public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"You must enter user name + password");
}
else
{
string authenticationToken = actionContext.Request.Headers.Authorization.Parameter;
string decodedAuthenticationToken = Encoding.UTF8.GetString(
Convert.FromBase64String(authenticationToken));
string[] usernamePasswordArray = decodedAuthenticationToken.Split(':');
string username = usernamePasswordArray[0];
string password = usernamePasswordArray[1];
FlyingCenterSystem fcs = FlyingCenterSystem.GetInstance();
ILoginToken loginToken = fcs.Login(username, password);
FacadeBase facade = fcs.GetFacade(loginToken);
if (loginToken.GetType() == typeof(LoginToken <Administrator>))
{
// LoginToken<Administrator> token = (LoginToken<Administrator>)loginToken;
// LoggedInAdministratorFacade LogFacade = (LoggedInAdministratorFacade)facade;
actionContext.Request.Properties["AdminUser"] = loginToken;
actionContext.Request.Properties["AdminFacade"] = facade;
}
else if (loginToken.GetType() == typeof(LoginToken <AirlineCompany>))
{
actionContext.Request.Properties["AirlineUser"] = loginToken;
actionContext.Request.Properties["AirlineFacade"] = facade;
}
else if (loginToken.GetType() == typeof(LoginToken <Customer>))
{
actionContext.Request.Properties["CustomerUser"] = loginToken;
actionContext.Request.Properties["CustomerFacade"] = facade;
}
else
{
actionContext.Response = actionContext.Request
.CreateResponse(HttpStatusCode.Unauthorized, "You are not allowed");
}
}
}
public static ClaimsIdentity ClaimsIdentityBuilder(ILoginToken loginToken)
{
LoginToken <Administrator> adminToken = loginToken as LoginToken <Administrator>;
if (adminToken != null)
{
Claim[] claims =
{
new Claim("LoginToken", JsonConvert.SerializeObject(adminToken)),
new Claim(ClaimTypes.Role, "Administrator")
};
return(new ClaimsIdentity(claims));
}
LoginToken <AirlineCompany> airlineToken = loginToken as LoginToken <AirlineCompany>;
if (airlineToken != null)
{
Claim[] claims =
{
new Claim("LoginToken", JsonConvert.SerializeObject(airlineToken)),
new Claim(ClaimTypes.Role, "AirlineCompany")
};
return(new ClaimsIdentity(claims));
}
LoginToken <Customer> customerToken = loginToken as LoginToken <Customer>;
if (customerToken != null)
{
Claim[] claims =
{
new Claim("LoginToken", JsonConvert.SerializeObject(customerToken)),
new Claim(ClaimTypes.Role, "Customer")
};
return(new ClaimsIdentity(claims));
}
return(null);
}
public static string GenerateJWTToken(ILoginToken loginToken, int expire_in_Minutes = 120)
{
var symmetricKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SecretKey));
var tokenHandler = new JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var securitytokenDescriptor = new SecurityTokenDescriptor
{
Subject = ClaimsIdentityBuilder(loginToken),
Expires = now.AddMinutes(Convert.ToInt32(expire_in_Minutes)),
SigningCredentials = new SigningCredentials(symmetricKey, SecurityAlgorithms.HmacSha256Signature)
};
var stoken = tokenHandler.CreateToken(securitytokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
return(token);
}
public FacadeBase GetFacade(ILoginToken token)
{
if (token == null)
{
return(new AnonymousUserFacade());
}
if (token.GetType() == typeof(LoginToken <Administrator>))
{
return(new LoggedInAdministratorFacade());
}
if (token.GetType() == typeof(LoginToken <Customer>))
{
return(new LoggedInCustomerFacade());
}
if (token.GetType() == typeof(LoginToken <AirlineCompany>))
{
return(new LoggedInAirlineFacade());
}
return(new AnonymousUserFacade());
}
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"you must send user name + pwd in basic authentication");
return;
}
string basicAuthBase64Token = actionContext.Request.Headers.Authorization.Parameter;
string decodedString = Encoding.UTF8.GetString(Convert.FromBase64String(basicAuthBase64Token)); // itay:12345
string[] authParams = decodedString.Split(':');
string username = authParams[0];
string pwd = authParams[1];
ILoginToken token = FlightCenterSystem.Login(username, pwd, out BaseFacade facade);
// checked if facade/token is null
// 1 examine the token
//if (token is LoginToken<Administrator>)
if (facade is AdminFacade)
{
// ok to go
actionContext.Request.Properties["facade"] = facade;
actionContext.Request.Properties["token"] = token;
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"User is not admin. please try again");
}
if (username.ToUpper() == "itay".ToUpper() && pwd == "1234")
{
actionContext.Request.Properties["username"] = username;
return;
}
}
public IHttpActionResult Authenticate([FromBody] LoginRequest login)
{
var loginResponse = new LoginResponse {
};
LoginRequest loginrequest = new LoginRequest {
};
loginrequest.Username = login.Username.ToLower();
loginrequest.Password = login.Password;
FCS = FlyingCenterSystem.GetFlyingCenterSystemInstance();
