public static object PostMember( NancyContext context, IDocumentSession documentSession, string alias, string emailAddress) { context.Ensure("context"); documentSession.Ensure("documentSession"); if (!context.IsSignedIn()) return 403; var errors = new List<string>(); errors.AddRange(fn.ValidateRequired("Alias", alias)); errors.AddRange(fn.ValidateLength("Alias", alias, 32)); errors.AddRange(fn.ValidateFormat("Alias", alias, new Regex("[a-z][a-z0-9_-]+"))); errors.AddRange(fn.ValidateRequired("Email Address", emailAddress)); errors.AddRange(fn.ValidateLength("Email Address", emailAddress, 1024)); var member = documentSession.GetMemberByAlias(alias); if (member != null) errors.Add(Strings.AliasNotAvailable(alias)); if (errors.Count > 0) return context.ModelWithStatus(new SignUpFormResponse(alias, emailAddress, errors), 400); var authType = context.ReadSession<string>(Constants.AuthTypeSessionKey); var authId = context.ReadSession<string>(Constants.AuthIdSessionKey); if (String.IsNullOrEmpty(authType)) throw new InvalidOperationException(Strings.AuthTypeMissing()); if (String.IsNullOrEmpty(authId)) throw new InvalidOperationException(Strings.AuthIdMissing()); member = documentSession.CreateMember(authType, authId, alias, emailAddress); var returnUrl = context.GetReturnUrl(); return context.Redirect(returnUrl ?? Paths.Member(member.Alias)); }
public static object GetReceiver( NancyContext context, IConfiguration configuration, IDocumentSession documentSession, string oAuthToken, string oAuthVerifier) { if (String.IsNullOrEmpty(oAuthToken)) return 400; if (String.IsNullOrEmpty(oAuthVerifier)) return 400; var storedToken = context.ReadSession<string>(Constants.TwitterAuth.SessionKey); if (storedToken == null || !storedToken.Equals( oAuthToken, StringComparison.OrdinalIgnoreCase)) { throw new InvalidOperationException("Stored OAuth token doesn't match incoming OAuth token."); } var oAuthRequest = OAuthRequest.ForAccessToken( configuration.TwitterAuthConsumerKey, configuration.TwitterAuthConsumerSecret, oAuthToken, oAuthVerifier); oAuthRequest.RequestUrl = Constants.TwitterAuth.AccessTokenUrl; var authResponse = fn.SendGet( new Uri(oAuthRequest.RequestUrl), addHeader => addHeader("Authorization", oAuthRequest.GetAuthorizationHeader())); var authParams = fn.ParseQueryString(authResponse); var twitterUserId = authParams[Constants.TwitterAuth.UserIdParamName]; if (String.IsNullOrEmpty(twitterUserId)) throw new InvalidOperationException("No user ID in the Twitter auth params."); var authId = GetOrCreateUser(context, twitterUserId); var location = GetRedirectLocation(context, authId, documentSession); var response = context.Redirect(location); var authenticationCookie = MakeCookie(authId); response.AddCookie(authenticationCookie); return response; }