protected override void ProcessRequest(HttpListenerContext context)
{
var tokenCookie = context.Request.Cookies[RegisterHandler.TokenCookieName];
if (tokenCookie == null || string.IsNullOrEmpty(tokenCookie.Value))
{
ProcessUnauthorizedRequest(context);
return;
}
var token = CommonUtils.TryOrDefault(() => JsonHelper.ParseJson <Token>(TokenCrypt.Decrypt(HttpUtility.UrlDecode(tokenCookie.Value))));
if (token == null)
{
ProcessForbiddenRequest(context);
return;
}
var user = authController.FindUserAuthorized(token.Login);
if (user == null)
{
ProcessUserNotFoundRequest(context);
return;
}
ProcessAuthorizedRequest(context, user);
}
protected override void ProcessRequest(HttpListenerContext context)
{
context.Request.AssertMethod(WebRequestMethods.Http.Post);
var form = context.Request.GetPostData();
string login, pass;
if (!form.TryGetValue("login", out login) || string.IsNullOrEmpty(login))
{
throw new HttpException(HttpStatusCode.BadRequest, "Empty 'login' value");
}
if (!form.TryGetValue("pass", out pass) || string.IsNullOrEmpty(pass))
{
throw new HttpException(HttpStatusCode.BadRequest, "Empty 'pass' value");
}
if (login.Length > MaxLength || pass.Length > MaxLength)
{
throw new HttpException(HttpStatusCode.BadRequest, string.Format("Too large login/pass (max len {0})", MaxLength));
}
if (!Regex.IsMatch(login, @"^\w+$"))
{
throw new HttpException(HttpStatusCode.BadRequest, @"Only \w chars allowed in login");
}
string publicMessage;
form.TryGetValue("publicMessage", out publicMessage);
string privateNotes;
form.TryGetValue("privateNotes", out privateNotes);
if ((authController.AddUser(login, pass, publicMessage.TrimToNull(), privateNotes.TrimToNull())) == null)
{
throw new HttpException(HttpStatusCode.Conflict, string.Format("User '{0}' already exists", login));
}
context.Response.SetCookie(LoginCookieName, login);
context.Response.SetCookie(TokenCookieName, TokenCrypt.Encrypt(new Token {
Login = login
}.ToJsonString()), true);
WriteString(context, "Register OK");
log.InfoFormat("Registered user '{0}'", login);
}
protected override void ProcessRequest(HttpListenerContext context)
{
context.Request.AssertMethod(WebRequestMethods.Http.Post);
var form = context.Request.GetPostData();
User user;
string login, pass;
if (!form.TryGetValue("login", out login) || !form.TryGetValue("pass", out pass) || string.IsNullOrEmpty(login) || string.IsNullOrEmpty(pass) || (user = authController.FindUser(login, pass)) == null)
{
throw new HttpException(HttpStatusCode.Forbidden, "Invalid credentials");
}
context.Response.SetCookie(RegisterHandler.LoginCookieName, login);
context.Response.SetCookie(RegisterHandler.TokenCookieName, TokenCrypt.Encrypt(new Token {
Login = login
}.ToJsonString()), true);
WriteString(context, "Login OK");
log.InfoFormat("Logged in user '{0}'", login);
}
