public override void OnActionExecuting(HttpActionContext actionContext)
{
base.OnActionExecuting(actionContext);
if (actionContext.RequestContext.Url.Request.GetQueryNameValuePairs()?.FirstOrDefault(each => each.Key == "username").Value is string usernameValue)
{
using (HomeM8Entities db = new HomeM8Entities())
{
if (HomeM8.GetUserByUsername(usernameValue, db) is Users requestedUser)
{
try
{
var decryptedContent = Security.DecryptAES(requestedUser.SharedSecret, actionContext.Request.Content.ReadAsStringAsync().Result);
actionContext.Request.Content = new StringContent(decryptedContent);
}
catch
{
actionContext.Request.Content = new StringContent(HomeM8.DecryptionFailedString);
return;
}
}
else
{
actionContext.Request.Content = new StringContent(HomeM8.UsernameNotFoundString);
return;
}
}
}
}
public void ModificateLanguageContent(/*string password*/)
{
//if (password=="mysupersecretapikey")
//{
int Turkish = 1;
int English = 2;
AppConfigurationModel bufferModel;
using (HomeM8Entities db = new HomeM8Entities())
{
var dbItem = db.Languages.FirstOrDefault(each => each.LanguageID == 1);
bufferModel = JsonConvert.DeserializeObject <AppConfigurationModel>(dbItem.AppContent);
var dbItem2 = db.Languages.FirstOrDefault(each => each.LanguageID == 2);
var bufferModel2 = JsonConvert.DeserializeObject <AppConfigurationModel>(dbItem2.AppContent);
#region Düzenleme Bölümü
bufferModel.AccountPageContent.ExitButtonString = "Evden Ayrıl";
#endregion
dbItem.AppContent = JsonConvert.SerializeObject(bufferModel);
dbItem2.AppContent = JsonConvert.SerializeObject(bufferModel2);
db.SaveChanges();
}
//}
}
public static bool HomeNameValid(string homeName)
{
bool homeNameValid = false;
using (HomeM8Entities db = new HomeM8Entities())
{
homeNameValid = db.Homes.FirstOrDefault(home => home.HomeName == homeName) == null;
}
return(homeNameValid);
}
public static string GetWarningString(int id)
{
string warningText = default(string);
using (HomeM8Entities db = new HomeM8Entities())
{
warningText = db.Warnings.FirstOrDefault(each => each.WarningID == id).WarningContent;
}
return((warningText != default(string)) ? warningText : "Beklenmedik hata");
}
public static bool UsernameValid(string username)
{
bool validUsername = false;
using (HomeM8Entities db = new HomeM8Entities())
{
validUsername = db.Users.FirstOrDefault(each => each.Username == username) == null && db.FromRegister.FirstOrDefault(each => each.Username == username) == null;
}
return(validUsername);
}
public static bool EmailValid(string email)
{
bool validEmail = false;
using (HomeM8Entities db = new HomeM8Entities())
{
validEmail = db.Users.FirstOrDefault(each => each.Email == email) == null;
}
return(validEmail);
}
public static bool UserAuthorized(int UserID, int homeId)
{
bool response = false;
using (HomeM8Entities db = new HomeM8Entities())
{
if (db.HomeConnections.Where(each => each.HomeID == homeId).FirstOrDefault(each => each.UserID == UserID) is HomeConnections homeConnection)
{
response = true;
}
}
return(response);
}
static Security()
{
using (HomeM8Entities db = new HomeM8Entities())
{
var sr = new System.IO.StringReader(db.RSA.Take(1).Single().privateKey);
var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
var bufferRSAKey = (RSAParameters)xs.Deserialize(sr);
RSA.ImportParameters(bufferRSAKey);
}
AES.IV = new byte[16];
}
public HttpResponseMessage GetRSAPublicKey()
{
string key;
using (HomeM8Entities db = new HomeM8Entities())
{
key = db.RSA.Take(1).Single().publicKey;
}
return(new HttpResponseMessage()
{
Content = new StringContent(key)
});
}
public static void GenerateRSAKeys()
{
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(2048);
RSAParameters publicKey;
RSAParameters privateKey;
using (HomeM8Entities db = new HomeM8Entities())
{
publicKey = rsaProvider.ExportParameters(false);
privateKey = rsaProvider.ExportParameters(true);
string publicKeyXmlString;
string privateKeyXmlString;
#region Public key
{
var sw = new System.IO.StringWriter();
var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
xs.Serialize(sw, publicKey);
publicKeyXmlString = sw.ToString();
}
#endregion
#region Private Key
{
var sw2 = new StringWriter();
