Exemplo n.º 1
0
        /// <summary>
        /// Allows a token to be requested using basic login information
        /// </summary>
        public async Task <TaskResult <string> > RequestStandardToken(string email, string password)
        {
            UserEmail emailObj = await Context.UserEmails.FindAsync(email.ToLower());

            if (emailObj == null)
            {
                return(new TaskResult <string>(false, "There was no user found with that email.", null));
            }

            User user = await emailObj.GetUserAsync();

            if (user.Disabled)
            {
                return(new TaskResult <string>(false, "Your account has been disabled.", null));
            }

            bool authorized = false;

            if (!emailObj.Verified)
            {
                EmailConfirmCode confirmCode = await Context.EmailConfirmCodes.FindAsync(password);

                // Someone using another person's verification is a little
                // worrying, and we don't want them to know it worked, so we'll
                // send the same error either way.
                if (confirmCode == null || confirmCode.User_Id != user.Id)
                {
                    return(new TaskResult <string>(false, "The email associated with this account needs to be verified! Please log in using the code " +
                                                   "that was emailed as your password.", null));
                }

                // At this point the email has been confirmed
                emailObj.Verified = true;

                Context.EmailConfirmCodes.Remove(confirmCode);
                await Context.SaveChangesAsync();

                authorized = true;
            }
            else
            {
                var result = await UserManager.ValidateAsync(CredentialType.PASSWORD, email, password);

                if (result.Data != null && user.Id != result.Data.Id)
                {
                    return(new TaskResult <string>(false, "A critical error occured. This should not be possible. Seek help immediately.", null));
                }

                if (!result.Success)
                {
                    Console.WriteLine($"Failed password validation for {email}");
                    return(new TaskResult <string>(false, result.Message, null));
                }

                authorized = true;
            }

            // If the verification failed, forward the failure
            if (!authorized)
            {
                return(new TaskResult <string>(false, "Failed to authorize user.", null));
            }

            // Check if there are any tokens already
            AuthToken token = null;

            token = await Context.AuthTokens.FirstOrDefaultAsync(x => x.App_Id == "VALOUR" && x.User_Id == user.Id && x.Scope == Permission.FullControl.Value);

            if (token == null)
            {
                // We now have to create a token for the user
                token = new AuthToken()
                {
                    App_Id  = "VALOUR",
                    Id      = Guid.NewGuid().ToString(),
                    Time    = DateTime.UtcNow,
                    Expires = DateTime.UtcNow.AddDays(7),
                    Scope   = Permission.FullControl.Value,
                    User_Id = user.Id
                };

                using (ValourDB context = new ValourDB(ValourDB.DBOptions))
                {
                    await context.AuthTokens.AddAsync(token);

                    await context.SaveChangesAsync();
                }
            }
            else
            {
                token.Time    = DateTime.UtcNow;
                token.Expires = DateTime.UtcNow.AddDays(7);

                using (ValourDB context = new ValourDB(ValourDB.DBOptions))
                {
                    context.AuthTokens.Update(token);
                    await context.SaveChangesAsync();
                }
            }

            return(new TaskResult <string>(true, "Successfully verified and retrieved token!", token.Id));
        }