public static PasswordApiUser MakePasswordUser(IHttpContext context, string password) { var user = new PasswordApiUser(); ApiUser.InitializeUser(user, context); return(user); }
public void Verify(IHttpContext context, JObject authToken, out ApiUser user) { PasswordApiUser passwordUser = authToken.ToObject <PasswordApiUser>(); if (passwordUser == null) { throw new UnauthorizedException(); } user = passwordUser; ApiUser.VerifyUser(passwordUser, context); // TODO: Verify password has not changed. // Disabling this for now. GetHashCode is returning inconsistent results between checks. // if (passwordUser.PasswordHash != Config.Instance.PasswordAuthentication.Password.GetHashCode()) // { // Logging.Log("Password verify with wrong password"); // throw new UnauthorizedException(); // } }
public async Task <ApiUser> TryAuthenticate(IHttpContext context) { if (!Config.Instance.PasswordAuthentication.Enabled) { throw new NotFoundException(); } var password = context.Request.QueryString["password"]; if (string.IsNullOrEmpty(password)) { throw new BadRequestException("Password query parameter is required."); } if (password != Config.Instance.PasswordAuthentication.Password) { throw new UnauthorizedException(); } await context.SendResponse(HttpStatusCode.OK); return(PasswordApiUser.MakePasswordUser(context, password)); }