var xs2 = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
xs2.Serialize(sw2, privateKey);
privateKeyXmlString = sw2.ToString();
}
#endregion
db.Database.ExecuteSqlCommand("truncate table [RSA]");
db.RSA.Add(new Models.RSA {
privateKey = privateKeyXmlString.Trim(), publicKey = publicKeyXmlString.Trim()
});
db.SaveChanges();
}
}
public async Task <HttpResponseMessage> LeaveHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variable
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = default(Users);
Homes requestedHome = default(Homes);
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
if (!error)
{
var hc = db.HomeConnections.FirstOrDefault(connection => connection.HomeID == requestedHome.HomeID && connection.UserID == requesterUser.UserID);
db.HomeConnections.Remove(hc);
if (db.HomeConnections.Where(connection => connection.HomeID == requestedHome.HomeID).Count() == 1)
{
db.Homes.Remove(requestedHome);
}
requesterUser.CurrentHome = db.HomeConnections.FirstOrDefault(connection => connection.UserID == requesterUser.UserID).HomeID;
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
internal static Homes GetHomeByHomeID(int homeID, HomeM8Entities db)
{
return(db.Homes.FirstOrDefault(each => each.HomeID == homeID && each.State));
}
public async Task <HttpResponseMessage> GetAccountInfo(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string)
};
Homes currentHome = null;
Users requesterUser = null;
var accountInfo = new
{
HomeName = default(string),
HomeAddress = default(string),
ConnectedHomesInfo = new[]
{
new
{
HomeName = default(string),
HomeID = default(int)
}
}.ToList(),
HomeMembers = default(List <string>),
HomeManager = default(string),
HomeRules = default(List <string>),
HomePermissions = default(List <string>)
};
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else
{
if (requesterUser.CurrentHome != null)
{
currentHome = await db.Homes.FirstOrDefaultAsync(each => each.HomeID == requesterUser.CurrentHome);
var homeUseRules = await db.HomeUseRules.Where(each => each.HomeID == currentHome.HomeID).ToListAsync();
accountInfo = new
{
currentHome.HomeName,
HomeAddress = currentHome.Address,
ConnectedHomesInfo = await db.HomeConnections
.Join(db.Homes, hc => hc.HomeID, h => h.HomeID, (hc, h) => new { hc, h })
.Where(each => each.hc.UserID == requesterUser.UserID && each.hc.State)
.Select(each => new
{
each.h.HomeName,
each.h.HomeID
}).ToListAsync(),
HomeMembers = await db.HomeConnections
.Join(db.Users, hc => hc.UserID, u => u.UserID, (hc, u) => new { hc, u })
.Where(each => each.hc.HomeID == currentHome.HomeID && each.hc.State && each.u.State)
.Select(each => each.u.NameSurname)
.ToListAsync() ?? new List <string>(),
HomeManager = (await db.Users.FirstOrDefaultAsync(each => each.UserID == currentHome.CurManagerUserID)).NameSurname,
HomeRules = homeUseRules.Where(each => each.RuleType == 2).Select(each => each.Detail).ToList(),
HomePermissions = db.HomeUseRules.Where(each => each.RuleType == 1).Select(each => each.Detail).ToList()
};
}
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
accountInfo
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> SetNewPassword(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var cipheredParameters = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var plainParameters = new
{
NewPassword = default(string),
ValidationCode = default(int)
};
byte[] sharedSecret = null;
#endregion
#region Parameter Controls
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre", nameof(username));
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
var requestedUser = db.Users
.Join(db.ForgotPass, u => u.UserID, fp => fp.UserID, (u, fp) => new { u, fp })
.FirstOrDefault(each => each.u.Username == username && each.u.State);
if (requestedUser != null)
{
sharedSecret = requestedUser.u.SharedSecret;
#region Decryption
try
{
string plainJsonString = Security.DecryptAES(sharedSecret, cipheredParameters);
try
{
plainParameters = JsonConvert.DeserializeAnonymousType(plainJsonString, plainParameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
catch
{
responseVal = 8;
responseText = HomeM8.GetWarningString(8);
error = true;
}
#endregion
#region Plain Parameters Control
if (!error)
{
