static object DeleteMember(
NancyContext context,
IDocumentSession documentSession,
string alias)
{
if (context == null) throw new ArgumentNullException("context");
if (documentSession == null) throw new ArgumentNullException("documentSession");
if (String.IsNullOrEmpty(alias))
return 404;
if (!context.IsSignedUp())
return 403;
var memberToDelete = documentSession.GetMemberByAlias(alias);
if (memberToDelete == null)
return 404;
var currentMember = context.GetCurrentMember(documentSession);
Debug.Assert(currentMember != null, "`requireSignedUp()` should ensure the current member is not null.");
if (!memberToDelete.Alias.Equals(currentMember.Alias, StringComparison.OrdinalIgnoreCase))
return 403;
documentSession.DeleteMember(memberToDelete.Id);
context.SetAlert("Your membership was deleted.", type: AlertType.Success);
context.SignOutOfTwitter();
return context.Redirect(Paths.Home());
}
static object DeleteSession(NancyContext context)
{
context.Ensure("context");
context.SetAlert("You successfully signed out.", type: AlertType.Success);
context.SignOutOfTwitter();
return context.Redirect(Paths.Home());
}
public static object GetReceiver(
NancyContext context,
IConfiguration configuration,
IDocumentSession documentSession,
string oAuthToken,
string oAuthVerifier)
{
if (String.IsNullOrEmpty(oAuthToken))
return 400;
if (String.IsNullOrEmpty(oAuthVerifier))
return 400;
var storedToken = context.ReadSession<string>(Constants.TwitterAuth.SessionKey);
if (storedToken == null ||
!storedToken.Equals(
oAuthToken,
StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException("Stored OAuth token doesn't match incoming OAuth token.");
}
var oAuthRequest = OAuthRequest.ForAccessToken(
configuration.TwitterAuthConsumerKey,
configuration.TwitterAuthConsumerSecret,
oAuthToken,
oAuthVerifier);
oAuthRequest.RequestUrl = Constants.TwitterAuth.AccessTokenUrl;
var authResponse = fn.SendGet(
new Uri(oAuthRequest.RequestUrl),
addHeader => addHeader("Authorization", oAuthRequest.GetAuthorizationHeader()));
var authParams = fn.ParseQueryString(authResponse);
var twitterUserId = authParams[Constants.TwitterAuth.UserIdParamName];
if (String.IsNullOrEmpty(twitterUserId))
throw new InvalidOperationException("No user ID in the Twitter auth params.");
var authId = GetOrCreateUser(context, twitterUserId);
var location = GetRedirectLocation(context, authId, documentSession);
var response = context.Redirect(location);
var authenticationCookie = MakeCookie(authId);
response.AddCookie(authenticationCookie);
return response;
}
public static object PostMember(
NancyContext context,
IDocumentSession documentSession,
string alias,
string emailAddress)
{
context.Ensure("context");
documentSession.Ensure("documentSession");
if (!context.IsSignedIn())
return 403;
var errors = new List<string>();
errors.AddRange(fn.ValidateRequired("Alias", alias));
errors.AddRange(fn.ValidateLength("Alias", alias, 32));
errors.AddRange(fn.ValidateFormat("Alias", alias, new Regex("[a-z][a-z0-9_-]+")));
errors.AddRange(fn.ValidateRequired("Email Address", emailAddress));
errors.AddRange(fn.ValidateLength("Email Address", emailAddress, 1024));
var member = documentSession.GetMemberByAlias(alias);
if (member != null)
errors.Add(Strings.AliasNotAvailable(alias));
if (errors.Count > 0)
return context.ModelWithStatus(new SignUpFormResponse(alias, emailAddress, errors), 400);
var authType = context.ReadSession<string>(Constants.AuthTypeSessionKey);
var authId = context.ReadSession<string>(Constants.AuthIdSessionKey);
if (String.IsNullOrEmpty(authType))
throw new InvalidOperationException(Strings.AuthTypeMissing());
if (String.IsNullOrEmpty(authId))
throw new InvalidOperationException(Strings.AuthIdMissing());
member = documentSession.CreateMember(authType, authId, alias, emailAddress);
var returnUrl = context.GetReturnUrl();
return context.Redirect(returnUrl ?? Paths.Member(member.Alias));
}
static object PostRoom(
NancyContext context,
IDocumentSession documentSession,
string title,
string slug,
string description)
{
context.Ensure("context");
documentSession.Ensure("documentSession");
if (!context.IsSignedUp())
return 403;
var errors = new List<string>();
errors.AddRange(fn.ValidateRequired("Title", title));
errors.AddRange(fn.ValidateLength("Title", title, 128));
errors.AddRange(fn.ValidateRequired("Slug", slug));
