public ActionResult AddUserToRole(AddUserToRoleRequest req) { try { string roleName = req.roleName; int userId = req.userId; var cookie = HttpContext.Current.Request.Cookies["sid"]; if (cookie == null) { throw new WrongOrExpiredToken(); } string token = HttpContext.Current.Request.Cookies["sid"].Value; if (String.IsNullOrWhiteSpace(token)) { throw new WrongOrExpiredToken(); } UserInfoExtended info = _authProvider.AuthenticateByToken(token); if (!info.Roles.Contains("ADMIN")) { throw new UnauthorizedAccessException("User has to be admin to perform this action."); } _mngr.AddUserToRole(roleName, userId); _ctx.OutgoingResponse.StatusCode = HttpStatusCode.OK; return(new ActionResult { Message = "User is added to specified role." }); } catch (UnauthorizedAccessException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.Unauthorized); } catch (SSOBaseException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, e.StatusCode); } catch (Exception e) { var myf = new MyFault { Details = "There has been an error while performing AddUserToRole action." }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError); } }
public ActionResult ChangePassword(ChangePasswordRequest pwModel) { try { var cookie = HttpContext.Current.Request.Cookies["sid"]; if (cookie == null) { throw new WrongOrExpiredToken(); } string token = HttpContext.Current.Request.Cookies["sid"].Value; if (String.IsNullOrWhiteSpace(token)) { throw new WrongOrExpiredToken(); } UserInfoExtended info = _authProvider.AuthenticateByToken(token); if (!info.Roles.Contains("ADMIN")) { throw new UnauthorizedAccessException("User has to be admin to perform this action."); } _mngr.ChangePassword(pwModel); return(new ActionResult { Message = "Password changed." }); } catch (UnauthorizedAccessException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.Unauthorized); } catch (SSOBaseException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, e.StatusCode); } catch (Exception) { var myf = new MyFault { Details = "There has been an error while changePassword action." }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError); } }
public AuthResponse Auth() { try { var cookie = HttpContext.Current.Request.Cookies["sid"]; if (cookie == null) { throw new WrongOrExpiredToken(); } string token = HttpContext.Current.Request.Cookies["sid"].Value; if (String.IsNullOrWhiteSpace(token)) { throw new WrongOrExpiredToken(); } return(_identityMngr.Auth(token)); } catch (WrongOrExpiredToken e) { // unset cookie var current = HttpContext.Current.Request.Cookies["sid"]; if (current != null) { HttpContext.Current.Response.Cookies.Remove("sid"); current.Value = null; current.Expires = DateTime.Now.AddDays(-10); current.HttpOnly = true; HttpContext.Current.Response.SetCookie(current); } var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, e.StatusCode); } catch (SSOBaseException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, e.StatusCode); } catch (Exception e) { var myf = new MyFault { Details = "There has been an error in authorization process." }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError); } }
public AuthResponse Auth(string token) { try { return(_mngr.Auth(token)); } catch (SSOBaseException e) { var myf = new MyFault { Details = e.Message }; throw new WebFaultException <MyFault>(myf, e.StatusCode); } catch (Exception) { var myf = new MyFault { Details = "There has been an error in authorization process." }; throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError); } }