if (string.IsNullOrWhiteSpace(plainParameters.NewPassword))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.NewPassword));
error = true;
}
else
{
if (plainParameters.NewPassword.Length < 6 || plainParameters.NewPassword.Length > 12)
{
responseVal = 3009;
responseText = HomeM8.GetWarningString(3009);
error = true;
}
}
}
#endregion
if (!error)
{
if (requestedUser.fp.ValidationCode == plainParameters.ValidationCode)
{
PBKDF2 hashing = new PBKDF2();
requestedUser.u.Userpass = hashing.Compute(plainParameters.NewPassword);
requestedUser.u.Salt = hashing.Salt;
db.ForgotPass.Remove(requestedUser.fp);
await db.SaveChangesAsync();
}
else
{
responseVal = 10;
responseText = HomeM8.GetWarningString(10);
error = true;
}
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((sharedSecret != null) ? Security.EncryptAES(sharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetValidationCode(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
#region Parameter Control
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
#region Delete Older ForgotPass Requests
{
var dt = DateTime.Now.AddHours(-1);
IEnumerable <ForgotPass> deleteList = db.ForgotPass.Where(each => each.CreateDate < dt);
db.ForgotPass.RemoveRange(deleteList);
await db.SaveChangesAsync();
}
#endregion
if (db.Users.FirstOrDefault(each => each.Username == username && each.State) is Users requestedUser)
{
var ValidationCode = new Random().Next(100000, 999999);
if (db.ForgotPass.FirstOrDefault(each => each.UserID == requestedUser.UserID) is ForgotPass fRequestedUser)
{
if (fRequestedUser.AttemptCount < 3)
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
fRequestedUser.AttemptCount++;
fRequestedUser.ValidationCode = ValidationCode;
}
else
{
//sms fail
}
}
else
{
var dt = DateTime.Now.AddHours(-1);
if (fRequestedUser.CreateDate < dt)
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
fRequestedUser.ValidationCode = ValidationCode;
fRequestedUser.AttemptCount = 1;
fRequestedUser.CreateDate = DateTime.Now;
}
else
{
//sms fail
}
}
else
{
responseVal = 1008;
responseText = HomeM8.GetWarningString(1008);
error = true;
}
}
}
else
{
bool smsSucceeded = true;//send sms(function)
if (smsSucceeded)
{
db.ForgotPass.Add(new ForgotPass
{
UserID = requestedUser.UserID,
ValidationCode = ValidationCode,
AttemptCount = 1,
CreateDate = DateTime.Now
});
}
else
{
//sms fail
}
}
await db.SaveChangesAsync();
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(JsonConvert.SerializeObject(new
{
responseVal,
responseText
}))
});
}
public async Task <HttpResponseMessage> Register(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
string cipheredParameters = Request.Content.ReadAsStringAsync().Result;
#region Method Specific Variables
var plainParameters = new
{
Email = default(string),
Password = default(string),
PhoneNumber = default(string),
NameSurname = default(string)
};
byte[] sharedSecret = null;
#endregion
#region Parameters Control
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(cipheredParameters))
{
responseVal = 1;
responseText = HomeM8.GetWarningString(1);
error = true;
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
if (db.FromRegister.FirstOrDefault(each => each.Username == username) is FromRegister registeredUser)
{
sharedSecret = registeredUser.SharedSecret;
#region Decryption
try
{
string plainJsonString = Security.DecryptAES(registeredUser.SharedSecret, cipheredParameters);
try
{
plainParameters = JsonConvert.DeserializeAnonymousType(plainJsonString, plainParameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
catch (Exception)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(cipheredParameters));
error = true;
}
#endregion
#region Plain Parameters Control
if (!error)
{
if (string.IsNullOrWhiteSpace(plainParameters.Email) &&
string.IsNullOrWhiteSpace(plainParameters.NameSurname) &&
string.IsNullOrWhiteSpace(plainParameters.Password) &&
string.IsNullOrWhiteSpace(plainParameters.PhoneNumber))
{
responseVal = 2008;
responseText = HomeM8.GetWarningString(2008);
error = true;
}
else
{
if (!(new Regex(@"^(?("")("".+?(?<!\\)""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
@"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-0-9a-z]*[0-9a-z]*\.)+[a-z0-9][\-a-z0-9]{0,22}[a-z0-9]))$", RegexOptions.IgnoreCase)
