public CreateUserResponse ResetPassword([FromBody] ResetPasswordRequest pwResetRequest) { CreateUserResponse response = new CreateUserResponse(); if (string.IsNullOrEmpty(pwResetRequest.User.Email) || string.IsNullOrEmpty(pwResetRequest.User.Password) || string.IsNullOrEmpty(pwResetRequest.Token)) { response.Error = "Missing necessary data"; } User user = pwResetRequest.User; using (RequestTracker request = new RequestTracker(Constant.RequestAPI.ResetPW.ToString(), user.Email)) { try { user.Init(); if (string.IsNullOrEmpty(user.Password) || user.Password.Length < 8) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Password must be at least 8 characters"; return(response); } User retrievedUser; TableStore.Get <User>(TableStore.TableName.users, user.PartitionKey, user.Email, out retrievedUser); if (retrievedUser == null) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Invalid user"; return(response); } // Confirm token if (retrievedUser.PWResetTokenWithExpiry == null || retrievedUser.PWResetTokenWithExpiry.Item1 != pwResetRequest.Token || DateTime.Compare(DateTime.UtcNow, retrievedUser.PWResetTokenWithExpiry.Item2) > 0) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Invalid or expired token"; return(response); } retrievedUser.Password = user.Password; retrievedUser.EncryptPassword(); retrievedUser.PWResetTokenWithExpiry = null; retrievedUser.ClearAuthTokens(); string token = retrievedUser.GetAuthToken(); TableStore.Update(TableStore.TableName.users, retrievedUser); response.Token = token; response.Error = "Success"; return(response); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); response.Error = "Oops, something went wrong. Initiating developer punishment."; return(response); } } }
public CreateUpdateNoteResponse UpdateNote([FromBody] UpdateNoteAction updateNote) { CreateUpdateNoteResponse response = new CreateUpdateNoteResponse(); response.Status = string.Empty; if (string.IsNullOrEmpty(updateNote.Email)) { return(response); } using (RequestTracker request = new RequestTracker(Constant.RequestAPI.UpdateNote.ToString(), updateNote.Email)) { try { if (string.IsNullOrEmpty(updateNote.Email) || string.IsNullOrEmpty(updateNote.AuthToken) || string.IsNullOrEmpty(updateNote.NoteContents) || string.IsNullOrEmpty(updateNote.RowKey)) { request.response = RequestTracker.RequestResponse.UserError; return(response); } if (updateNote.NoteContents.Length > Constant.MaxNoteLength) { request.response = RequestTracker.RequestResponse.UserError; response.Status = "TooLong"; return(response); } // Use the email and authToken to get the userId string userId = UserController.GetUserId(updateNote.Email, updateNote.AuthToken); if (string.IsNullOrEmpty(userId)) { request.response = RequestTracker.RequestResponse.UserError; // Expired AuthToken response.Status = "Expired"; return(response); } response.Note = NoteModel.UpdateNote(userId, updateNote.RowKey, updateNote.NoteContents, updateNote.City, updateNote.Latitude, updateNote.Longitude, updateNote.Completed); if (response.Note == null) { request.response = RequestTracker.RequestResponse.UserError; // Expired AuthToken response.Status = "Invalid"; return(response); } LastUpdateModel.SetLastUpdate(userId); response.Status = "Success"; return(response); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); return(response); } } }
public string SetPWResetToken([FromBody] UserModel tokenRequest) { if (string.IsNullOrEmpty(tokenRequest.Email)) { return(string.Empty); } using (RequestTracker request = new RequestTracker(Constant.RequestAPI.SetPWReset.ToString(), tokenRequest.Email)) { try { UserModel retrievedUser; UserModel.GetUser(tokenRequest.Email, out retrievedUser); if (retrievedUser == null) { request.response = RequestTracker.RequestResponse.UserError; return(string.Empty); } // Generate token with expiry Tuple <string, DateTime> resetToken = new Tuple <string, DateTime>(Utils.Rand().ToString(), DateTime.UtcNow.AddDays(1)); retrievedUser.PWResetTokenWithExpiry = resetToken; retrievedUser.Save(); // Send email Utils.SendMail(retrievedUser.Email, "Notegami.com Password Reset", string.Format(@"<p>Please use this link to create your new password.</p> <a href='https://notegami.com/views/passwordreset.html?email={0}&token={1}'>Create Password</a>", retrievedUser.Email, resetToken.Item1)).Wait(); return("Success"); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); return(string.Empty); } } }
