public static void UpdateCourses(RmContext context)
{
var courses = GetCourses();
foreach (var pair in courses)
{
var course = context.Courses.FirstOrDefault(c => c.Code == pair.Item1);
if (course == null)
{
context.Courses.Add(new Course
{
Code = pair.Item1,
Name = pair.Item2
});
}
else if (course.Name != pair.Item2)
{
course.Name = pair.Item2;
}
}
context.SaveChanges();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
try
{
// Framework
app.UseSession();
app.UseMvc();
app.UseStaticFiles();
// Migrate DB
var optionsBuilder = new DbContextOptionsBuilder <RmContext>();
optionsBuilder.UseSqlServer(Configuration["ConnectionString"]);
var context = new RmContext(optionsBuilder.Options);
context.Database.Migrate();
}
catch (Exception ex)
{
Logger.Exception?.WriteLine(ex.GetExceptionString("StartUp", "Configure"));
}
}
/// <summary>
/// Create login for user. Throws exceptions if invalid, username exists or fails
/// </summary>
public static void CreateLoginForUser(User user, string name, string pwdhash, RmLoginSettings settings, RmContext context)
{
if (user == null || String.IsNullOrWhiteSpace(name) || String.IsNullOrWhiteSpace(pwdhash))
{
throw new ArgumentNullException();
}
var existing = context.UserLogins.FirstOrDefault(u => u.Name == name);
if (existing != null)
{
throw new Exception("username exists");
}
var hash = HashFromPwdHash(pwdhash, settings);
var login = new UserLogin
{
Name = name,
Hash = hash,
UserId = user.UserId
};
try
{
context.UserLogins.Add(login);
context.SaveChanges();
}
catch (Exception ex)
{
throw new Exception("operation failed", ex);
}
}
public static string RedeemToken(ISession session, string token, RmContext context)
{
Tuple <DateTime, string, string> entry;
lock (_loginEntryLock)
{
entry = _thirdPartyLogins.FirstOrDefault(t => t.Item3 == token);
if (entry == null)
{
return("invalid token");
}
_thirdPartyLogins.Remove(entry);
}
var diff = (DateTime.UtcNow - entry.Item1).TotalSeconds;
if (diff > 120)
{
return("token expired");
}
var itsc = entry.Item2;
var user = context.Users.FirstOrDefault(u => u.Itsc == itsc);
// create user with itsc if not exist
// this complicated logic is to prevent someone from logging in from two places at the same time and get two Users created
// this code will not be tested :P
if (user == null)
{
var shallCreate = true;
EventWaitHandle handle = null;
lock (_userCreationLock)
{
if (_creatingUser.ContainsKey(itsc))
{
// Some thread is creating the user. Wait until that thread completes creation and set the handle.
shallCreate = false;
handle = _creatingUser[itsc];
}
else
{
// This is the first thread in the area. Create the handle.
handle = new EventWaitHandle(false, EventResetMode.ManualReset);
_creatingUser[itsc] = handle;
}
}
if (shallCreate)
{
try
{
user = new User
{
Itsc = itsc,
Nickname = itsc,
IsAdmin = false,
IsFullMember = true
};
context.Users.Add(user);
context.SaveChanges();
}
catch (Exception ex)
{
Logger.Exception?.WriteLine(ex.GetExceptionString("UserManager", "RedeemToken CreateUser"));
return("server error");
}
finally
{
handle.Set();
}
}
else
{
handle.WaitOne();
user = context.Users.FirstOrDefault(u => u.Itsc == itsc);
if (user == null)
{
return("server error");
}
}
}
AssignUser(session, user);
return("success");
}
public static string ThirdPartyLogin(string itsc, string timestr, string hash, RmLoginSettings settings, RmContext context)
{
// verify third party identity
DateTime time;
if (!DateTime.TryParseExact(timestr, "yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture,
DateTimeStyles.None, out time))
{
return("R_INVALID_TIME");
}
var diff = (DateTime.UtcNow - time).TotalSeconds;
if (diff < 0)
{
return("R_FUTURE_TIME");
}
else if (diff > 10)
{
return("R_TIME_EXPIRED");
}
var target = CryptoHelper.GetMd5String(itsc + timestr + settings.ThirdPartyPsk);
if (hash != target)
{
return("R_HASH_REJECTED");
}
lock (_loginHashLock)
{
if (_acceptedHashes.Contains(hash))
{
return("R_REPLAY");
}
_acceptedHashes.Add(hash);
}
var token = GenerateToken();
lock (_loginEntryLock)
{
var tuple = _thirdPartyLogins.FirstOrDefault(t => t.Item2 == itsc);
if (tuple != null)
{
_thirdPartyLogins.Remove(tuple);
}
tuple = new Tuple <DateTime, string, string>(time, itsc, token);
_thirdPartyLogins.Add(tuple);
}
return(token);
}
public static bool LoginWithCredentials(ISession session, string name, string pwdhash, RmLoginSettings settings, RmContext context)
{
var hash = HashFromPwdHash(pwdhash, settings);
var login = context.UserLogins.Include(u => u.User).FirstOrDefault(u => u.Name == name && u.Hash == hash);
if (login?.User != null)
{
AssignUser(session, login.User);
return(true);
}
return(false);
}
public ApiUserController(RmContext context, IOptions <RmSettings> options, IOptions <RmLoginSettings> loginOptions) : base(context, options)
{
_loginSettings = loginOptions.Value;
}
public ApiCwikiController(RmContext context, IOptions <RmSettings> options) : base(context, options)
{
}
public RmApiControllerBase(RmContext context, IOptions <RmSettings> options)
{
_context = context;
_settings = options.Value;
}