.IsMatch(plainParameters.Email)))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.Email));
error = true;
}
else if (!HomeM8.EmailValid(plainParameters.Email))
{
responseVal = 3008;
responseText = HomeM8.GetWarningString(3008);
error = true;
}
else
{
if (plainParameters.Password.Length < 6 || plainParameters.Password.Length > 12)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.Password));
error = true;
}
else
{
if (plainParameters.PhoneNumber.Length != 10 || plainParameters.PhoneNumber[0] != '5')
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(plainParameters.PhoneNumber));
error = true;
}
}
}
}
}
#endregion
if (!error)
{
PBKDF2 hashing = new PBKDF2();
db.Users.Add(new Users
{
Username = username,
Userpass = hashing.Compute(plainParameters.Password),
Salt = hashing.Salt,
NameSurname = plainParameters.NameSurname,
ContactInfo = plainParameters.PhoneNumber,
Email = plainParameters.Email,
SharedSecret = sharedSecret,
AccessToken = Guid.NewGuid().ToString("N"),
Type = 2,
CreateDate = DateTime.Now,
State = true
});
db.FromRegister.Remove(db.FromRegister.FirstOrDefault(each => each.Username == username));
await db.SaveChangesAsync();
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(Security.EncryptAES(sharedSecret, JsonConvert.SerializeObject(new
{
responseVal,
responseText,
})))
});
}
public static Users GetUserByUsername(string username, HomeM8Entities db)
{
return(db.Users.FirstOrDefault(each => each.Username == username && each.State));
}
public async Task <HttpResponseMessage> GetNotifications(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = null;
Homes requestedHome = null;
var notificationsList = new[]
{
new
{
OwnerNameSurname = default(string),
NotificationMessage = default(string),
NotificationName = default(string),
NotificationCommentCount = default(string),
NotificationType = default(string),
CreateDate = default(string),
ExpectedAnswerRange = default(int)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
}
if (!error)
{
notificationsList = await db.Notifications
.Join(db.NotificationType, n => n.NotificationType, nt => nt.NotificationTypeID, (n, nt) => new { n, nt })
.Join(db.Users, main => main.n.OwnerUserID, u => u.UserID, (main, u) => new { main, u })
.Where(each => each.main.n.HomeID == parameters.HomeID)
.Select(each => new
{
OwnerNameSurname = each.u.NameSurname,
each.main.n.NotificationMessage,
each.main.nt.NotificationName,
NotificationCommentCount = "(" + db.NotificationComments.Where(each2 => each2.NotificationID == each.main.n.NotificationID).Count() + ")",
NotificationType = each.main.nt.NotificationName,
CreateDate = each.main.n.CreateDate.ToString() ?? null,
ExpectedAnswerRange = each.main.n.ExpectedAnswerRange ?? 0
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
notificationsList
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> SendRequestHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variable
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Homes requestedHome = null;
Users requesterUser = null;
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
db.ConnectionRequests.Add(new ConnectionRequests()
{
HomeID = requestedHome.HomeID,
UserID = requesterUser.UserID,
State = true,
CreateDate = DateTime.Now
});
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public HttpResponseMessage GetAppConfiguration(int id)
{
#region App Language Content Template
//AppLanguageModel bufferModel = new AppLanguageModel()
//{
// DecidePageContent = new DecidePageModel()
// {
// HeaderString = "LAUNCH APPLICATION",
// LoginButtonString = "LOGIN",
// RegisterButtonString = "REGISTER"
// },
// ForgotPasswordPageContent = new ForgotPasswordPageModel()
// {
// ThirdGridInformationString = "Please enter your new password.",
// FirstGridInformationString = "We will send a validation code to your phone which is registered in our application.",
// UsernameEntryPlaceholderString = "Username",
// NewPasswordEntryPlaceholderString = "Password",
// RepeatNewPasswordEntryPlaceHolderString = "Password",
// SecondGridValidationString = "Please enter six digit validation code",