loginToken = FCS.Login(loginrequest.Username, loginrequest.Password);
IHttpActionResult response;
// HttpResponseMessage response=null;
HttpResponseMessage responseMsg = new HttpResponseMessage();
//bool isUsernamePasswordValid = false;
if (loginToken != null)
//isUsernamePasswordValid = true;
// if credentials are valid
// if (isUsernamePasswordValid)
{
var token = TokenManager.GenerateToken(loginrequest.Username + ":" + loginrequest.Password);
//return the token
//return Request.CreateResponse(HttpStatusCode.Created, token);
AddToLogFile($"Token: {token}");
return(Ok <string>(token));
}
else
{
// if credentials are not valid send unauthorized status code in response
loginResponse.responseMsg.StatusCode = HttpStatusCode.Unauthorized;
//return Request.CreateResponse(HttpStatusCode.Unauthorized);
response = ResponseMessage(loginResponse.responseMsg);
return(response);
}
}
public FacadeBase Login(string username, string pwd, out ILoginToken loginToken)
{
LoginService LS = new LoginService();
if (LS.TryAdminLogin(username, pwd, out LoginToken <Administrator> adminToken))
{
loginToken = adminToken;
return(new LoggedInAdministratorFacade());
}
if (LS.TryAirlineLogin(username, pwd, out LoginToken <AirlineCompany> airlineToken))
{
loginToken = airlineToken;
return(new LoggedInAirlineFacade());
}
if (LS.TryCustomerLogin(username, pwd, out LoginToken <Customer> customerToken))
{
loginToken = customerToken;
return(new LoggedInCustomerFacade());
}
loginToken = null;
return(null);
}
}//SINGELTON
public bool Login(string username, string password, out FacadeBase facade, out ILoginToken loginToken)
{
bool result = false;
loginToken = null;
facade = null;
try
{
result = _loginService.TryLogin(username, password, out facade, out loginToken);
}
catch (WrongPasswordException ex)
{
// TODO
// write later into log file - log4net
result = false;
}
return(result);
}//RETURNS USER AND ITS FACADE
public FacadeBase GetFacade(string user, string password, out ILoginToken token)
{
LoginService loginService = new LoginService();
if (loginService.TryAdminLogin(user, password, out LoginToken <Administrator> AdminToken))
{
token = AdminToken;
return(new LoggedInAdministratorFacade());
}
else if (loginService.TryAirlineLogin(user, password, out LoginToken <AirlineCompany> AirLineToken))
{
token = AirLineToken;
return(new LoggedInAirlineFacade());
}
else if (loginService.TryCustomerLogin(user, password, out LoginToken <Customer> CustomerToken))
{
token = CustomerToken;
return(new LoggedInCustomerFacade());
}
token = null;
return(new AnonymousUserFacade());
}
public IFacade GetFacade(ILoginToken loginToken)
{
// IloginToken is null - > user is Anonymous
if (loginToken == null)
{
return(new AnonymousUserFacade());
}
if (loginToken.GetType() == typeof(LoginToken <Administrator>))
{
return(new LoggedInAdministratorFacade());
}
if (loginToken.GetType() == typeof(LoginToken <AirLineCompany>))
{
return(new LoggedInAirlineFacade());
}
if (loginToken.GetType() == typeof(LoginToken <Customer>))
{
return(new LoggedInCustomerFacade());
}
// if no other option user is Anonymous
return(new AnonymousUserFacade());
}
public bool TryLogin(string password, string userName, out ILoginToken token)
{
bool res = false;
LoginToken <Administrator> ltAdmin = null;
res = TryAdminLogin(password, userName, out ltAdmin);
//throw new FunnyException("HA HA");
if (res == false)
{
LoginToken <AirLineCompany> ltAirLineCompany = null;
res = TryAirLineLogin(password, userName, out ltAirLineCompany);
if (res == false)
{
LoginToken <Customer> ltCustomer = null;
res = TryCustomerLogin(password, userName, out ltCustomer);
if (res == false)
{
throw new UserNotFoundException("Not Found");
}
else
{
token = ltCustomer;
}
}
else
{
token = ltAirLineCompany;
}
}
else
{
token = ltAdmin;
}
return(res);
}
private void Button_Click(object sender, RoutedEventArgs e)
{
loginToken = FCS.Login(useNameTxt.Text, passwordTxt.Text);
if (loginToken == null)
{
Border.DataContext = myBorderBackGroundRed;
}
else
{
LoginToken <AirlineCompany> airlineCompanyToken = loginToken as LoginToken <AirlineCompany>;
if (airlineCompanyToken != null)
{
Border.DataContext = myBorderBackGroundGreen;
flightList = new FlightsList(loginToken);
flightList.Show();
// Hide the MainWindow until later
//this.Hide();
this.Close();
}
LoginToken <Customer> customerToken = loginToken as LoginToken <Customer>;
if (customerToken != null)
{
buyTicket = new BuyTicket(loginToken);
buyTicket.Show();
}
LoginToken <Administrator> adminToken = loginToken as LoginToken <Administrator>;
if (adminToken != null)
{
dbUpdate = new DBUpdate(loginToken);
dbUpdate.Show();
}
}
}
//[ThreadStatic]
//public static Airline CurrentAirline = null;
public override void OnAuthorization(HttpActionContext actionContext)
{
// got user name + password here in server
// How to get username and password?
