public void UpdatePassword(string oldPassword, string newPassword, string confirmNewPassword)
{
if (newPassword != confirmNewPassword)
{
throw new Exceptions.InvalidDataException("New password and confirm new password do not match.");
}
var login = new LibLogic.Login(details.Email, oldPassword);
login.Execute();
if (!login.LoggedIn)
{
throw new Exceptions.InvalidDataException("Invalid old password");
}
var pwd = new CreatePasswords(newPassword, details.FirstName + details.LastName);
using (var cn = LibLogic.Setup.DbFactory)
{
cn.Open();
details.Password = pwd.Password;
details.Salt = pwd.Salt;
cn.Update(details);
}
}
public void InvalidPasswordLogin()
{
var login = new LibLogic.Login(this.emailAddress, "wrong password");
login.Execute();
Assert.That(login.LoggedIn, Is.False);
Assert.That(login.IsAdmin, Is.False);
Assert.That(login.Username, Is.EqualTo(this.emailAddress));
Assert.That(login.UserId, Is.EqualTo(-1));
}
public void InvalidUsernameLogin()
{
var login = new LibLogic.Login("hithere", this.password);
login.Execute();
Assert.That(login.LoggedIn, Is.False);
Assert.That(login.IsAdmin, Is.False);
Assert.That(login.Username, Is.EqualTo("hithere"));
Assert.That(login.UserId, Is.EqualTo(-1));
}
public void CanLogin()
{
var login = new LibLogic.Login(emailAddress, this.password);
login.Execute();
System.Console.WriteLine(login.LoggedIn);
Assert.That(login.LoggedIn, Is.True);
System.Console.WriteLine(login.IsAdmin);
Assert.That(login.IsAdmin, Is.False);
System.Console.WriteLine(login.Username);
Assert.That(login.Username, Is.EqualTo(emailAddress));
System.Console.WriteLine(login.UserId);
Assert.That(login.UserId, Is.EqualTo(this.userid));
}
public void ProcessRequest(HttpContext context)
{
string password = Helpers.GlobalHelper.RequestEncodedParam("password");
string username = Helpers.GlobalHelper.RequestEncodedParam("username");
var login = new LibLogic.Login(username, password);
try
{
login.Execute();
}
catch (LibLogic.Exceptions.InvalidDataException ex)
{
context.Response.StatusCode = (int)System.Net.HttpStatusCode.InternalServerError;
return;
}
Helpers.SessionVariables.Instance.LoggedIn = login.LoggedIn;
Helpers.SessionVariables.Instance.Username = username;
Helpers.SessionVariables.Instance.UserId = login.UserId;
Helpers.SessionVariables.Instance.IsAdmin = login.IsAdmin;
if (Helpers.SessionVariables.Instance.LoggedIn)
{
// if payments have expired or were never setup prompt the user
// to setup payments
var paymets = new LibLogic.Payments.Payment(Helpers.SessionVariables.Instance.UserId);
if (paymets.IsExpired())
{
context.Response.StatusCode = 250;
}
else
{
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
}
else
{
context.Response.StatusCode = (int)System.Net.HttpStatusCode.Forbidden;
}
}
public ContentResult Auth()
{
// LibLogic.DTO.ApiAuthResponse results;
try
{
if (!HttpContext.Request.Headers.AllKeys.Contains("Authorization", StringComparer.OrdinalIgnoreCase))
{
HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Forbidden;
return(Content("Authorization not sent"));
}
string authHeader = HttpContext.Request.Headers["Authorization"];
var creds = ParseAuthHeader(authHeader);
var login = new LibLogic.Login(creds[0], creds[1]);
try
{
login.Execute();
}
catch (LibLogic.Exceptions.InvalidDataException ex)
{
HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.InternalServerError;
LibLogic.Helpers.Logging.Log(ex);
return(Content("InternalServerError"));
}
if (!login.LoggedIn)
{
HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.Forbidden;
return(Content("Unauthorized"));
}
sessionVars.LoggedIn = login.LoggedIn;
sessionVars.IsAdmin = login.IsAdmin;
sessionVars.UserId = login.UserId;
sessionVars.Username = login.Username;
var toks = new LibLogic.Accounts.UserApiTokens();
var tokData = toks.Retrieve(login.UserId);
var results = new LibLogic.DTO.ApiAuthResponse()
{
Token1 = tokData.Token1,
Token2 = tokData.Token2,
Token1ExpireUtc = tokData.Token1ExpireTime,
Token2ExpireUtc = tokData.Token2ExpireTime,
UserId = sessionVars.UserId
};
var json = Newtonsoft.Json.JsonConvert.SerializeObject(results);
HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
return(Content(json));
}
catch (Exception ex)
{
Response.StatusCode = (int)System.Net.HttpStatusCode.InternalServerError;
LibLogic.Helpers.Logging.Log(ex);
return(Content("InternalServerError"));
}
}