/// <summary> /// Creates the account. /// </summary> /// <returns>The account.</returns> /// <param name="headers">Headers.</param> /// <param name="si">Si.</param> /// <param name="postData">Post data.</param> public HttpResponse CreateAccount(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData) { if (si.Guest) { var result = CustomUserAccount.UserNameExists(postData["USERNAME"]); if (result == BackendQueryStatus.ReturnCode.Exists) { return(HttpResponse.NewResponse().AddPOSTDataError( new POSTDataError { FieldName = "USERNAME", Error = "User already exists" })); } else if (result != BackendQueryStatus.ReturnCode.DoesntExist) { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendUserQueryError)); } DomainObjectRepository <DomainObjectBase> repo = new DomainObjectRepository <DomainObjectBase>(si); CustomUserAccount zlu = new CustomUserAccount { Email = postData["EMAIL"], //FirstName = postData["FIRSTNAME"], //LastName = postData["LASTNAME"], LinkCategories = new string[] { "default" }, UserName = postData["USERNAME"], Password = BCrypt.Net.BCrypt.HashPassword(postData["PASSWORD"]), Following = new string[] {}, }; repo.Add(zlu); if (repo.Save().Any(q => q != BackendQueryStatus.ReturnCode.Success)) { //TODO Rollback return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendUserQueryError)); } return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject())); } else { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated)); } }
/// <summary> /// Authenticates from local. /// </summary> /// <returns>The from local.</returns> /// <param name="headers">Headers.</param> /// <param name="si">Si.</param> /// <param name="postData">Post data.</param> public HttpResponse AuthenticateFromLocal(Dictionary <string, string> headers, CustomSessionIdentity si, Dictionary <string, string> postData) { if (si.Guest) { string username = postData["USERNAME"]; string password = postData["PASSWORD"]; CustomUserAccount zlu = CustomUserAccount.Retrieve(username, si); if (zlu == null) { return(HttpResponse.NewResponse().AddPOSTDataError( new POSTDataError { FieldName = "USERNAME", Error = "is not valid" })); } if (BCrypt.Net.BCrypt.Verify(password, zlu.Password)) { var newSessionIdentity = SessionManager.Instance.CreateAuthenticatedUserSessionIdentity(zlu, si); if (newSessionIdentity == null) { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError)); } return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject())); } else { return(HttpResponse.NewResponse().AddPOSTDataError( new POSTDataError { FieldName = "PASSWORD", Error = "did not match" })); } } else { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.UserAlreadyAuthenticated)); } }
/// <summary> /// Gets the state of the session. /// </summary> /// <returns>The session state.</returns> /// <param name="headers">Headers.</param> /// <param name="si">Si.</param> public HttpResponse GetSessionState(Dictionary <string, string> headers, CustomSessionIdentity si) { if (si.Guest) { CustomUserAccount zlu = new CustomUserAccount(); zlu.UserName = "******"; zlu.ObjectID = System.Guid.Empty; return(HttpResponse.NewResponse().AddData(zlu)); } else { CustomUserAccount zlu = CustomUserAccount.Retrieve(si); if (zlu != null) { return(HttpResponse.NewResponse().AddData(zlu.GetClientSideSafeUserObject())); } else { return(HttpResponse.NewResponse().AddErrorCode(GuruMeditation.ErrorCode.BackendSessionQueryError)); } } }