// does the request have username +psw?
if (actionContext.Request.Headers.Authorization == null)
{
//stops the request -will not arrive to web api controller
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"you must send name +pwd in basic authentication");
return;
}
string authenticationToken = actionContext.Request.Headers.Authorization.Parameter;
string tokenUsername = TokenManager.ValidateToken(authenticationToken);
string[] usernamePasswordArray = tokenUsername.Split(':');
string username = usernamePasswordArray[0];
string password = usernamePasswordArray[1];
FCS = FlyingCenterSystem.GetInstance();
loginToken = FCS.Login(username, password);
if (loginToken != null)
{
actionContext.Request.Properties["token"] = loginToken;
return;
}
//stops the request -will not arrive to web api controller
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "You are not allowed!");
}
public void AirlineCompanyWrongPassword()
{
FlyingCenterSystem flyingCenterSystem = FlyingCenterSystem.GetInstance();
ILoginToken loginToken = flyingCenterSystem.Login(TestResource.AirlineCompanyfacade_USER_NAME, TestResource.AirlineCompanyFacade_AirlineCompanyWrongPassword_PASSWORD);
}
/// <summary>
/// This method will NOT BE called from outside the project to interact will the flight center facades
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="facade"></param>
/// <param name="loginToken"></param>
/// <returns></returns>
internal override bool TryLogin(string username, string password, out FacadeBase facade, out ILoginToken loginToken)
{
loginToken = null;
facade = new AnnonymousUserFacadeMSSQL();
LoginToken <AirlineCompany> airlineToken;
if (TryAirLineLogin(username, password, out airlineToken))
{
loginToken = airlineToken;
facade = new LoggedInAirlineFacadeMSSQL();
return(true);
}
LoginToken <Customer> customerToken;
if (TryCustomerLogin(username, password, out customerToken))
{
loginToken = customerToken;
facade = new LoggedInCustomerFacadeMSSQL();
return(true);
}
LoginToken <Administrator> administratorToken;
if (TryAdministratorLogin(username, password, out administratorToken))
{
loginToken = administratorToken;
facade = new LoggedInAdministratorFacadeMSSQL();
return(true);
}
return(false);
}
public bool TryLogin(string userName, string password, out ILoginToken token)
{
token = null;
if (userName == "admin" && password == "9999")
{
logger.Info("Super administrator logged in.");
token = new LoginToken <Administrator>();
return(true);
}
else
{
try
{
User user;
try
{
user = _userDAO.GetUserByUsername(userName);
}
catch (Exception e)
{
logger.Fatal("Wrong username. Please try again.", e);
return(false);
}
if (user.Password == password)
{
if (user.User_Role == 1)
{
Administrator admin = _adminDAO.GetById(user.Id);
admin.user = user;
token = new LoginToken <Administrator>()
{
User = admin
};
}
if (user.User_Role == 2)
{
AirlineCompany airline = _airlineDAO.GetAirlineByUsername(user.Username); //TODO check if null
airline.user = user;
token = new LoginToken <AirlineCompany>()
{
User = airline
};
}
if (user.User_Role == 3)
{
Customer customer = _customerDAO.GetCustomerByUsername(user.Username);
customer.user = user;
token = new LoginToken <Customer>()
{
User = customer
};
}
logger.Info("Login was completed. Username and password are correct.");
return(true);
}
else
{
logger.Error("Login failed. Username or password are incorrect.");
throw new WrongCredentialsException("Username or password are incorrect. Please try again.");
}
}
catch (Exception e)
{
Console.WriteLine(e);
logger.Error("Login failed.", e);
return(false);
}
//log4net
}
}
public void GenerateData()
{
log.Info("Creating admin user");
MainWindowViewModel.ListForLog.Add("Creating admin user");
//Creating admin user:
IloginAdministrator = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login("admin", "9999");
loginTokenAdministrator = IloginAdministrator as LoginToken <Administrator>;
administratorFacade = (LoggedInAdministratorFacade)FlyingCenterSystem.GetFlyingCenterSystemInstance().GetFacade(IloginAdministrator);
//Adds the countries first (foreign key constrain considaration):
log.Info("Adds the countries first");
MainWindowViewModel.ListForLog.Add("Adds the countries first");