// SecondGridValidationEntryPlaceholderString = "Validation Code",
// SendButtonString = "Send"
// },
// LoginPageContent = new LoginPageModel()
// {
// UsernameEntryPlaceholderString = "Username",
// ForgotPasswordButtonString = "Forgot Password",
// LoginButtonString = "Login",
// PasswordEntryPlaceholderString = "Password"
// },
// RegisterPageContent = new RegisterPageModel()
// {
// UsernameEntryPlaceholderString = "Username",
// PasswordEntryPlaceholderString = "Password",
// RepeatPasswordEntryPlaceholderString = "Password",
// EmailEntryPlaceholderString = "E-Mail",
// NameSurnameEntryPlaceholderString = "Name Surname",
// PhoneEntryPlaceholderString = "Cell Phone"
// }
//};
//using (HomeM8Entities db = new HomeM8Entities())
//{
// db.Languages.Add(new Languages { AppContent = JsonConvert.SerializeObject(bufferModel) });
// db.SaveChanges();
//var buffer = JsonConvert.DeserializeObject<AppConfigurationModel>(db.Languages.FirstOrDefault(each => each.LanguageID == 1).AppContent);
//buffer.AppColorConfiguration.AppInfoStringsColor = "#ffffff";
//buffer.AppColorConfiguration.ButtonColor = "#677DAC";
//buffer.AppColorConfiguration.ButtonTextColor = "#ffffff";
//buffer.AppColorConfiguration.InputFrameBorderColor = "#FFFFFF";
//buffer.AppColorConfiguration.LoginEntryBackground = "#839AC4";
//buffer.AppColorConfiguration.PageWrapperColor = "#8DA4CE";
//buffer.AppColorConfiguration.NavigationPrimary = "#0000ff";
//var user = db.Languages.FirstOrDefault(each => each.LanguageID == 1);
//var buffer2 = JsonConvert.DeserializeObject<AppConfigurationModel>(db.Languages.FirstOrDefault(each => each.LanguageID == 2).AppContent);
//buffer2.AppColorConfiguration.AppInfoStringsColor = "#ffffff";
//buffer2.AppColorConfiguration.ButtonColor = "#677DAC";
//buffer2.AppColorConfiguration.ButtonTextColor = "#ffffff";
//buffer2.AppColorConfiguration.InputFrameBorderColor = "#FFFFFF";
//buffer2.AppColorConfiguration.LoginEntryBackground = "#839AC4";
//buffer2.AppColorConfiguration.PageWrapperColor = "#8DA4CE";
//buffer2.AppColorConfiguration.NavigationPrimary = "#0000ff";
//var user2 = db.Languages.FirstOrDefault(each => each.LanguageID == 2);
//user.AppContent = JsonConvert.SerializeObject(buffer);
//user2.AppContent = JsonConvert.SerializeObject(buffer2);
//db.SaveChanges();
//}
#endregion
string languageJsonString = default(string);
using (HomeM8Entities db = new HomeM8Entities())
{
languageJsonString = db.Languages.FirstOrDefault(each => each.LanguageID == id)?.AppContent;
}
return(new HttpResponseMessage()
{
Content = new StringContent(
JsonConvert.SerializeObject(new
{
responseVal = 0,
responseText = "OK",
languageJsonString = languageJsonString ?? ""
}))
});
}
public async Task <HttpResponseMessage> GetHomesByName(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
Thread.Sleep(3000);
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
Substring = default(string)
};
Users requesterUser = null;
var requestedHomes = new[]
{
new
{
HomeName = default(string),
HomeManager = default(string),
PeopleCount = default(int),
HomeID = default(int),
AlreadyRequested = default(bool)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
else
{
if (string.IsNullOrWhiteSpace(parameters.Substring))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.Substring));
error = true;
}
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else
{
requestedHomes = await db.Homes
.Where(each => each.HomeName.Contains(parameters.Substring) && each.State)
.Select(each => new
{
each.HomeName,
HomeManager = db.Users.FirstOrDefault(user => user.UserID == each.CurManagerUserID).NameSurname,
PeopleCount = db.HomeConnections.Where(hc => hc.HomeID == each.HomeID && hc.State).Count(),
each.HomeID,
AlreadyRequested = db.ConnectionRequests.FirstOrDefault(req => req.HomeID == each.HomeID && req.UserID == requesterUser.UserID && req.State) != null
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
requestedHomes
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> Login(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
Users requestedUser = null;
List <int> ConnectedHomes = null;
var parameters = new
{
Password = default(string)
};
