public async Task <IActionResult> RawData(string type) { string userId = this.User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); if (userId != null) { if (quser == null) { QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); } else { QuantApp.Kernel.User.ContextUser = quser.ToUserData(); } } else { QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); } M m = M.Base(type); var res = m.RawEntries(); QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); return(Ok(res)); }
public async Task <IActionResult> Data(string type) { string userId = this.User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); if (quser == null) { return(Unauthorized()); } QuantApp.Kernel.User.ContextUser = quser.ToUserData(); // if (userId != null) // { // if(quser == null) // QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); // else // QuantApp.Kernel.User.ContextUser = quser.ToUserData(); // } // else // QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); M m = M.Base(type); var res = m.KeyValues(); QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); return(Ok(res)); }
public async Task <IActionResult> Save(string type) { string userId = this.User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); if (quser == null) { return(Unauthorized()); } QuantApp.Kernel.User.ContextUser = quser.ToUserData(); M m = M.Base(type); m.Save(); QuantApp.Kernel.User.ContextUser = new QuantApp.Kernel.UserData(); return(Ok(new { Result = "saved" })); }
public async Task <ActionResult> Register([FromBody] SecureRegisterViewModel model) { if (ModelState.IsValid) { string id = "QuantAppSecure_" + model.Email.ToLower().Replace('@', '.').Replace(':', '.'); QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id); if (quser == null) { var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure"); user.FirstName = model.FirstName; user.LastName = model.LastName; user.Email = model.Email.ToLower(); string profile = model.GroupID; user.TenantName = id; user.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(model.Password); if (model.Secret != null) { if (_secrets.ContainsKey(model.Secret)) { user.Secret = _secrets[model.Secret]; } } var sessionKey = System.Guid.NewGuid().ToString(); sessionKeys.TryAdd(sessionKey, user.Secret); revSessionKeys.TryAdd(user.Secret, sessionKey); Response.Cookies.Append("coflows", sessionKey, new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); var claims = new[] { new Claim(ClaimTypes.Email, user.Email) }; var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "coflows-ce", audience: "coflows-ce", claims: claims, expires: DateTime.Now.AddDays(10), signingCredentials: creds); quser = QuantApp.Kernel.User.FindUser(id); QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public"); group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); QuantApp.Kernel.Group gp = Group.FindGroup(profile); if (gp != null) { gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited); } return(Ok(new { User = quser.ToUserData(), token = new JwtSecurityTokenHandler().WriteToken(token), Secret = quser.Secret, Session = sessionKey })); } else { return(BadRequest(new { Value = false, ID = "Email is already in use..." })); } } string messages = string.Join("<br\\> ", ModelState.Values .SelectMany(x => x.Errors) .Select(x => x.ErrorMessage)); return(Ok(new { Value = false, ID = messages })); }
public async Task <ActionResult> Login([FromBody] SecureLogOnViewModel model) { string id = null; QuantApp.Kernel.User user = null; bool secretLogin = false; if (model.Username != null) { id = "QuantAppSecure_" + model.Username.ToLower().Replace('@', '.').Replace(':', '.'); user = QuantApp.Kernel.User.FindUser(id); } else if (model.Code != null) { user = QuantApp.Kernel.User.FindUserBySecret(model.Code); if (user != null) { id = user.ID; secretLogin = true; } } else { return(BadRequest(new { Data = "Could not verify user" })); } var group = QuantApp.Kernel.Group.FindGroup(model.GroupID); var permission = user == null ? QuantApp.Kernel.AccessType.Denied : group == null ? QuantApp.Kernel.AccessType.Read : group.Permission(null, user); if (user != null && permission != QuantApp.Kernel.AccessType.Denied && (secretLogin ? true : user.VerifyPassword(model.Password))) { var remoteIpAddress = Request.HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress; string ip = remoteIpAddress.ToString(); if (ip.Contains(":")) { ip = ip.Substring(ip.LastIndexOf(":") + 1); } //string ip = (Request.ServerVariables["HTTP_X_FORWARDED_FOR"] ?? Request.ServerVariables["REMOTE_ADDR"]).Split(',')[0].Trim(); UserRepository.AddLoginStamp(id, DateTime.UtcNow, ip); var claims = new[] { new