for (int i = 0; i < _CountriesNoToAdd; i++)
{
administratorFacade.CreateNewCountry(loginTokenAdministrator,
new Country()
{
CountryName = listOfThings.CountriesArray[rnd.Next(listOfThings.CountriesArray.Length)]
});
if (i >= listOfThings.CountriesArray.Length)
{
administratorFacade.CreateNewCountry(loginTokenAdministrator,
new Country()
{
CountryName = RandomString(5)
});
}
}
//Get All Countries and add country codes for filling the airline companies:
log.Info("Adds the Airline Companies");
MainWindowViewModel.ListForLog.Add("Adds the Airline Companies");
IList <Country> countries = new List <Country>();
countries = administratorFacade.GetAllCountries(loginTokenAdministrator);
//Adds the Airline Companies:
for (int i = 0; i < _AirlineCompaniesNo; i++)
{
administratorFacade.CreateNewAirline(loginTokenAdministrator, new AirlineCompany()
{
AirLineName = RandomString(5),
CountryCode = countries[rnd.Next(0, countries.Count)].CountyID,
Password = RandomString(6),
UserName = RandomString(4)
});
}
//Adds the Customers:
log.Info("Adds the Customers");
MainWindowViewModel.ListForLog.Add("Adds the Customers");
//FillCustomerTableFromUserApi(CustomersNo); - will not use, site is down (although it's working)
FillCustomerTableRandomly(rnd, _CustomersNo);
//Get All AirlineCompanies for the id:
IList <AirlineCompany> airlineCompanies = administratorFacade.GetAllAirLineCompanies();
//Adds the Flights Per Company:
log.Info("Adds the Flights Per Company");
MainWindowViewModel.ListForLog.Add("Adds the Flights Per Company");
for (int i = 0; i < _FlightsPerCompany; i++)
{
administratorFacade.CreateFlight(loginTokenAdministrator, new Flight()
{
AirLineCompany_ID = airlineCompanies[rnd.Next(0, airlineCompanies.Count)].Airline_ID,
Origin_Country_Code = countries[rnd.Next(0, countries.Count)].CountyID,
Destination_Country_Code = countries[rnd.Next(0, countries.Count)].CountyID,
DepartureTime = createRandomDate(),
LandingTime = createRandomDate(),
Remaining_Tickets = rnd.Next(5, 51)
});
}
log.Info("Adds the Tickets per Customer");
MainWindowViewModel.ListForLog.Add("Adds the Tickets per Customer");
//Get All customers:
IList <Customer> customers = new List <Customer>();
customers = administratorFacade.GetAllCustomers(loginTokenAdministrator);
//Get All flights :
IList <Flight> flights = new List <Flight>();
flights = administratorFacade.GetAllFlights();
//Adds the Tickets per Customer:
for (int i = 0; i < _TicketsPerCustomer; i++)
{
administratorFacade.AddTicketsToCustomer(loginTokenAdministrator,
customers[rnd.Next(0, customers.Count)].Customer_ID,
flights[rnd.Next(0, flights.Count)].FlightID);
}
log.Info("Finished puting data in DB!");
MainWindowViewModel.ListForLog.Add("Finished puting data in DB!");
}
public async Task <ILoginToken <UsersDTO> > Login(ICredentialModel loginCredentials, string audience, string site)
{
String userName = loginCredentials.UserName;
String password = "";
string secretKey = _config["RESTTokenSettings:Secret"];
string issuer = _config["RESTTokenSettings:Issuer"];
int minutesGoodFor = int.Parse(_config["RESTTokenSettings:MinutesGoodFor"]);
userName = loginCredentials.UserName;
password = this.Decrypt(loginCredentials.Password);
this._userService.IncludeLink("apiroles");
this._userService.IncludeLink("sites");
var user = (this._userService.GetByKey(userName)).Result;
ILoginToken <UsersDTO> token = null;
if (user == null)
{
return(token);
}
var userSites = user?.Links["sites"].LinkedEntities.Cast <SiteDTO>();
var userSite = userSites.FirstOrDefault(s => s.Key == site);
var userOptions = user.Links["options"]?.LinkedEntities.Cast <UserOptionsDTO>();
var valid = userOptions.Any(uo => uo.OptionName.ToLower() == "userpassword" && this.Decrypt(uo.Value) == password) || skipPassword;
valid = valid && (userSite != null || String.IsNullOrWhiteSpace(site));
if (valid)
{
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Key),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
if (userSite != null)
{
claims.Add(new Claim("Site", userSite.ID.ToString()));
}
else
{
userSites.ToList().ForEach(s => claims.Add(new Claim("Site", s.ID.ToString())));
}
string hostName = "";
string ipAddress = "";
try
{
var remIpAddress = this.context.Connection?.RemoteIpAddress;