errors.AddRange(fn.ValidateLength("Slug", slug, 128));
errors.AddRange(fn.ValidateFormat("Slug", slug, new Regex("[a-z][a-z0-9_-]+")));
if (description != null)
errors.AddRange(fn.ValidateLength("Description", description, 1024));
var existingRoom =documentSession.GetRoomBySlug(slug);
if (existingRoom != null)
errors.Add(Strings.NotAvailable("slug", slug));
existingRoom = documentSession.GetRoomByTitle(title);
if (existingRoom != null)
errors.Add(Strings.NotAvailable("title", title));
if (errors.Count > 0)
return context.ModelWithStatus(new CreateRoomFormResponse(title, slug, description, errors), 400);
var currentMember = context.GetCurrentMember(documentSession);
Debug.Assert(currentMember != null, "`IsSignedUp` should ensure current member is not null.");
var room = documentSession.CreateRoom(currentMember.Id, slug, title, description);
return context.Redirect(Paths.Room(room.Slug));
}
static object GetInitiator(
NancyContext context,
IConfiguration configuration)
{
context.Ensure("context");
configuration.Ensure("configuration");
var returnUrl = context.Request.Query["return-url"].Value as string;
if (!String.IsNullOrEmpty(returnUrl))
context.SetReturnUrl(returnUrl);
var callbackUri = fn.MakeAbsoluteUri(Paths.TwitterAuthReceiver());
var oAuthRequest = OAuthRequest.ForRequestToken(
configuration.TwitterAuthConsumerKey,
configuration.TwitterAuthConsumerSecret,
callbackUri.ToString());
oAuthRequest.RequestUrl = Constants.TwitterAuth.RequestTokenUrl;
var response = fn.SendGet(
new Uri(oAuthRequest.RequestUrl),
addHeader => addHeader("Authorization", oAuthRequest.GetAuthorizationHeader()));
var @params = fn.ParseQueryString(response);
var token = @params[Constants.TwitterAuth.OAuthTokenParamName];
if (String.IsNullOrEmpty(token))
throw new InvalidOperationException(Strings.OAuthTokenMissing());
context.WriteSession(Constants.TwitterAuth.SessionKey, token);
return context.Redirect(string.Format(
CultureInfo.InvariantCulture,
Constants.TwitterAuth.AuthenticatehUrlFormat,
token));
}
public static object PostPlayer(
NancyContext context,
IDocumentSession documentSession,
IMailSender mailSender,
string roomSlug,
string invitationCode,
string characterName,
string characterAvatarUrl)
{
context.Ensure("context");
documentSession.Ensure("documentSession");
mailSender.Ensure("mailSender");
if (string.IsNullOrEmpty(roomSlug))
return 404;
if (!context.IsSignedUp())
return 403;
var room = documentSession.GetRoomBySlug(roomSlug);
if (room == null)
return 404;
var currentMember = context.GetCurrentMember(documentSession);
Debug.Assert(currentMember != null, "`requireSignedUp()` should ensure a current member.");
var errors = new List<string>();
errors.AddRange(fn.ValidateRequired("Invitation code", invitationCode));
var playerInvitation = documentSession.GetPlayerInvitationByCode(invitationCode);
if (playerInvitation == null)
errors.Add("The invitation code is not valid.");
if (playerInvitation != null && playerInvitation.Used)
errors.Add("The invitation code has already been used.");
errors.AddRange(fn.ValidateRequired("Character Name", characterName));
errors.AddRange(fn.ValidateLength("Character Name", characterName, 64));
errors.AddRange(fn.ValidateFormat("Character Name", characterName, new Regex("^[a-z][a-z0-9 .'-]+$", RegexOptions.IgnoreCase)));
if (!string.IsNullOrEmpty(characterAvatarUrl))
errors.AddRange(fn.ValidateUrl("Avatar URL", characterAvatarUrl));
var existingPlayer = room.Players.FirstOrDefault(p => p.CharacterName.Equals(characterName, StringComparison.OrdinalIgnoreCase));
if (existingPlayer != null)
errors.Add(Strings.NotAvailable("character name", characterName));
if (errors.Count > 0)
return context.ModelWithStatus(new AcceptInvitationFormResponse(room, invitationCode, characterName, characterAvatarUrl, errors), 400);
var player = new Player
{
CharacterAvatarUrl = characterAvatarUrl,
CharacterName = characterName,
MemberAlias = currentMember.Alias,
MemberId = currentMember.Id,
MemberEmailAddress = currentMember.EmailAddress,
RoomId = room.Id
};
room.Players.Add(player);
documentSession.UpdatePlayerInvitation(playerInvitation.Id, used: true);
string text = Strings.Format("{0} joined the room as {1}.", player.MemberAlias, player.CharacterName);
documentSession.CreatePost(mailSender, room.Id, currentMember.Id, null, null, "system", text);
return context.Redirect(Paths.Room(room.Slug));
}