public LoginModule( IReadOnlyRepository readOnlyRepository, IPasswordEncryptor passwordEncryptor, IUserSessionFactory userSessionFactory) { Post["/login"] = r => { var loginInfo = this.Bind<LoginRequest>(); EncryptedPassword encryptedPassword = passwordEncryptor.Encrypt(loginInfo.Password); try { var user = readOnlyRepository.First<User>( x => x.Email == loginInfo.Email && x.EncryptedPassword == encryptedPassword.Password); if (!user.Activated) return new Response().WithStatusCode(HttpStatusCode.Forbidden); var userSession = userSessionFactory.Create(user); return new SuccessfulLoginResponse<Guid>(userSession.Id, userSession.Expires); } catch (ItemNotFoundException<User> ex) { return new Response().WithStatusCode(HttpStatusCode.Unauthorized); } }; }
public LoginModule(IPasswordEncryptor passwordEncryptor, IReadOnlyRepository readOnlyRepository, IUserSessionFactory userSessionFactory) { Post["/login"] = _ => { var loginInfo = this.Bind<LoginRequest>(); if (loginInfo.Email == null) throw new UserInputPropertyMissingException("Email"); if (loginInfo.Password == null) throw new UserInputPropertyMissingException("Password"); EncryptedPassword encryptedPassword = passwordEncryptor.Encrypt(loginInfo.Password); try { var user = readOnlyRepository.First<User>( x => x.Email == loginInfo.Email && x.EncryptedPassword == encryptedPassword.Password); UserLoginSession userLoginSession = userSessionFactory.Create(user); return new SuccessfulLoginResponse<Guid>(userLoginSession.Id, user.Id, user.Name, userLoginSession.Expires); } catch (ItemNotFoundException<User>) { throw new UnauthorizedAccessException(); } }; }
public LoginModule( IReadOnlyRepository readOnlyRepository, IUserSessionFactory userSessionFactory, IPasswordEncryptor passwordEncryptor) { Post["/login/facebook"] = r => { var loginInfo = this.Bind<FacebookLoginRequest>(); try { var user = readOnlyRepository.First<User>(x => x.FacebookId == loginInfo.FacebookId); //if (!user.Verified) return new Response().WithStatusCode(HttpStatusCode.Forbidden); UserSession userSession = userSessionFactory.Create(user); return new SuccessfulLoginResponse<Guid>(userSession.Id, userSession.Expires); } catch (ItemNotFoundException<User> ex) { return new Response().WithStatusCode(HttpStatusCode.Unauthorized); } }; Post["/login"] = r => { var loginInfo = this.Bind<BasicLoginRequest>(); if (loginInfo.Email == null) throw new UserInputPropertyMissingException("Email"); if (loginInfo.Password == null) throw new UserInputPropertyMissingException("Password"); EncryptedPassword encryptedPassword = passwordEncryptor.Encrypt(loginInfo.Password); try { var user = readOnlyRepository.First<User>( x => x.Email == loginInfo.Email && x.EncryptedPassword == encryptedPassword.Password); //if (!user.Activated) throw new ForbiddenRequestException(); UserSession userSession = userSessionFactory.Create(user); return new SuccessfulLoginResponse<Guid>(userSession.Id, userSession.Expires); } catch (ItemNotFoundException<User>) { throw new UnauthorizedAccessException(); } }; Post["/logout"] = r => { var loginInfo = this.Bind<FacebookLoginRequest>(); try { var session = readOnlyRepository.First<UserSession>(x => x.User.FacebookId == loginInfo.FacebookId); userSessionFactory.Delete(session.Id); return new Response().WithStatusCode(HttpStatusCode.OK); } catch (ItemNotFoundException<UserSession> ex) { return new Response().WithStatusCode(HttpStatusCode.Unauthorized); } }; }