ipAddress = remIpAddress?.IsIPv4MappedToIPv6 == true?remIpAddress.MapToIPv4()?.ToString() : remIpAddress.ToString();
hostName = Dns.GetHostEntry(ipAddress)?.HostName;
}
catch { }
claims.Add(new Claim(ClaimTypes.Role, "apv"));
claims.Add(new Claim("IPAddress", ipAddress ?? ""));
claims.Add(new Claim("hostName", hostName ?? ""));
foreach (var role in user.Links["apiroles"]?.LinkedEntities.Cast <ApiRoleDTO>())
{
claims.Add(new Claim(ClaimTypes.Role, role.Key.ToLower()));
}
string groupCode = userOptions.FirstOrDefault(uo => uo.OptionName.ToLower() == "usergroupcode").Value ?? "***";
claims.Add(new Claim("GroupCode", groupCode));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expirationDate = DateTime.Now.AddMinutes(minutesGoodFor);
var tok = new JwtSecurityToken(
issuer: issuer,
audience: audience,
claims: claims,
expires: expirationDate,
signingCredentials: creds
);
token = new LoginToken()
{
Token = new JwtSecurityTokenHandler().WriteToken(tok),
Expiration = expirationDate,
User = user,
MinutesValid = minutesGoodFor
};
return(token);
}
return(null);
}
public override void OnAuthorization(HttpActionContext actionContext)
{
bool loggedIn = false;
//got username + password here in server
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden,
"You must send user name and password in basic authentication");
return;
}
string authenticationToken = actionContext.Request.Headers.Authorization.Parameter;
string decodedAuthenticationToken = Encoding.UTF8.GetString(
Convert.FromBase64String(authenticationToken));
string[] usernamePasswordArray = decodedAuthenticationToken.Split(':');
string username = usernamePasswordArray[0];
string password = usernamePasswordArray[1];
//search the username and password in the DB (with admin user Facade):
ILoginToken LoginUser = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login("admin", "9999");
LoginToken <Administrator> AdminLoginToken = (LoginToken <Administrator>)LoginUser;
LoggedInAdministratorFacade AdminLoginIFacade = (LoggedInAdministratorFacade)FlyingCenterSystem.GetFlyingCenterSystemInstance().GetFacade(AdminLoginToken);
IList <AirlineCompany> airlineCompanies = new List <AirlineCompany>();
airlineCompanies = AdminLoginIFacade.GetAllAirLineCompanies();
//Add the request to the table in DB:
AdminLoginIFacade.AddRequestToTableInDB(AdminLoginToken, username);
if (!AdminLoginIFacade.IsUserBlocked(AdminLoginToken, username))
{
foreach (AirlineCompany alc in airlineCompanies)
{
if (username == alc.UserName && password == alc.Password)
{
loggedIn = true;
//create loginToken for AirlineCompany
ILoginToken AirlineUserLoginToken = FlyingCenterSystem.GetFlyingCenterSystemInstance().Login(username, password);
actionContext.Request.Properties["login-airline-company"] = alc;
actionContext.Request.Properties["airline-company-login-token"] = AirlineUserLoginToken;
}
if (username == alc.UserName && password != alc.Password)
{
loggedIn = true;
//Add the request to the table in DB:
AdminLoginIFacade.AddRequestToTableInDB(AdminLoginToken, username);
//if times of login from the same user more than 3 - block the user:
AdminLoginIFacade.CheckIfBlockUser(AdminLoginToken, username);
string answerWrongpassword = "******";
if (AdminLoginIFacade.IsUserBlocked(AdminLoginToken, username))
{
answerWrongpassword += " Your user was blocked.";
}
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
answerWrongpassword);
}
}
if (!loggedIn)
{
//stops the request - will not arrive to web api controller
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"You are not authorized. Your Username is not registered.");
}
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"You are not authorized. Your user was blocked.");
}
}
public void CustomerWrongPassword()
{
FlyingCenterSystem FCS = FlyingCenterSystem.GetFlyingCenterSystemInstance();
ILoginToken loginToken = FCS.Login(TestResource.CustomerFacade_Customer_USER_NAME, TestResource.CustomerFacade_CustomerWrongPassword_PASSWORD);
}
//[ThreadStatic]
//public static Airline CurrentAirline = null;
public override void OnAuthorization(HttpActionContext actionContext)
{
// got user name + password here in server
// How to get username and password?
