public static PasswordApiUser MakePasswordUser(IHttpContext context, string password)
{
var user = new PasswordApiUser();
ApiUser.InitializeUser(user, context);
return(user);
}
public void Verify(IHttpContext context, JObject authToken, out ApiUser user)
{
PasswordApiUser passwordUser = authToken.ToObject <PasswordApiUser>();
if (passwordUser == null)
{
throw new UnauthorizedException();
}
user = passwordUser;
ApiUser.VerifyUser(passwordUser, context);
// TODO: Verify password has not changed.
// Disabling this for now. GetHashCode is returning inconsistent results between checks.
// if (passwordUser.PasswordHash != Config.Instance.PasswordAuthentication.Password.GetHashCode())
// {
// Logging.Log("Password verify with wrong password");
// throw new UnauthorizedException();
// }
}
public async Task <ApiUser> TryAuthenticate(IHttpContext context)
{
if (!Config.Instance.PasswordAuthentication.Enabled)
{
throw new NotFoundException();
}
var password = context.Request.QueryString["password"];
if (string.IsNullOrEmpty(password))
{
throw new BadRequestException("Password query parameter is required.");
}
if (password != Config.Instance.PasswordAuthentication.Password)
{
throw new UnauthorizedException();
}
await context.SendResponse(HttpStatusCode.OK);
return(PasswordApiUser.MakePasswordUser(context, password));
}