public IHttpActionResult RenewSession(HttpRequestMessage request)
{
try
{
TokenService tokenService = new TokenService();
var tokenString = tokenService.ExtractToken(request);
if (string.IsNullOrEmpty(tokenString))
{
return(BadRequest(GeneralErrorMessages.GENERAL_ERROR));
}
var username = tokenService.GetTokenUsername(tokenString);
if (string.IsNullOrEmpty(username))
{
return(BadRequest(GeneralErrorMessages.GENERAL_ERROR));
}
var authenticationTokenManager = new AuthenticationTokenManager();
var tokenResponse = authenticationTokenManager.CreateToken(username);
return(Ok(tokenResponse.Data.TokenString));
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult RegisterFirstTimeRestaurantUser([FromBody] RegisterRestaurantDto registerRestaurantDto)
{
// Model Binding Validation
if (!ModelState.IsValid)
{
return(BadRequest(GeneralErrorMessages.MODEL_STATE_ERROR));
}
try
{
var userManager = new UserManager();
var response = userManager.CreateFirstTimeRestaurantUser(registerRestaurantDto);
if (response.Error != null)
{
return(BadRequest(response.Error));
}
// Return authentication token for user
var authManager = new AuthenticationTokenManager();
var token = authManager.CreateToken(registerRestaurantDto.UserAccountDto.Username);
return(Ok(token.Data.TokenString));
}
// Catch exceptions
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult AuthenticateUser([FromBody] LoginDto loginDto)
{
try
{
// Model Binding Validation
if (!ModelState.IsValid)
{
return(BadRequest(GeneralErrorMessages.MODEL_STATE_ERROR));
}
var loginManager = new LoginManager();
var loginResponse = loginManager.LoginUser(loginDto);
if (loginResponse.Error != null)
{
return(BadRequest(loginResponse.Error));
}
var authenticationTokenManager = new AuthenticationTokenManager();
var tokenResponse = authenticationTokenManager.CreateToken(loginResponse.Data.Username);
return(Ok(tokenResponse.Data.TokenString));
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult LogoutUserUser(HttpRequestMessage request)
{
try
{
AuthenticationTokenManager tokenManager = new AuthenticationTokenManager();
TokenService tokenService = new TokenService();
var tokenString = tokenService.ExtractToken(request);
if (string.IsNullOrEmpty(tokenString))
{
return(BadRequest(GeneralErrorMessages.GENERAL_ERROR));
}
var username = tokenService.GetTokenUsername(tokenString);
if (string.IsNullOrEmpty(username))
{
return(BadRequest(GeneralErrorMessages.GENERAL_ERROR));
}
AuthenticationTokenDto tokenDto = new AuthenticationTokenDto(username, tokenString);
var revokeTokenResponse = tokenManager.RevokeToken(tokenDto);
if (revokeTokenResponse.Error != null)
{
return(BadRequest(GeneralErrorMessages.GENERAL_ERROR));
}
return(Ok());
}
catch (Exception)
{
return(InternalServerError());
}
}
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
try
{
AuthenticationTokenManager tokenManager = new AuthenticationTokenManager();
AuthenticationToken authenticationToken;
TokenService tokenService = new TokenService();
// Check if the request URI absolute path should skip authentication
if (CheckIfSkippedUri(request.RequestUri.AbsolutePath.ToLower()))
{
return(await base.SendAsync(request, cancellationToken));
}
// Send request when request has no token
if (request.Headers.Authorization == null)
{
return(await base.SendAsync(request, cancellationToken));
}
// Extracting the tokenString from the Header
var tokenString = tokenService.ExtractToken(request);
// Checking if there is an empty or a null value to the token
if (string.IsNullOrEmpty(tokenString))
{
// This is done incase the request does not require authentication
return(await base.SendAsync(request, cancellationToken));
}
// Extract username from the token
var username = tokenService.GetTokenUsername(tokenString);
// Checking if the Username is empty or null
if (string.IsNullOrEmpty(username))
{
return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
}
using (AuthenticationGateway gateway = new AuthenticationGateway())
{
// Getting the Authentication Token Associated with the username
var gatewayResult = gateway.GetAuthenticationToken(username);
if (gatewayResult.Error != null || gatewayResult.Data.TokenString != tokenString || gatewayResult.Data.ExpiresOn.CompareTo(DateTime.Now) < 0)
{
return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
}
authenticationToken = gatewayResult.Data;
}
var tokenPrincipal = tokenManager.GetTokenPrincipal(authenticationToken, out _);
Thread.CurrentPrincipal = tokenPrincipal;
return(await base.SendAsync(request, cancellationToken));
}
catch (Exception)
{
return(await Task <HttpResponseMessage> .Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.Unauthorized), cancellationToken));
}
}