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.Password) || string.IsNullOrWhiteSpace(username))
{
responseVal = 1;
responseText = HomeM8.GetWarningString(1);
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requestedUser = db.Users.FirstOrDefault(each => each.Username == username && each.State);
if (requestedUser != null)
{
PBKDF2 hashing = new PBKDF2();
var hashedPassword = hashing.Compute(parameters.Password, requestedUser.Salt);
if (hashedPassword != requestedUser.Userpass)
{
responseVal = 5;
responseText = HomeM8.GetWarningString(5);
error = true;
}
if (!error)
{
ConnectedHomes = db.HomeConnections.Where(each => each.UserID == requestedUser.UserID).Select(each => each.HomeID).ToList();
}
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
nameSurname = requestedUser.NameSurname,
accessToken = requestedUser.AccessToken,
ConnectedHomes,
requestedUser.CurrentHome,
userType = requestedUser.Type //Düzenle
}) :
JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent((requestedUser != null) ? Security.EncryptAES(requestedUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> GetCalendarEvents(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeID = default(int)
};
Users requesterUser = null;
Homes requestedHome = null;
var requestedEvents = new[]
{
new
{
PayerName = default(string),
EventExplanation = default(string),
PaymentAmount = default(decimal),
Paid = default(bool),
ExpectedDate = default(string)
}
}.ToList();
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && parameters.HomeID == 0)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeID));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
requestedHome = HomeM8.GetHomeByHomeID(parameters.HomeID, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (requestedHome == null)
{
responseVal = 3012;
responseText = HomeM8.GetWarningString(3012);
error = true;
}
else
{
if (!HomeM8.UserAuthorized(requesterUser.UserID, requestedHome.HomeID))
{
responseVal = 3013;
responseText = HomeM8.GetWarningString(3013);
error = true;
}
}
if (!error)
{
requestedEvents = await db.CalendarEvents
.GroupJoin(db.Users, ce => ce.PayerUserID, u => u.UserID, (ce, u) => new { ce, u })
.SelectMany(e => e.u.DefaultIfEmpty(), (ce, u) => new { ce.ce, u })
.Where(each => each.ce.HomeID == requestedHome.HomeID)
.Select(each => new
{
PayerName = each.u.NameSurname,
each.ce.EventExplanation,
each.ce.PaymentAmount,
each.ce.Paid,
ExpectedDate = each.ce.ExpectedDate.ToString()
}).ToListAsync();
}
}
}
#endregion
var jsonStringResponse = (responseVal == 0) ?
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
requestedEvents
}) :
JsonConvert.SerializeObject(new
{
responseVal,
responseText,
});
return(new HttpResponseMessage()
{
Content = new StringContent((requesterUser != null) ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public async Task <HttpResponseMessage> EstablishSharedSecret(string username, [FromBody] EstablishSharedSecretParams Parameters, bool fromRegister = false)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
#region Method Specific Variables
string serverPublicKey = default(string);
#endregion
#region Parameter Controls
if (!error)
{
if (string.IsNullOrWhiteSpace(Parameters.publicKey))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(Parameters.publicKey));
error = true;
}
if (string.IsNullOrWhiteSpace(username))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
try
{
#region Handshake
byte[] sharedSecret = null;
ECDHKeyExchange serverECDH = new ECDHKeyExchange();
serverECDH.SetClientXml(Parameters.publicKey);
sharedSecret = serverECDH.GenerateSharedSecret();
serverPublicKey = serverECDH.GetPublicKeyXmlString();
#endregion
using (HomeM8Entities db = new HomeM8Entities())
{
if (fromRegister)
{
#region Delete Older Register Requests
DateTime val = DateTime.Now.AddMinutes(-5);
IEnumerable <FromRegister> deleteList = db.FromRegister.Where(each => each.CreateDate.Value < val);
db.FromRegister.RemoveRange(deleteList);
await db.SaveChangesAsync();
#endregion
if (db.Users.FirstOrDefault(each => each.Username == username) == null)
{
if (db.FromRegister.FirstOrDefault(each => each.Username == username) is FromRegister registerUser)
{
registerUser.SharedSecret = sharedSecret;
registerUser.CreateDate = DateTime.Now;