Claim(ClaimTypes.Email, user.Email) }; var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "coflows-ce", audience: "coflows-ce", claims: claims, expires: DateTime.Now.AddDays(10), signingCredentials: creds); if (String.IsNullOrEmpty(user.Secret)) { var secret_key = QuantApp.Engine.Code.GetMd5Hash(user.ID); user.Secret = secret_key; } var sessionKey = System.Guid.NewGuid().ToString(); sessionKeys[sessionKey] = user.Secret; revSessionKeys[user.Secret] = sessionKey; Response.Cookies.Append("coflows", sessionKey, new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); return(Ok(new { User = user.ToUserData(), token = new JwtSecurityTokenHandler().WriteToken(token), Secret = user.Secret, Session = sessionKey })); } return(BadRequest(new { Data = "Could not verify user" })); }
public async Task Invoke(HttpContext context) { try { if (!context.WebSockets.IsWebSocketRequest) { try { await _next.Invoke(context); } catch {} return; } QuantApp.Kernel.User quser = null; string cokey = context.Request.Cookies["coflows"]; if (cokey == null && context.Request.Query.ContainsKey("_session")) { cokey = context.Request.Query["_session"]; } if (!context.User.Identity.IsAuthenticated) { if (cokey != null) { if (CoFlows.Server.Controllers.AccountController.sessionKeys.ContainsKey(cokey)) { quser = QuantApp.Kernel.User.FindUserBySecret(CoFlows.Server.Controllers.AccountController.sessionKeys[cokey]); if (quser == null) { await _next.Invoke(context); return; } } else { await _next.Invoke(context); return; } } else { await _next.Invoke(context); return; } } var queryString = context.Request.QueryString; var path = context.Request.Path.ToString() + queryString; var headers = new List <KeyValuePair <string, string> >(); foreach (var head in context.Request.Headers) { foreach (var val in head.Value) { try { headers.Add(new KeyValuePair <string, string>(head.Key, val.Replace("%7C", "|"))); } catch {} } } var socket = await context.WebSockets.AcceptWebSocketAsync(); var id = _socketManager.AddSocket(socket); var address = context.Connection.RemoteIpAddress; if (path.StartsWith("/lab/")) { var wid = path.Replace("/lab/", ""); wid = wid.Substring(0, wid.IndexOf("/")); int labPort = CoFlows.Server.Controllers.LabController.LabDB[cokey + wid]; var client = ProxyConnection.Client(socket, path); client.Connect("ws://localhost:" + labPort, headers); var _socket = client.ClientWebSocket; _proxies.TryAdd(socket.GetHashCode() + path, client); } if (WebSocketListner.registered_address.ContainsKey(id)) { WebSocketListner.registered_address[id] = address; } else { WebSocketListner.registered_address.TryAdd(id, address); } if (WebSocketListner.registered_sockets.ContainsKey(id)) { WebSocketListner.registered_sockets[id] = socket; } else { WebSocketListner.registered_sockets.TryAdd(id, socket); } await Receive(socket, async (result, length, buffer) => { if (quser != null) { QuantApp.Kernel.User.ContextUser = quser.ToUserData(); } if (result.MessageType == WebSocketMessageType.Close) { await _socketManager.RemoveSocket(id); QuantApp.Kernel.User.ContextUser = new UserData(); return; } else if (result.MessageType == WebSocketMessageType.Text) { string userMessage = Encoding.UTF8.GetString(buffer, 0, length); WebSocketListner.appServer_NewMessageReceived(socket, userMessage, path, headers); QuantApp.Kernel.User.ContextUser = new UserData(); return; } else { Console.WriteLine("REC BIN1: " + result.MessageType); } QuantApp.Kernel.User.ContextUser = new UserData(); }); } catch (Exception e) { Console.WriteLine("Invoke " + e); Console.WriteLine(e.StackTrace); } }
public async Task <ActionResult> WhoAmI() { var userId = User.QID(); if (userId == null) { return(Unauthorized()); } QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId); bool loggedin = false; string uid = ""; string username = ""; string firstname = ""; string lastname = ""; string email = ""; string metadata = ""; string secret = ""; if (quser != null) { List <object> groups_serialized = new List <object>(); loggedin = true; uid = quser.ID; username = quser.FirstName + " " + quser.LastName; firstname = quser.FirstName; lastname = quser.LastName; email = quser.Email; metadata = quser.MetaData; secret = quser.Secret; if (!revSessionKeys.ContainsKey(secret)) { var session = System.Guid.NewGuid().ToString(); sessionKeys.TryAdd(session, secret); revSessionKeys.TryAdd(secret, session); } Response.Cookies.Append("coflows", revSessionKeys.ContainsKey(secret) ? revSessionKeys[secret] : "", new CookieOptions() { Expires = DateTime.Now.AddHours(24) }); return(Ok(new { Loggedin = loggedin, User = quser.ToUserData(), Secret = secret, Session = revSessionKeys.ContainsKey(secret) ? revSessionKeys[secret] : "" })); } else { return(BadRequest("User not logged in")); } }