public ActionResult Register(RegisterVM model)
{
if (!ModelState.IsValid)
{
return(PartialView("~/Views/Partials/_Register.cshtml", model));
}
UsersRepository repo = new UsersRepository();
if (repo.GetAll(null).FirstOrDefault(m => m.Username == model.Username) != null)
{
ModelState.AddModelError("RegistrationFailed", "This username already exists!");
return(PartialView("~/Views/Partials/_Register.cshtml", model));
}
User item = new User
{
Username = model.Username,
Password = model.Password,
FirstName = model.FirstName,
LastName = model.LastName,
Email = model.Email,
CreationDate = DateTime.Now
};
repo.Insert(item);
// automatic login after registration
AuthManager.Authenticate(item.Username, item.Password);
return(Content(""));
}
public ActionResult Login(LoginVM model)
{
if (this.ModelState.IsValid)
{
AuthManager.Authenticate(model.Username, model.Password);
if (AuthManager.LoggedUser == null)
{
ModelState.AddModelError("authenticationFailed", "Wrong username or password!");
}
}
if (!ModelState.IsValid)
{
return(PartialView("~/Views/Partials/_Login.cshtml", model));
}
return(Content(""));
}
/// <summary>
/// Event handler for when a user clicks the login button.
/// If the user's information exist in the database, authenticate them.
/// If the user's information does not match any records in the database, inform them and tell them to try again.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnLogin_Click(object sender, EventArgs e)
{
//Pass user login information to the authentication manager.
var authAttempt = (userDTO)AuthManager.Authenticate(txtFirstName.Text, txtLastName.Text, txtPhone.Text, txtCity.Text);
if (authAttempt != null)
{
//If the authorization is successful, add the customer's ID to the session.
Session.Add("custID", authAttempt.custID);
//Redirect user after successful login.
FormsAuthentication.RedirectFromLoginPage(authAttempt.FullName, false);
}
else
{
//Sends an error message to the ValidationSummary.
ModelState.AddModelError("", "No customer with this information was found. Please try again.");
}
}
public ResultModel Post([FromBody] LoginModel data)
{
AuthManager authManager = new AuthManager();
return(authManager.Authenticate(data));
}
private static async Task RequestReceived(HttpContext ctx)
{
string header = _Header + ctx.Request.SourceIp + ":" + ctx.Request.SourcePort + " ";
DateTime startTime = DateTime.Now;
Stopwatch sw = new Stopwatch();
sw.Start();
RequestMetadata md = new RequestMetadata();
md.Http = ctx;
md.User = null;
md.Key = null;
md.Perm = null;
try
{
if (Common.IsTrue(_Settings.Debug.HttpRequest))
{
_Logging.Debug(header + "RequestReceived request received: " + Environment.NewLine + md.Http.ToString());
}
if (ctx.Request.Method == HttpMethod.OPTIONS)
{
await OptionsHandler(ctx);
return;
}
if (ctx.Request.RawUrlEntries != null && ctx.Request.RawUrlEntries.Count > 0)
{
if (ctx.Request.RawUrlWithoutQuery.Equals("/favicon.ico"))
{
ctx.Response.StatusCode = 200;
await ctx.Response.Send();
return;
}
if (ctx.Request.RawUrlWithoutQuery.Equals("/robots.txt"))
{
ctx.Response.StatusCode = 200;
ctx.Response.ContentType = "text/plain";
await ctx.Response.Send("User-Agent: *\r\nDisallow:\r\n");
return;
}
}
if (ctx.Request.RawUrlEntries == null || ctx.Request.RawUrlEntries.Count == 0)
{
ctx.Response.StatusCode = 200;
ctx.Response.ContentType = "text/html";
await ctx.Response.Send(DefaultPage("http://github.com/kvpbase"));
return;
}
_ConnMgr.Add(Thread.CurrentThread.ManagedThreadId, ctx);
string apiKeyVal = ctx.Request.RetrieveHeaderValue(_Settings.Server.HeaderApiKey);
UserMaster user = null;
ApiKey apiKey = null;
AuthResult authResult = AuthResult.None;
Permission effectivePermissions = null;
if (!String.IsNullOrEmpty(apiKeyVal))
{
if (!_AuthMgr.Authenticate(apiKeyVal, out user, out apiKey, out effectivePermissions, out authResult))
{
_Logging.Warn("RequestReceived unable to verify API key " + apiKeyVal + ": " + authResult);
ctx.Response.StatusCode = 401;
ctx.Response.ContentType = "application/json";
await ctx.Response.Send(Common.SerializeJson(new ErrorResponse(3, 401, null, null), true));
return;
}
}
md.User = user;
md.Key = apiKey;
md.Perm = effectivePermissions;
md.Params = RequestMetadata.Parameters.FromHttpRequest(ctx.Request);
if (md.User != null)
{
md.Params.UserGuid = md.User.GUID;
}
_ConnMgr.Update(Thread.CurrentThread.ManagedThreadId, md.User);
await UserApiHandler(md);
return;
}
catch (Exception e)
{
_Logging.Exception("StorageServer", "RequestReceived", e);
ctx.Response.StatusCode = 500;
ctx.Response.ContentType = "application/json";
await ctx.Response.Send(Common.SerializeJson(new ErrorResponse(1, 500, "Outer exception.", null), true));
return;
}
finally
{
sw.Stop();
_ConnMgr.Close(Thread.CurrentThread.ManagedThreadId);
string msg =
header +
ctx.Request.Method + " " + ctx.Request.RawUrlWithoutQuery + " " +
ctx.Response.StatusCode + " " +
"[" + sw.ElapsedMilliseconds + "ms]";
_Logging.Debug(msg);
}
}