}
else
{
if (username.Length < 4 || username.Length > 12)
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(username));
error = true;
}
else
{
db.FromRegister.Add(new FromRegister
{
Username = username,
SharedSecret = sharedSecret,
CreateDate = DateTime.Now
});
}
}
await db.SaveChangesAsync();
}
else
{
responseVal = 7;
responseText = HomeM8.GetWarningString(7);
error = true;
}
}
else
{
if (db.Users.FirstOrDefault(each => each.Username == username & each.State) is Users requestUser)
{
requestUser.SharedSecret = sharedSecret;
await db.SaveChangesAsync();
}
else
{
responseVal = 2;
responseText = HomeM8.GetWarningString(2);
error = true;
}
}
}
}
catch (Exception e)
{
responseVal = -5;
responseText = e.Message;
error = true;
}
}
#endregion
return(new HttpResponseMessage()
{
Content = new StringContent(JsonConvert.SerializeObject(new
{
responseVal,
responseText,
ECDHPublicKeyBase64 = (responseVal == 0) ? Convert.ToBase64String(new UTF8Encoding().GetBytes(serverPublicKey)) : null,
ECDHSignedPublicKeyBase64_RSA = (responseVal == 0) ? Security.SignDataRSA(serverPublicKey) : null
})),
});
}
public async Task <HttpResponseMessage> CreateHome(string username)
{
int responseVal = 0;
string responseText = "OK";
bool error = false;
var rawContent = await Request.Content.ReadAsStringAsync();
#region Method Specific Variables
var parameters = new
{
AccessToken = default(string),
HomeName = default(string),
HomeAddress = default(string)
};
Users requesterUser = default(Users);
Homes createdHome = default(Homes);
#endregion
#region Parameter Controls
if (!HomeM8.DecryptionSucceeded(rawContent))
{
responseVal = 3010;
responseText = HomeM8.GetWarningString(3010);
error = true;
}
if (!error)
{
try
{
parameters = JsonConvert.DeserializeAnonymousType(rawContent, parameters);
}
catch
{
responseVal = 6;
responseText = HomeM8.GetWarningString(6);
error = true;
}
}
if (!error)
{
if (string.IsNullOrWhiteSpace(parameters.AccessToken))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.AccessToken));
error = true;
}
if (!error && string.IsNullOrWhiteSpace(parameters.HomeAddress))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeAddress));
error = true;
}
if (!error && string.IsNullOrWhiteSpace(parameters.HomeName))
{
responseVal = 3;
responseText = HomeM8.GetWarningString(3).Replace("#Parametre#", nameof(parameters.HomeName));
error = true;
}
var minNum = 6;
var maxNum = 12;
if (!error && (parameters.HomeName.Length > maxNum || parameters.HomeName.Length < minNum))
{
responseVal = 9;
responseText = HomeM8.GetWarningString(9).Replace("#Parameter#", nameof(parameters.HomeName)).Replace("#smallnumber#", minNum.ToString()).Replace("#bignumber#", maxNum.ToString());
error = true;
}
}
#endregion
#region Main Process
if (!error)
{
using (HomeM8Entities db = new HomeM8Entities())
{
requesterUser = HomeM8.GetUserByAccessToken(parameters.AccessToken, db);
if (requesterUser == null)
{
responseVal = 3011;
responseText = HomeM8.GetWarningString(3011);
error = true;
}
else if (!HomeM8.HomeNameValid(parameters.HomeName))
{
responseVal = 4015;
responseText = HomeM8.GetWarningString(4015);
error = true;
}
if (!error)
{
createdHome = new Homes()
{
CurManagerUserID = requesterUser.UserID,
HomeName = parameters.HomeName,
Address = parameters.HomeAddress,
CreateDate = DateTime.Now,
Joinable = true,
State = true,
};
var hc = new HomeConnections()
{
HomeID = createdHome.HomeID,
UserID = requesterUser.UserID,
CreateDate = DateTime.Now,
State = true,
};
db.Homes.Add(createdHome);
db.HomeConnections.Add(hc);
requesterUser.CurrentHome = createdHome.HomeID;
await db.SaveChangesAsync();
}
}
}
#endregion
var jsonStringResponse = responseVal == 0 ? JsonConvert.SerializeObject(new
{
responseVal,
responseText,
createdHome.HomeID
}) : JsonConvert.SerializeObject(new
{
responseVal,
responseText
});
return(new HttpResponseMessage()
{
Content = new StringContent(requesterUser != null ? Security.EncryptAES(requesterUser.SharedSecret, jsonStringResponse) : jsonStringResponse)
});
}
public static Users GetUserByAccessToken(string accessToken, HomeM8Entities db)
{
return(db.Users.FirstOrDefault(each => each.AccessToken == accessToken && each.State));
}
