public bool RegisterCustomer(ViewModels.CustomerRegisterModel model)
{
using (var dbContext = new PaymentGatewayDbContext())
{
var customer = new Person
{
FullName = model.FullName,
DoB = model.DoB
};
customer.Accounts.Add(new Account { Balance = model.InitialDeposit });
var credential = new Credentials
{
UserName = model.UserName,
Person = customer,
CreatedDate = DateTimeOffset.Now,
SecretKey = criptoService.GenerateRandomByte(512)
};
using (SHA512 shasum = SHA512.Create())
{
credential.HashedPassword = shasum.ComputeHash(Encoding.Default.GetBytes(model.Password));
}
dbContext.Credentials.Add(credential);
dbContext.SaveChanges();
return true;
}
}
public bool RegisterMerchant(ViewModels.MerchantRegisterModel model)
{
using (var dbContext = new PaymentGatewayDbContext())
{
var merchant = new Merchant
{
Name = model.MerchantName,
Account = new Account { Balance = model.InitialDeposit }
};
dbContext.Merchants.Add(merchant);
dbContext.SaveChanges();
return true;
}
}
public void AuthenticateUser(string username, long epochTime)
{
using (PaymentGatewayDbContext dbContext = new PaymentGatewayDbContext())
{
var authChallege = dbContext.
AuthenticationChallenges.
Where(p => p.UserName == username && p.EpochTime == epochTime).
FirstOrDefault();
if(authChallege != null)
{
authChallege.ExpireDate = DateTimeOffset.Now;
authChallege.AuthWindow = TimeSpan.FromMinutes(15);
}
dbContext.SaveChanges();
}
}
public string GenerateAuthChallenge(string userName,out long epoachTime)
{
using (PaymentGatewayDbContext dbContext = new PaymentGatewayDbContext())
{
var user = dbContext.Credentials.Where(p => p.UserName == userName);
if (!(user.Count() > 0))
{
throw new InvalidOperationException("User don't exist.");
}
var previousAuthChallenge = dbContext.
AuthenticationChallenges.
Where(p => p.UserName == userName && p.ExpireDate > DateTimeOffset.Now);
if (previousAuthChallenge.Count() > 0)
{
var first = previousAuthChallenge.FirstOrDefault();
epoachTime = first.EpochTime;
return Base32.Base32Encoder.Encode(first.Challenge);
}
else
{
epoachTime = DateTimeOffset.Now.EpochTime();
byte[] challenge = cryptoService.GenerateRandomByte(512);
var Challenge = new AuthenticationChallenge
{
UserName = userName,
EpochTime = epoachTime,
Challenge = challenge,
ExpireDate = DateTimeOffset.Now.AddMinutes(15)
};
dbContext.AuthenticationChallenges.Add(Challenge);
dbContext.SaveChanges();
return Base32.Base32Encoder.Encode(challenge);
}
}
}
public string GetSecretOfUser(string username)
{
using (PaymentGatewayDbContext dbContext = new PaymentGatewayDbContext())
{
var result = dbContext.Credentials.SingleOrDefault(p => p.UserName == username);
if (result != null )
{
string secret = Base32.Base32Encoder.Encode(result.SecretKey);
return secret;
}
throw new ApplicationException("No Key");
}
}
public string GetAuthChallenge(string username, long epochTime)
{
using (PaymentGatewayDbContext dbContext = new PaymentGatewayDbContext())
{
var result = dbContext.AuthenticationChallenges.Where(p => (p.UserName == username && p.EpochTime == epochTime)).SingleOrDefault();
if (result != null)
{
string challenge = Base32.Base32Encoder.Encode(result.Challenge);
return challenge;
}
throw new ApplicationException("No Challenge for this user");
}
}
public bool IsUserAuthenticated(string username, long epochTime)
{
using (PaymentGatewayDbContext dbContext = new PaymentGatewayDbContext())
{
var authChallenge = dbContext.
AuthenticationChallenges.
Where(p => p.UserName == username && p.EpochTime == epochTime).
FirstOrDefault();
if(authChallenge != null)
{
return (authChallenge.AuthWindow > TimeSpan.Zero
&& DateTimeOffset.Now > authChallenge.ExpireDate
&& DateTimeOffset.Now < (authChallenge.ExpireDate + authChallenge.AuthWindow));
}
}
return false;
}
