public async Task <IHttpActionResult> RegisterUser(Poco.User credentials) { if (string.IsNullOrWhiteSpace(credentials.Email)) { return(BadRequest("The email is not valid!")); } if (string.IsNullOrWhiteSpace(credentials.Password)) { return(BadRequest("The password is not valid!")); } try { using (var ctx = new ChattyDbContext()) { User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email); if (user != null) { return(InternalServerError(new InvalidOperationException("This email has already taken!"))); } user = new User { Email = credentials.Email, Password = credentials.Password }; user.Ticket = Guid.NewGuid().ToString(); ctx.Users.Add(user); ctx.SaveChanges(); string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY"); SendGridAPIClient mc = new SendGridAPIClient(apiKey); Email to = new Email(user.Email); Email from = new Email("*****@*****.**"); string subject = "Welocme to Chatty!"; Content content = new Content("text/plain", String.Format("Hi {0},\n\nYou registration on Chatty is almost complete. Please click on this link to confirm your registration!\n\n{1}", user.Email.Split('@')[0], String.Format("https://chatty-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket))); Mail mail = new Mail(from, subject, to, content); dynamic response = await mc.client.mail.send.post(requestBody : mail.Get()); return(Ok(Dto.Wrap(new Poco.User { UserId = user.UserId, Email = user.Email, AuthAccessToken = null, AuthExpirationDate = null }))); } } catch (Exception ex) { return(InternalServerError(ex)); } }
public IHttpActionResult LoginUser(Poco.User credentials) { if (string.IsNullOrWhiteSpace(credentials.Email)) { return(BadRequest("The email is not valid!")); } if (string.IsNullOrWhiteSpace(credentials.Password)) { return(BadRequest("The password is not valid!")); } try { using (var ctx = new ListyDbContext()) { User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email); if (user == null) { return(Unauthorized()); } if (!user.IsConfirmed) { return(InternalServerError(new InvalidOperationException("You must confirm your email first!"))); } string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5"); string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5"); if (p1 != p2) { return(Unauthorized()); } var token = GetAuthenticationTokenForUser(user.Email); user.LoginDate = DateTime.Now.ToUniversalTime(); user.LastActiveDate = user.LoginDate; user.AuthAccessToken = token.RawData; user.AuthExpirationDate = token.ValidTo; ctx.SaveChanges(); return(Ok(Dto.Wrap(new Poco.User { UserId = user.UserId, Email = user.Email, LoginDate = user.LoginDate, AuthAccessToken = user.AuthAccessToken, AuthExpirationDate = user.AuthExpirationDate }))); } } catch (Exception ex) { return(InternalServerError(ex)); } }
public IHttpActionResult LoginUser(Poco.User credentials) { if (string.IsNullOrWhiteSpace(credentials.Email)) { return(BadRequest("The email is not valid!")); } if (string.IsNullOrWhiteSpace(credentials.Password)) { return(BadRequest("The password is not valid!")); } try { using (var ctx = new ChattyDbContext()) { User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email); if (user == null) { return(Unauthorized()); } if (!user.IsConfirmed) { return(InternalServerError(new InvalidOperationException("You must confirm your email first!"))); } if (!String.IsNullOrWhiteSpace(user.FacebookId) && user.Password == null) { return(InternalServerError(new InvalidOperationException("You must login via Facebook!"))); } string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5"); string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5"); if (p1 != p2) { return(Unauthorized()); } int activeUsers = ctx.Users.Count(x => x.LastActiveDate.HasValue && DbFunctions.DiffDays(DateTime.Now, x.AuthExpirationDate.Value) < UsersController.AUTH_TOKEN_MAX_DURATION); if (activeUsers == USERS_MAX_LOGGED) { // Check if we can kick out a user marked as not active User userToKick = ctx.Users .Where(x => x.LastActiveDate.HasValue) .Where(x => DbFunctions.DiffMinutes(DateTime.Now, x.LastActiveDate.Value) >= USERS_MAX_INACTIVE_TIME) .OrderBy(x => x.LastActiveDate.GetValueOrDefault()) .SingleOrDefault(); // We got a candidate? if (userToKick != null) { userToKick.LoginDate = null; userToKick.LastActiveDate = null; userToKick.AuthAccessToken = null; userToKick.AuthExpirationDate = null; } else { return(InternalServerError(new InvalidOperationException("Max user logged reached. Please retry later!"))); } } var token = GetAuthenticationTokenForUser(user.Email); user.LoginDate = DateTime.Now.ToUniversalTime(); user.LastActiveDate = user.LoginDate; user.AuthAccessToken = token.RawData; user.AuthExpirationDate = token.ValidTo; ctx.SaveChanges(); _nhclient.SendGcmNativeNotificationAsync( Newtonsoft.Json.JsonConvert.SerializeObject(Push.Android.Make( "New user connected", String.Format("User {0} has joined the chat.", credentials.Email.Split('@')[0]), 2, credentials.Email.Split('@')[0] )), String.Concat("!", user.Email)); _nhclient.SendAppleNativeNotificationAsync( Newtonsoft.Json.JsonConvert.SerializeObject(Push.iOS.Make( "New user connected", String.Format("User {0} has joined the chat.", credentials.Email.Split('@')[0]), 2, credentials.Email.Split('@')[0] )), String.Concat("!", user.Email)); return(Ok(Dto.Wrap(new Poco.User { UserId = user.UserId, Email = user.Email, LoginDate = user.LoginDate, AuthAccessToken = user.AuthAccessToken, AuthExpirationDate = user.AuthExpirationDate }))); } } catch (Exception ex) { return(InternalServerError(ex)); } }
public async Task <IHttpActionResult> VerifyUser(Poco.User credentials) { if (string.IsNullOrWhiteSpace(credentials.Email)) { return(BadRequest("The email is not valid!")); } if (string.IsNullOrWhiteSpace(credentials.Password)) { return(BadRequest("The password is not valid!")); } try { using (var ctx = new ChattyDbContext()) { User user = ctx.Users.SingleOrDefault(x => x.Email == credentials.Email); if (user == null) { return(InternalServerError(new InvalidOperationException("This email is not registered!"))); } if (user.IsConfirmed) { return(InternalServerError(new InvalidOperationException("This email has been already confirmed!"))); } string p1 = FormsAuthentication.HashPasswordForStoringInConfigFile(user.Password, "MD5"); string p2 = FormsAuthentication.HashPasswordForStoringInConfigFile(credentials.Password, "MD5"); if (p1 != p2) { return(InternalServerError(new InvalidOperationException("Your credentials seem to be not valid!"))); } string apiKey = System.Environment.GetEnvironmentVariable("SENDGRID_APIKEY"); SendGridAPIClient mc = new SendGridAPIClient(apiKey); Email to = new Email(user.Email); Email from = new Email("*****@*****.**"); string subject = "Welocme to Chatty!"; Content content = new Content("text/plain", String.Format("Hi {0},\n\nYou registration on Chatty is almost complete. Please click on this link to confirm your registration!\n\n{1}", user.Email.Split('@')[0], String.Format("https://chatty-api.azurewebsites.net/users/confirm?ticket={0}", user.Ticket))); Mail mail = new Mail(from, subject, to, content); dynamic response = await mc.client.mail.send.post(requestBody : mail.Get()); if (response.StatusCode != System.Net.HttpStatusCode.Accepted) { return(InternalServerError(new InvalidOperationException("Internal mail error. Retry later!"))); } return(Ok()); } } catch (Exception ex) { return(InternalServerError(ex)); } }