LoginDate,
AuthAccessToken = user.AuthAccessToken,
AuthExpirationDate = user.AuthExpirationDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public IHttpActionResult LoginUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ChattyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user == null)
{
return(Unauthorized());
}
if (!user.IsConfirmed)
{
return(InternalServerError(new InvalidOperationException("You must confirm your email first!")));
}
if (!String.IsNullOrWhiteSpace(user.FacebookId) && user.Password == null)
{
return(InternalServerError(new InvalidOperationException("You must login via Facebook!")));
}
string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5");
string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5");
if (p1 != p2)
{
return(Unauthorized());
}
int activeUsers =
ctx.Users.Count(x => x.LastActiveDate.HasValue &&
DbFunctions.DiffDays(DateTime.Now, x.AuthExpirationDate.Value) < UsersController.AUTH_TOKEN_MAX_DURATION);
if (activeUsers == USERS_MAX_LOGGED)
{
// Check if we can kick out a user marked as not active
User userToKick = ctx.Users
.Where(x => x.LastActiveDate.HasValue)
.Where(x => DbFunctions.DiffMinutes(DateTime.Now, x.LastActiveDate.Value) >= USERS_MAX_INACTIVE_TIME)
.OrderBy(x => x.LastActiveDate.GetValueOrDefault())
.SingleOrDefault();
// We got a candidate?
if (userToKick != null)
{
userToKick.LoginDate = null;
userToKick.LastActiveDate = null;
userToKick.AuthAccessToken = null;
userToKick.AuthExpirationDate = null;
}
else
{
return(InternalServerError(new InvalidOperationException("Max user logged reached. Please retry later!")));
}
}
var token = GetAuthenticationTokenForUser(user.Email);
user.LoginDate = DateTime.Now.ToUniversalTime();
user.LastActiveDate = user.LoginDate;
user.AuthAccessToken = token.RawData;
user.AuthExpirationDate = token.ValidTo;
ctx.SaveChanges();
_nhclient.SendGcmNativeNotificationAsync(
Newtonsoft.Json.JsonConvert.SerializeObject(Push.Android.Make(
"New user connected",
String.Format("User {0} has joined the chat.", credentials.Email.Split('@')[0]),
2,
credentials.Email.Split('@')[0]
)), String.Concat("!", user.Email));
_nhclient.SendAppleNativeNotificationAsync(
Newtonsoft.Json.JsonConvert.SerializeObject(Push.iOS.Make(
"New user connected",
String.Format("User {0} has joined the chat.", credentials.Email.Split('@')[0]),
2,
credentials.Email.Split('@')[0]
)), String.Concat("!", user.Email));
return(Ok(Dto.Wrap(new Poco.User
{
UserId = user.UserId,
Email = user.Email,
LoginDate = user.LoginDate,
AuthAccessToken = user.AuthAccessToken,
AuthExpirationDate = user.AuthExpirationDate
})));
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public async Task <IHttpActionResult> VerifyUser(Poco.User credentials)
{
if (string.IsNullOrWhiteSpace(credentials.Email))
{
return(BadRequest("The email is not valid!"));
}
if (string.IsNullOrWhiteSpace(credentials.Password))
{
return(BadRequest("The password is not valid!"));
}
try
{
using (var ctx = new ChattyDbContext())
{
User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email);
if (user == null)
{
return(InternalServerError(new InvalidOperationException("This email is not registered!")));
}
if (user.IsConfirmed)
{
return(InternalServerError(new InvalidOperationException("This email has been already confirmed!")));
}
string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5");
string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5");
if (p1 != p2)
{
return(InternalServerError(new InvalidOperationException("Your credentials seem to be not valid!")));
}
string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY");
SendGridAPIClient mc = new SendGridAPIClient(apiKey);
Email to = new Email(user.Email);
Email from = new Email("*****@*****.**");
string subject = "Welocme to Chatty!";
Content content = new Content("text/plain",
String.Format("Hi {0},\n\nYou registration on Chatty is almost complete. Please click on this link to confirm your registration!\n\n{1}",
user.Email.Split('@')[0],
String.Format("https://chatty-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket)));
Mail mail = new Mail(from, subject, to, content);
dynamic response = await mc.client.mail.send.post(requestBody : mail.Get());
if (response.StatusCode != System.Net.HttpStatusCode.Accepted)
{
return(InternalServerError(new InvalidOperationException("Internal mail error. Retry later!")));
}
return(Ok());
}
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
