public async Task <IActionResult> ShareLockPost([FromRoute][Required] int lockId, [FromHeader][Required()] string token, [FromBody] Share body)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
if (await auth.CheckLockOwner(lockId, authToken.Result.Id) == true)
{
UserQuerry helper = new UserQuerry(Db);
// helper.
// Setup stuf to create the new rented
Rented rLock = new Rented(Db);
rLock.LockId = lockId;
rLock.StartDate = body.StartDate;
rLock.EndDate = body.EndDate;
rLock.UserId = helper.GetUserByUsername(body.Username).Result.Id;
await rLock.InsertAsync();
Db.Dispose();
return(new OkObjectResult("Access Granted"));
}
Db.Dispose();
return(new UnauthorizedResult());
}
Db.Dispose();
return(new UnauthorizedResult());
}
public async Task <IActionResult> LocksLockIdRatchettickPost([FromRoute][Required] int lockId,
[FromHeader][Required()] string token)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
// up the ratchet counter in the db
await lockOwned.UpdateRatchetCounter(lockId);
Db.Dispose();
return(StatusCode(200));
}
Db.Dispose();
return(StatusCode(403));
}
Db.Dispose();
return(StatusCode(401));
}
public async Task <IActionResult> DeactivatePost([FromRoute][Required] int lockId, [FromHeader][Required()] string token)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
if (await auth.CheckLockOwner(lockId, authToken.Result.Id) == true)
{
// Get lock we want to update
LockQuerry lq = new LockQuerry(Db);
var locka = await lq.FindOneAsync(lockId);
// Update the lock
locka.OwnerId = null;
await locka.UpdateAsync();
Db.Dispose();
return(new OkObjectResult("Lock updated"));
}
Db.Dispose();
return(StatusCode(403));
}
Db.Dispose();
return(new UnauthorizedResult());
}
public async Task <IActionResult> LocksLockIdRatchetsyncPost([FromRoute][Required] int lockId, [FromHeader][Required()] string token, [FromBody] Ratchetsync body)
{
// check if user is allowed
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
// check if previous token is correct
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
var data = Encoding.UTF8.GetBytes(lockOwned.RachetKey + ";" + body.Counter);
SHA512 shaM = new SHA512Managed();
var ratchetTokenByte = shaM.ComputeHash(data);
var ratchetToken = Convert.ToBase64String(ratchetTokenByte);
if (body.Token == ratchetToken)
{
var test = body.Counter;
// check if previous counter is bigger than current count
if (Convert.ToInt32(body.Counter) >= lockOwned.RachetCounter)
{
// if that is all correct change the counter to previous counter +1
var ratchetCounter = Convert.ToInt32(body.Counter) + 1;
await lockOwned.SyncRatchetCounter(lockId, ratchetCounter);
Db.Dispose();
return(StatusCode(200));
}
Db.Dispose();
return(StatusCode(500));
}
Db.Dispose();
return(new BadRequestResult());
}
Db.Dispose();
return(new UnauthorizedResult());
}
Db.Dispose();
return(new ForbidResult());
}
public async Task <IActionResult> ChangeDetails([FromHeader][Required()] string token, [FromBody] Userdetailchange body)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
UserQuerry userQuerry = new UserQuerry(Db);
User user = await userQuerry.FindOneAsync(authToken.Result.Id);
if (body.FirstName != null)
{
user.FirstName = body.FirstName;
}
if (body.LastName != null)
{
user.LastName = body.LastName;
}
// if(body.Email != null){
// // Check if there is already an user with this email
// body.EmailToLowerCase();
// User Usermail = await userQuerry.GetUserByEmail(body.Email);
// if(Usermail != null){
// Db.Dispose();
// return new BadRequestObjectResult("email already in use");
// }
// user.Email = body.Email;
// }
if (body.Newpassword != null)
{
if (BCryptHelper.CheckPassword(body.Currentpassword, user.Password)) //body.Password has to be hashed with
{
user.Password = body.Newpassword;
user.HashPass();
}
}
await user.UpdateAsync();
Db.Dispose();
return(new OkObjectResult("User succesfully updated"));