// does the request have username +psw?
if (actionContext.Request.Headers.Authorization == null)
{
//stops the request -will not arrive to web api controller
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"you must send name +pwd in basic authentication");
return;
}
string authenticationToken = actionContext.Request.Headers.Authorization.Parameter;
//string decodedAuthenticationToken = Encoding.UTF8.GetString(
// Convert.FromBase64String(authenticationToken));
//'basic admin:9999'
//string[] usernamePasswordArray = decodedAuthenticationToken.Split(':');
//string username = usernamePasswordArray[0];
//string password = usernamePasswordArray[1];
string tokenUsername = TokenManager.ValidateToken(authenticationToken);
string[] usernamePasswordArray = tokenUsername.Split(':');
string username = usernamePasswordArray[0];
string password = usernamePasswordArray[1];
FCS = FlyingCenterSystem.GetFlyingCenterSystemInstance();
loginToken = FCS.Login(username, password);
if (loginToken != null)
{
actionContext.Request.Properties["token"] = loginToken;
return;
}
// if (username == "admin" && password == "9999")
//{
// //1 by thread
// Thread.CurrentPrincipal = new GenericPrincipal(
// new GenericIdentity(username), null);
// //2 by request
// //actionContext.Request.GetRequestContext().Principal = new GenericPrincipal(
// // new GenericIdentity(username), null);
// // 3 by request got the user data from DB
// AirlineCompany CurrentAirline = new AirlineCompany { Name = "El Al", Password = "******", OriginCountry = "Israel" };
// actionContext.Request.Properties["air-line"] = CurrentAirline;
// //actionContext.RequestContext.Principal
// //Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("itay"), null);
// return;
//}
//else
//{
// //actionContext.Response = actionContext.Request
// // .CreateResponse(HttpStatusCode.Unauthorized);
//}
//stops the request -will not arrive to web api controller
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "You are not allowed!");
}
public void AirlineCompanyWrongPassword()
{
FlyingCenterSystem FCS = FlyingCenterSystem.GetFlyingCenterSystemInstance();
ILoginToken loginToken = FCS.Login(TestResource.AirlineCompanyFacade_USER_NAME, TestResource.AirlineCompanyFacad_AirlineCompanyPasswordNotFound_PASSWORD);
}
public void CustomerWrongPassword()
{
FlyingCenterSystem flyingCenterSystem = FlyingCenterSystem.GetInstance();
ILoginToken loginToken = flyingCenterSystem.Login(TestResource.CustomerFacade_Customer_USER_NAME, TestResource.CustomerFacade_CustomerWrongPassword_Password);
}
public ViewModelUpdateDB(ILoginToken token)
{
_token = token;
t = _token as LoginToken <Administrator>;
FCS = FlyingCenterSystem.GetFlyingCenterSystemInstance();
ILoggedInAdministratorFacade administratorFacade = FCS.GetFacade(token) as ILoggedInAdministratorFacade;
AddDBCommand = new DelegateCommand(() => {
Log.logger.Debug("Start AddDBCommand");
progressCounter = 0;
LogMessage = "";
totalResources = NumOfCountries + NumOfCustomers + NumOfAirlineCompanies + NumOfFlights + NumOfAdministrators;
AddToCountryList(administratorFacade, t);
Task taskA = Task.Run(() =>
{
for (int i = 0; i < NumOfAdministrators; i++)
{
InsertAdministratorsToDb(administratorFacade, t);
}
if (counterAdministrator == NumOfAdministrators)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Administrators created", counterAdministrator);
}
else if (counterAdministrator < NumOfAdministrators || counterAdministrator == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCustomers} Administrators");
}
for (int i = 0; i < NumOfCustomers; i++)
{
InsertCustomerToDb(administratorFacade, t);
}
if (counterCustomers == NumOfCustomers)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Customers created", counterCustomers);
}
else if (counterCustomers < NumOfCustomers || counterCustomers == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCustomers} customers");
}
InsertCountriesToDbByNumOfCountries(NumOfCountries, administratorFacade, t);
if (counterCountries == NumOfCountries)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Countries created", NumOfCountries);
}
else if (counterCountries < NumOfCountries || counterCountries == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCountries} countries");