public string DeleteNote([FromBody] DeleteNoteAction deleteNote) { if (string.IsNullOrEmpty(deleteNote.Email)) { return(string.Empty); } using (RequestTracker request = new RequestTracker(Constant.RequestAPI.DeleteNote.ToString(), deleteNote.Email)) { try { if (string.IsNullOrEmpty(deleteNote.Email) || string.IsNullOrEmpty(deleteNote.AuthToken) || string.IsNullOrEmpty(deleteNote.RowKey)) { request.response = RequestTracker.RequestResponse.UserError; return(string.Empty); } // Use the email and authToken to get the userId string userId = UserController.GetUserId(deleteNote.Email, deleteNote.AuthToken); if (string.IsNullOrEmpty(userId)) { request.response = RequestTracker.RequestResponse.UserError; // Expired AuthToken return("Expired"); } if (!NoteModel.DeleteNote(userId, deleteNote.RowKey)) { return("Invalid"); } LastUpdateModel.SetLastUpdate(userId); return("Success"); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); return(string.Empty); } } }
public string AuthUser([FromBody] CreateUserRequest authRequest) { if (string.IsNullOrEmpty(authRequest.Email)) { return(string.Empty); } using (RequestTracker request = new RequestTracker(Constant.RequestAPI.AuthUser.ToString(), authRequest.Email)) { try { if (authRequest == null || string.IsNullOrEmpty(authRequest.Email) || string.IsNullOrEmpty(authRequest.Password)) { request.response = RequestTracker.RequestResponse.UserError; return(string.Empty); } UserModel retrievedUser; UserModel.GetUser(authRequest.Email, out retrievedUser); if (retrievedUser == null || !retrievedUser.AuthCheck(authRequest.Password)) { request.response = RequestTracker.RequestResponse.UserError; return(string.Empty); } // Generate temporary auth token string token = retrievedUser.GetAuthToken(); // Store with updated auth table UserModel.UpdateUser(retrievedUser); return(token); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); return(string.Empty); } } }
public CreateUserResponse CreateUser([FromBody] CreateUserRequest userRequest) { CreateUserResponse response = new CreateUserResponse(); if (string.IsNullOrEmpty(userRequest.Email)) { response.Error = "Invalid Input"; return(response); } using (RequestTracker request = new RequestTracker(Constant.RequestAPI.CreateUser.ToString(), userRequest.Email)) { try { if (userRequest == null) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Invalid Input"; return(response); } if (string.IsNullOrEmpty(userRequest.Password) || userRequest.Password.Length < 8) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Password must be at least 8 characters"; return(response); } if (string.IsNullOrEmpty(userRequest.Email) || !userRequest.Email.Contains("@") || !userRequest.Email.Contains(".")) { request.response = RequestTracker.RequestResponse.UserError; response.Error = "Invalid email address"; return(response); } UserModel retrievedUser; if (UserModel.GetUser(userRequest.Email, out retrievedUser)) { if (!retrievedUser.AuthCheck(userRequest.Password)) { // User exists and pw is wrong request.response = RequestTracker.RequestResponse.UserError; response.Error = "User already exists"; return(response); } else { // Just let user login // Generate temporary auth token string loginToken = retrievedUser.GetAuthToken(); // Store with updated auth table UserModel.UpdateUser(retrievedUser); request.response = RequestTracker.RequestResponse.LoginOnSignup; response.Token = loginToken; response.Error = "Success"; return(response); } } UserModel user = new UserModel(userRequest.Email, userRequest.Password); LastUpdateModel.SetLastUpdate(user.UserId); // Generate temporary auth token string token = user.GetAuthToken(); user.Save(); // Create the tutorial notes foreach (string note in Constant.TutorialNotes) { NoteModel.AddNote(note, string.Empty, 0F, 0F, user.Email, user.UserId); } response.Token = token; response.Error = "Success"; return(response); } catch (Exception e) { request.response = RequestTracker.RequestResponse.ServerError; ExceptionTracker.LogException(e); response.Error = "Server Error"; return(response); } } }