}
Db.Dispose();
return(new UnauthorizedResult());
}
public virtual async Task <IActionResult> MeGet([FromHeader][Required()] string token)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
UserQuerry userQuerry = new UserQuerry(Db);
User user = await userQuerry.FindOneAsync(authToken.Result.Id);
Db.Dispose();
return(new ObjectResult(new UserInfo(user)));
}
Db.Dispose();
return(new UnauthorizedResult());
}
public async Task <IActionResult> LockActivatePost([FromHeader][Required()] string token, [FromBody] Lock body)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// TODO maybe check if the lock is not already activated
// Get lock we want to update
LockQuerry lq = new LockQuerry(Db);
Lock locka = await lq.GetLockByProductKey(body.ProductKey);
// Update the lock
if (locka != null)
{
if (locka.OwnerId == null)
{
locka.OwnerId = authToken.Result.Id;
locka.Description = body.Description;
locka.RachetKey = body.RachetKey;
locka.BleUuid = body.BleUuid;
locka.DisplayName = body.DisplayName;
}
else
{
Db.Dispose();
return(new BadRequestObjectResult("Lock already has an owner"));
}
await locka.UpdateAsync();
Db.Dispose();
return(new OkObjectResult("Lock updated"));
}
Db.Dispose();
return(new BadRequestObjectResult("Product key is incorrect"));
}
Db.Dispose();
return(new UnauthorizedResult());
}
public async Task <IActionResult> MeRentedlocksGet([FromHeader][Required()] string token)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
LockQuerry manager = new LockQuerry(Db);
var locks = manager.FindRentedLocksAsync(authToken.Result.Id);
List <LocksInfo> lockinfo = new List <LocksInfo>();
for (int i = 0; i < locks.Result.Count; i++)
{
lockinfo.Add(new LocksInfo(locks.Result[i]));
}
Db.Dispose();
return(new OkObjectResult(lockinfo));
}
Db.Dispose();
return(new UnauthorizedResult());
}
public async Task <IActionResult> LogoutGet([FromHeader][Required()] string token)
{
// check if user is logged in
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// if user is logged in
// End that session
LoginsessionQuerry sessions = new LoginsessionQuerry(Db);
Loginsession session = await sessions.FindOneByUserId(authToken.Result.Id);
await session.DeleteAsync();
Db.Dispose();
return(StatusCode(200));
}
Db.Dispose();
return(StatusCode(500));
}
public async Task <IActionResult> LocksLockIdTokenGet([FromRoute][Required] int lockId, [FromHeader][Required()] string token)
{
// this is the call to open lock
// check if correct user
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
// generate token
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
string preSharedSecret = lockOwned.RachetKey; //send by app to backend
int ratchetCounter = lockOwned.RachetCounter; // starts at 0 when registerd
var data = Encoding.UTF8.GetBytes(preSharedSecret + ";" + ratchetCounter);
SHA512 shaM = new SHA512Managed();
var ratchetTokenByte = shaM.ComputeHash(data);
var ratchetToken = Convert.ToBase64String(ratchetTokenByte);
// return token
Db.Dispose();
return(new OkObjectResult(ratchetToken));
}
return(StatusCode(401));
}
Db.Dispose();
return(StatusCode(403));
}
public async Task <IActionResult> ChangelockdetailsPost([FromRoute][Required] int lockId, [FromHeader][Required()] string token, [FromBody] Lock body)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
if (await auth.CheckLockOwner(lockId, authToken.Result.Id) == true)
{
// Get lock we want to update
LockQuerry lq = new LockQuerry(Db);
var locka = await lq.FindOneAsync(lockId);
// Update the lock
if (body.Description != null)
{
locka.Description = body.Description;
}
if (body.DisplayName != null)
{
locka.DisplayName = body.DisplayName;
}
await locka.UpdateAsync();
Db.Dispose();
return(new OkObjectResult("Lock updated"));
}
Db.Dispose();
return(new UnauthorizedResult());
}
Db.Dispose();
return(new UnauthorizedResult());
}