}
for (int i = 0; i < NumOfAirlineCompanies; i++)
{
Log.logger.Debug($"Before InsertAirlineCompanyToDb i = {i} from {NumOfAirlineCompanies}");
InsertAirlineCompanyToDb(administratorFacade, t);
}
if (counterAielineCompanies == NumOfAirlineCompanies)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Airline Companies created", NumOfAirlineCompanies);
}
else if (counterAielineCompanies < NumOfAirlineCompanies || counterAielineCompanies == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfAirlineCompanies} airline companies");
}
for (int i = 0; i < NumOfFlights; i++)
{
InsertFlightsToDb(administratorFacade, t);
}
if (counterFlights == NumOfFlights)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Flights created", NumOfFlights);
}
else if (counterFlights == NumOfFlights || counterFlights == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfFlights} flights");
}
for (int i = 0; i < NumOfTickets; i++)
{
InsetTicketsToDb(administratorFacade, t);
}
if (counterTickets == NumOfTickets)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Tickets created", NumOfTickets);
}
else if (counterTickets < NumOfTickets || counterTickets == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfTickets} tickets");
}
});
}, () => { return(CanExecuteAddMethod()); });
ReplaceDBCommand = new DelegateCommand(() =>
{
Log.logger.Debug("Start ReplaceDBCommand");
InitDB.InitDataBase();
progressCounter = 0;
LogMessage = "";
totalResources = NumOfCountries + NumOfCustomers + NumOfAirlineCompanies + NumOfFlights + NumOfAdministrators;
AddToCountryList(administratorFacade, t);
Task taskA = Task.Run(() =>
{
for (int i = 0; i < NumOfAdministrators; i++)
{
InsertAdministratorsToDb(administratorFacade, t);
}
if (counterAdministrator == NumOfAdministrators)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Administrators created", counterAdministrator);
}
else if (counterAdministrator < NumOfAdministrators || counterAdministrator == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCustomers} Administrators");
}
for (int i = 0; i < NumOfCustomers; i++)
{
InsertCustomerToDb(administratorFacade, t);
}
if (counterCustomers == NumOfCustomers)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Customers created", counterCustomers);
}
else if (counterCustomers < NumOfCustomers || counterCustomers == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCustomers} customers");
}
InsertCountriesToDbByNumOfCountries(NumOfCountries, administratorFacade, t);
if (counterCountries == NumOfCountries)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Countries created", NumOfCountries);
}
else if (counterCountries < NumOfCountries || counterCountries == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfCountries} countries");
}
for (int i = 0; i < NumOfAirlineCompanies; i++)
{
Log.logger.Debug($"Before InsertAirlineCompanyToDb i = {i} from {NumOfAirlineCompanies}");
InsertAirlineCompanyToDb(administratorFacade, t);
}
if (counterAielineCompanies == NumOfAirlineCompanies)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Airline Companies created", NumOfAirlineCompanies);
}
else if (counterAielineCompanies < NumOfAirlineCompanies || counterAielineCompanies == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfAirlineCompanies} airline companies");
}
for (int i = 0; i < NumOfFlights; i++)
{
InsertFlightsToDb(administratorFacade, t);
}
if (counterFlights == NumOfFlights)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Flights created", NumOfFlights);
}
else if (counterFlights == NumOfFlights || counterFlights == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfFlights} flights");
}
for (int i = 0; i < NumOfTickets; i++)
{
InsetTicketsToDb(administratorFacade, t);
}
if (counterTickets == NumOfTickets)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format("{0} Tickets created", NumOfTickets);
}
else if (counterTickets < NumOfTickets)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Half a failure created {counterTickets} /{NumOfTickets} tickets");
}
else if (counterTickets == 0)
{
if (LogMessage != "")
{
LogMessage = LogMessage + "\n";
}
LogMessage = LogMessage + string.Format($"Failed to create {NumOfTickets} tickets");
