public static object PostMember(
NancyContext context,
IDocumentSession documentSession,
string alias,
string emailAddress)
{
context.Ensure("context");
documentSession.Ensure("documentSession");
if (!context.IsSignedIn())
return 403;
var errors = new List<string>();
errors.AddRange(fn.ValidateRequired("Alias", alias));
errors.AddRange(fn.ValidateLength("Alias", alias, 32));
errors.AddRange(fn.ValidateFormat("Alias", alias, new Regex("[a-z][a-z0-9_-]+")));
errors.AddRange(fn.ValidateRequired("Email Address", emailAddress));
errors.AddRange(fn.ValidateLength("Email Address", emailAddress, 1024));
var member = documentSession.GetMemberByAlias(alias);
if (member != null)
errors.Add(Strings.AliasNotAvailable(alias));
if (errors.Count > 0)
return context.ModelWithStatus(new SignUpFormResponse(alias, emailAddress, errors), 400);
var authType = context.ReadSession<string>(Constants.AuthTypeSessionKey);
var authId = context.ReadSession<string>(Constants.AuthIdSessionKey);
if (String.IsNullOrEmpty(authType))
throw new InvalidOperationException(Strings.AuthTypeMissing());
if (String.IsNullOrEmpty(authId))
throw new InvalidOperationException(Strings.AuthIdMissing());
member = documentSession.CreateMember(authType, authId, alias, emailAddress);
var returnUrl = context.GetReturnUrl();
return context.Redirect(returnUrl ?? Paths.Member(member.Alias));
}
public static object GetReceiver(
NancyContext context,
IConfiguration configuration,
IDocumentSession documentSession,
string oAuthToken,
string oAuthVerifier)
{
if (String.IsNullOrEmpty(oAuthToken))
return 400;
if (String.IsNullOrEmpty(oAuthVerifier))
return 400;
var storedToken = context.ReadSession<string>(Constants.TwitterAuth.SessionKey);
if (storedToken == null ||
!storedToken.Equals(
oAuthToken,
StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException("Stored OAuth token doesn't match incoming OAuth token.");
}
var oAuthRequest = OAuthRequest.ForAccessToken(
configuration.TwitterAuthConsumerKey,
configuration.TwitterAuthConsumerSecret,
oAuthToken,
oAuthVerifier);
oAuthRequest.RequestUrl = Constants.TwitterAuth.AccessTokenUrl;
var authResponse = fn.SendGet(
new Uri(oAuthRequest.RequestUrl),
addHeader => addHeader("Authorization", oAuthRequest.GetAuthorizationHeader()));
var authParams = fn.ParseQueryString(authResponse);
var twitterUserId = authParams[Constants.TwitterAuth.UserIdParamName];
if (String.IsNullOrEmpty(twitterUserId))
throw new InvalidOperationException("No user ID in the Twitter auth params.");
var authId = GetOrCreateUser(context, twitterUserId);
var location = GetRedirectLocation(context, authId, documentSession);
var response = context.Redirect(location);
var authenticationCookie = MakeCookie(authId);
response.AddCookie(authenticationCookie);
return response;
}