public LoginModule(IPasswordEncryptor passwordEncryptor, IReadOnlyRepository readOnlyRepository, IUserSessionFactory userSessionFactory, IMenuProvider menuProvider) { Post["/login"] = _ => { var loginInfo = this.Bind <LoginRequest>(); if (loginInfo.Email == null) { throw new UserInputPropertyMissingException("Email"); } if (loginInfo.Password == null) { throw new UserInputPropertyMissingException("Password"); } EncryptedPassword encryptedPassword = passwordEncryptor.Encrypt(loginInfo.Password); try { var user = readOnlyRepository.First <UserEmailLogin>( x => x.Email == loginInfo.Email && x.EncryptedPassword == encryptedPassword.Password); if (!user.IsActive) { throw new DisableUserAccountException(); } UserLoginSession userLoginSession = userSessionFactory.Create(user); return(new SuccessfulLoginResponse <Guid>(userLoginSession.Id, user.Name, userLoginSession.Expires, menuProvider.getFeatures(userLoginSession.GetClaimsAsArray()))); } catch (ItemNotFoundException <UserEmailLogin> ) { throw new UnauthorizedAccessException("Invalid email address or password. Please try again."); } catch (DisableUserAccountException) { throw new UnauthorizedAccessException("Your account has been disabled. Please contact your administrator for help."); } }; Post["/login/facebook"] = _ => { var loginInfo = this.Bind <LoginSocialRequest>(); if (loginInfo.Email == null) { throw new UserInputPropertyMissingException("Email"); } if (loginInfo.Id == null) { throw new UserInputPropertyMissingException("Social Id"); } try { var user = readOnlyRepository.First <UserFacebookLogin>( x => x.Email == loginInfo.Email && x.FacebookId == loginInfo.Id); if (!user.IsActive) { throw new DisableUserAccountException(); } UserLoginSession userLoginSession = userSessionFactory.Create(user); return(new SuccessfulLoginResponse <Guid>(userLoginSession.Id, user.Name, userLoginSession.Expires, menuProvider.getFeatures(userLoginSession.GetClaimsAsArray()))); } catch (ItemNotFoundException <UserEmailLogin> ) { throw new UnauthorizedAccessException("Invalid facebook user, you need to register first."); } catch (DisableUserAccountException) { throw new UnauthorizedAccessException("Your account has been disabled. Please contact your administrator for help."); } }; Get["/roles"] = _ => { this.RequiresAuthentication(); return(Response.AsJson(menuProvider.getAllFeatures())); }; Post["/login/google"] = _ => { var loginInfo = this.Bind <LoginSocialRequest>(); if (loginInfo.Email == null) { throw new UserInputPropertyMissingException("Email"); } if (loginInfo.Id == null) { throw new UserInputPropertyMissingException("Social Id"); } try { var user = readOnlyRepository.First <UserGoogleLogin>( x => x.Email == loginInfo.Email && x.GoogleId == loginInfo.Id); if (!user.IsActive) { throw new DisableUserAccountException(); } UserLoginSession userLoginSession = userSessionFactory.Create(user); return(new SuccessfulLoginResponse <Guid>(userLoginSession.Id, user.Name, userLoginSession.Expires, menuProvider.getFeatures(userLoginSession.GetClaimsAsArray()))); } catch (ItemNotFoundException <UserEmailLogin> ) { throw new UnauthorizedAccessException("Invalid google user, you need to register first."); } catch (DisableUserAccountException) { throw new UnauthorizedAccessException("Your account has been disabled. Please contact your administrator for help."); } }; }
public UserAccountModule(IUserAbilityRepository abilityReadRepo, ICommandDispatcher commandDispatcher, IPasswordEncryptor passwordEncryptor, IMapper mapper, IUserSessionFactory userSessionFactory) { Post["/register", true] = async(a, ct) => { var req = this.Bind <NewUserRequest>(); IEnumerable <UserAbility> abilities = mapper.Map <IEnumerable <UserAbilityRequest>, IEnumerable <UserAbility> >(req.Abilities); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new CreateEmailLoginUser(req.Email, passwordEncryptor.Encrypt(req.Password), req.Name, req.PhoneNumber, abilities)); return(null); }; Post["/register/facebook", true] = async(a, ct) => { var req = this.Bind <FacebookRegisterRequest>(); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new CreateFacebookLoginUser(req.id, req.email, req.first_name, req.last_name, req.link, req.name, req.url_image)); return(null); }; Post["/register/google", true] = async(a, ct) => { var req = this.Bind <GoogleRegisterRequest>(); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new CreateGoogleLoginUser(req.id, req.email, req.name.givenName, req.name.familyName, req.url, req.displayName, req.image.url)); return(null); }; Post["/password/requestReset", true] = async(a, ct) => { var req = this.Bind <ResetPasswordRequest>(); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new StartPasswordResetProcess(req.Email)); return(null); }; Put["/password/reset/{token}", true] = async(a, ct) => { var newPasswordRequest = this.Bind <NewPasswordRequest>(); Guid token = Guid.Parse((string)a.token); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new ResetPassword(token, passwordEncryptor.Encrypt(newPasswordRequest.Password))); return(null); }; Post["/user/abilites", true] = async(a, ct) => { var requestAbilites = this.Bind <UserAbilitiesRequest>(); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new AddAbilitiesToUser(requestAbilites.UserId, requestAbilites.Abilities.Select(x => x.Id))); return(null); }; Get["/abilities", true] = async(_, c) => { IEnumerable <UserAbility> abilites = await abilityReadRepo.GetAll(); IEnumerable <UserAbilityRequest> mappedAbilites = mapper .Map <IEnumerable <UserAbility>, IEnumerable <UserAbilityRequest> >( abilites); return(mappedAbilites); }; }
public AdminModule(IUserRepository readOnlyRepository, IMapper mapper, ICommandDispatcher commandDispatcher, IUserSessionFactory userSessionFactory) { Get["/users", true] = async(a, c) => { this.RequiresClaims(new[] { "Administrator" }); var request = this.Bind <AdminUsersRequest>(); ParameterExpression parameter = Expression.Parameter(typeof(User), "User"); Expression <Func <User, object> > mySortExpression = Expression.Lambda <Func <User, object> >(Expression.Property(parameter, request.Field), parameter); IQueryable <User> users = (await readOnlyRepository.Query <User>(x => x.Name != Context.CurrentUser.UserName)) .AsQueryable(); IOrderedQueryable <User> orderedUsers = users.OrderBy(mySortExpression); IQueryable <User> pagedUsers = orderedUsers.Skip(request.PageSize * (request.PageNumber - 1)).Take(request.PageSize); List <AdminUserResponse> usersList = mapper .Map <IQueryable <User>, IEnumerable <AdminUserResponse> >(pagedUsers).ToList(); return(usersList); }; Put["/users/{userId:guid}/enable", true] = async(p, c) => { this.RequiresClaims(new[] { "Administrator" }); Guid userId = Guid.Parse((string)p.userId); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new EnableUser(userId)); return(null); }; Put["/users/{userId:guid}/disable", true] = async(p, c) => { this.RequiresClaims(new[] { "Administrator" }); Guid userId = Guid.Parse((string)p.userId); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new DisableUser(userId)); return(null); }; Get["/users/{userId:guid}", true] = async(p, c) => { this.RequiresClaims(new[] { "Administrator" }); Guid userId = Guid.Parse((string)p.userId); User user = await readOnlyRepository.GetById <User>(userId); AdminUserResponse mappedUser = mapper .Map <User, AdminUserResponse>(user); return(mappedUser); }; Put["/users/{userId:guid}", true] = async(p, c) => { this.RequiresClaims(new[] { "Administrator" }); var request = this.Bind <AdminUpdateUserRequest>(); Guid userId = Guid.Parse((string)p.userId); await commandDispatcher.Dispatch(userSessionFactory.Create(Context.CurrentUser), new UpdateUserProfile(userId, request.Name, request.Email)); return(null); }; }