}
});
}, () => { return(CanExecuteAddMethod()); });
Task.Run(() =>
{
while (true)
{
AddDBCommand.RaiseCanExecuteChanged(); // go check the enable/disable
ReplaceDBCommand.RaiseCanExecuteChanged(); // go check the enable/disable
Thread.Sleep(250);
}
});
}
internal abstract bool TryLogin(string username, string password, out FacadeBase facade, out ILoginToken loginToken);
public bool TryLogin(out FacadeBase facade, out ILoginToken loginToken, string userName, string password)
{
if (userName == "admin")
{
if (password == "99999")
{
facade = new LoggedInAdministratorFacade();
loginToken = new LoginToken <Administrator>()
{
User = mainAdmin
};
log.Info("Main Administrator has logged in to the system");
return(true);
}
else
{
log.Error("One or more of the super admin details are wrong");
throw new WrongCredentialsException("One or more of the super admin details are wrong");
}
}
User user;
try
{
user = _userDAO.GetUserByUserName(userName);
}
catch (Exception ex)
{
log.Error($"Could not find user: {ex.Message}");
throw new WrongCredentialsException($"One or more of the details are wrong: {ex.Message}");
}
if (user.Password == password)
{
switch (user.User_Role)
{
case 1:
{
facade = new LoggedInAdministratorFacade();
Administrator admin = _adminDAO.GetAdminByUserId(user.Id);
loginToken = new LoginToken <Administrator>()
{
User = admin
};
break;
}
case 2:
{
facade = new LoggedInAirlineFacade();
AirlineCompany airlineCompany = _airlineDAO.GetAirlineByUserId(user.Id);
loginToken = new LoginToken <AirlineCompany>()
{
User = airlineCompany
};
break;
}
case 3:
{
facade = new LoggedInCustomerFacade();
Customer customer = _customerDAO.GetCustomerByUserId(user.Id);
loginToken = new LoginToken <Customer>()
{
User = customer
};
break;
}
default:
{
facade = new AnonymousUserFacade();
loginToken = null;
break;
}
}
log.Info($"User {userName} has logged in to the system");
return(true);
}
else
{
log.Error($"One or more of the user {userName} details are wrong");
throw new WrongCredentialsException($"One or more of the user {userName} details are wrong");
}
}
public void AnonymousWrongPassword()
{
FlyingCenterSystem flyingCenterSystem = FlyingCenterSystem.GetInstance();
ILoginToken loginToken = flyingCenterSystem.Login(TestResource.AnonymousFacade_Anonymous_USER_NAME, TestResource.AnonymousFacade_AnonymousWrongPASSWORD);
}
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"You must enter user name + password");
}
else
{
string authenticationToken = actionContext.Request.Headers.Authorization.Parameter;
string decodedAuthenticationToken = Encoding.UTF8.GetString(
Convert.FromBase64String(authenticationToken));
string[] usernamePasswordArray = decodedAuthenticationToken.Split(':');
string username = usernamePasswordArray[0];
string password = usernamePasswordArray[1];
FlyingCenterSystem fcs = FlyingCenterSystem.GetInstance();
try
{
ILoginToken loginToken = fcs.Login(username, password);
IFacade facade = fcs.GetFacade(loginToken);
if (loginToken.GetType() == typeof(LoginToken <Administrator>))
{
LoginToken <Administrator> token = (LoginToken <Administrator>)loginToken;
LoggedInAdministratorFacade LogFacade = (LoggedInAdministratorFacade)facade;
actionContext.Request.Properties["AdminUser"] = token;
actionContext.Request.Properties["AdminFacade"] = LogFacade;
}
else if (loginToken.GetType() == typeof(LoginToken <Customer>))
{
LoginToken <Customer> token = (LoginToken <Customer>)loginToken;
LoggedInCustomerFacade LogFacade = (LoggedInCustomerFacade)facade;
actionContext.Request.Properties["CustomerUser"] = token;
actionContext.Request.Properties["CustomerFacade"] = LogFacade;
}
else if (loginToken.GetType() == typeof(LoginToken <AirLineCompany>))
{
LoginToken <AirLineCompany> token = (LoginToken <AirLineCompany>)loginToken;
LoggedInAirlineFacade LogFacade = (LoggedInAirlineFacade)facade;
actionContext.Request.Properties["AirlineUser"] = token;
actionContext.Request.Properties["AirlineFacade"] = LogFacade;
}
userIsBlocked = 0;
}
catch (Exception e)
{
userIsBlocked++;
if (userIsBlocked == 3)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.BadRequest, $"you blocked!");
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, $"{e.Message}");
}
}
}
}
