public async Task <IActionResult> LocksLockIdRatchettickPost([FromRoute][Required] int lockId,
[FromHeader][Required()] string token)
{
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
// up the ratchet counter in the db
await lockOwned.UpdateRatchetCounter(lockId);
Db.Dispose();
return(StatusCode(200));
}
Db.Dispose();
return(StatusCode(403));
}
Db.Dispose();
return(StatusCode(401));
}
public async Task <IActionResult> LocksLockIdRatchetsyncPost([FromRoute][Required] int lockId, [FromHeader][Required()] string token, [FromBody] Ratchetsync body)
{
// check if user is allowed
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
// check if previous token is correct
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
var data = Encoding.UTF8.GetBytes(lockOwned.RachetKey + ";" + body.Counter);
SHA512 shaM = new SHA512Managed();
var ratchetTokenByte = shaM.ComputeHash(data);
var ratchetToken = Convert.ToBase64String(ratchetTokenByte);
if (body.Token == ratchetToken)
{
var test = body.Counter;
// check if previous counter is bigger than current count
if (Convert.ToInt32(body.Counter) >= lockOwned.RachetCounter)
{
// if that is all correct change the counter to previous counter +1
var ratchetCounter = Convert.ToInt32(body.Counter) + 1;
await lockOwned.SyncRatchetCounter(lockId, ratchetCounter);
Db.Dispose();
return(StatusCode(200));
}
Db.Dispose();
return(StatusCode(500));
}
Db.Dispose();
return(new BadRequestResult());
}
Db.Dispose();
return(new UnauthorizedResult());
}
Db.Dispose();
return(new ForbidResult());
}
public async Task <IActionResult> LocksLockIdTokenGet([FromRoute][Required] int lockId, [FromHeader][Required()] string token)
{
// this is the call to open lock
// check if correct user
await Db.Connection.OpenAsync();
AuthenticationHandler auth = new AuthenticationHandler(Db);
var authToken = auth.CheckAuth(token);
if (authToken.Result != null)
{
// check if user can open lock
if (await auth.CheckLockUser(lockId, authToken.Result.Id) == true)
{
// generate token
LockQuerry lockQuerry = new LockQuerry(Db);
Lock lockOwned = await lockQuerry.FindLocksByLockIdAsync(lockId);
string preSharedSecret = lockOwned.RachetKey; //send by app to backend
int ratchetCounter = lockOwned.RachetCounter; // starts at 0 when registerd
var data = Encoding.UTF8.GetBytes(preSharedSecret + ";" + ratchetCounter);
SHA512 shaM = new SHA512Managed();
var ratchetTokenByte = shaM.ComputeHash(data);
var ratchetToken = Convert.ToBase64String(ratchetTokenByte);
// return token
Db.Dispose();
return(new OkObjectResult(ratchetToken));
}
return(StatusCode(401));
}
Db.Dispose();
return(StatusCode(403));
}