public ActionResult SignInHandler(AuthAttempt authAttempt)
{
if (ModelState.IsValid)
{
// check if the credentials are right
// and store user in session
using (var ctx = new CarAuctionContext())
{
try
{
User existingUser = ctx.Users.FirstOrDefault(
u => u.Email == authAttempt.Email && u.Password == authAttempt.Password
);
if (existingUser != null)
{
HttpContext.Session["User"] = existingUser;
Response.Redirect("/Panel");
return(null);
}
}
catch (InvalidOperationException ignored)
{
}
}
}
ViewBag.FailureMessage = "Incorrect email or password";
return(View());
}
public bool AuthTokenValid([FromBody] AuthAttempt attempt)
{
if (attempt == null ||
string.IsNullOrEmpty(attempt.Email) ||
string.IsNullOrEmpty(attempt.AuthToken))
{
return(false);
}
return(!string.IsNullOrEmpty(GetUserId(attempt.Email, attempt.AuthToken)));
}
public ActionResult In()
{
if (Session["user"] != null)
{
Response.Redirect("/Panel");
}
AuthAttempt authAttempt = new AuthAttempt();
return(View(authAttempt));
}
public bool LogOut([FromBody] AuthAttempt attempt)
{
if (attempt == null ||
string.IsNullOrEmpty(attempt.Email) ||
string.IsNullOrEmpty(attempt.AuthToken))
{
return(false);
}
User user = new User();
user.Email = attempt.Email;
user.Init();
UserModel retrievedUser;
UserModel.GetUser(user.Email, out retrievedUser);
if (retrievedUser == null)
{
return(false);
}
retrievedUser.RemoveAuthToken(attempt.AuthToken);
return(UserModel.UpdateUser(retrievedUser));
}
private AuthAttempt CreateAndAddInProgressAuthorisation(string username)
{
lock (_inprogLock)
{
if (_inprogressAuthorisations.ContainsKey(username))
{
return null;
}
else
{
OAuthClientService oauthService = new OAuthClientService(Settings.ClientId, username);
AuthAttempt attempt = new AuthAttempt()
{
AuthService = oauthService,
Owner = username,
StartedAtUtc = DateTime.UtcNow
};
_inprogressAuthorisations.Add(username, attempt);
return attempt;
}
}
}