public async Task <HttpResponseMessage> AddExternalUser(dynamic data)
{
int appId = data.appId;
string password = data.password;
string userName = data.userName;
#region checkParameters
if (appId <= 0)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Application id cannot be 0 or negative."));
}
if (string.IsNullOrEmpty(userName))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Username cannot be null or empty."));
}
if (string.IsNullOrEmpty(password))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Password cannot be null or empty."));
}
#endregion
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
using (var userApps = new userappsEntities())
{
userApps.ChangeTracker.DetectChanges();
try
{
var userExists = userApps.users.Any(uau => uau.username.ToLower().Equals(userName.ToLower()) && uau.appid == appId);
if (userExists)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User already exists."));
}
var pwd = await authManger.GeneratePasswordSalt(userName, password);
var user = new user()
{
username = userName, password = pwd, appid = appId
};
userApps.users.Add(user);
await userApps.SaveChangesAsync();
return(Request.CreateResponse <user>(user));
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.ToString()));
}
}
}
public async Task <HttpResponseMessage> RemoveExternalUser(dynamic data)
{
int userId = data.userId;
string extUserName = data.extUserName;
int appId = data.appId;
#region checkParameters
if (userId <= 0)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "External User id cannot be 0 or negative."));
}
if (appId <= 0)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User app id cannot be 0 or negative."));
}
if (string.IsNullOrEmpty(extUserName))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "External Username cannot be null or empty."));
}
#endregion
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
using (var userApps = new userappsEntities())
{
userApps.ChangeTracker.DetectChanges();
try
{
var extUser = userApps.users.Where(uau => uau.iduser ==
userId && uau.username.ToLower().Equals(extUserName.ToLower()) && uau.appid == appId).FirstOrDefault();
if (extUser != null)
{
userApps.users.Remove(extUser);
await userApps.SaveChangesAsync();
return(Request.CreateResponse <user>(extUser));
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "External App user does not exist"));
}
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.ToString()));
}
}
}
public async Task <HttpResponseMessage> AddUserAppUser(dynamic data)
{
using (var userapps = new userappsEntities())
{
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
int systemuserid = data.systemuserid;
int appid = data.appId;
var user = await authManger.IssueToken(systemuserid, appid);
if (user != null)
{
return(Request.CreateResponse(HttpStatusCode.OK, user));
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
String.Format("Database error. Could not create application user.")));
}
}
}
public async Task <HttpResponseMessage> AddSystemAppUser(IncomingData appData)
{
int userId = appData.systemuserid;
int sysappid = appData.appid;
if (userId == 0 || userId <= 0)
{
throw new ArgumentException("You have to pass a systemapp id.", "sysappid");
}
if (sysappid == null || sysappid <= 0)
{
throw new ArgumentException("You have to pass a a valid username", "userId");
}
using (var userapps = new Model.userappsEntities())
{
using (var system = new Model.exgripEntities())
{
if (!userapps.systemapps.Any(a => a.id == sysappid))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
"System application does not exist"));
}
else
{
userapps.ChangeTracker.DetectChanges();
var systemUser = system.UserProfiles.Where(sus => sus.UserId == userId).FirstOrDefault();
var sysAppUser = userapps.systemappusers.Where(us => us.systemuserid == systemUser.UserId).FirstOrDefault();
Model.systemappuser sysAppUserEntry = null;
if (sysAppUser == null)
{
try
{
var password = Membership.GeneratePassword(10, 3);
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
var user = await authManger.IssueTokenSysApp(systemUser.UserName, password, systemUser.UserId, sysappid);
sysAppUserEntry = new Model.systemappuser()
{
systemuserid = systemUser.UserId,
appSecret = user.Secret,
apptoken = user.Token,
appid = sysappid,
securitySoup = user.SecSoup
};
userapps.systemappusers.Add(sysAppUserEntry);
await userapps.SaveChangesAsync();
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
String.Format("Database error. Exception:{1}", ex.Message)));
}
return(Request.CreateResponse <Model.systemappuser>(sysAppUserEntry));
}
else
{
try
{
var password = Membership.GeneratePassword(10, 3);
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
var user = await authManger.IssueTokenSysApp(systemUser.UserName, password, systemUser.UserId, sysappid);
sysAppUser.appSecret = user.Secret;
sysAppUser.apptoken = user.Token;
sysAppUser.securitySoup = user.SecSoup;
await userapps.SaveChangesAsync();
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
String.Format("Database error. Exception:{1}", ex.Message)));
}
return(Request.CreateResponse <Model.systemappuser>(sysAppUser));
}
}
}
}
}
public async Task <HttpResponseMessage> LoginUser(dynamic data)
{
Logging.Logger logger = new Logging.Logger(LogName);
//Generate authentication data
UserAppAuthenticationManager authManger = new Security.UserAppAuthenticationManager();
using (var userApps = new userappsEntities())
{
userApps.ChangeTracker.DetectChanges();
try
{
int appId = data.appId;
string password = data.password;
string userName = data.userName;
#region checkParameters
if (appId <= 0)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Application id cannot be 0 or negative."));
}
if (string.IsNullOrEmpty(userName))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Username cannot be null or empty."));
}
if (string.IsNullOrEmpty(password))
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Password cannot be null or empty."));
}
#endregion
var userAppUser = userApps.users.Where(uau => uau.username.ToLower().Equals(userName.ToLower()) && uau.appid == appId).FirstOrDefault();
if (userAppUser != null)
{
// var userHashValue = String.Format("{0}{1}",userName,DateTime.Now.ToLongDateString());
var pwdMatch = authManger.DoesPasswordMatch(userAppUser.password, password);
if (pwdMatch)
{
await logger.StoreNewLogMessage(new Logging.Message(String.Format("UAPPLOGINSUCCESS for user {0}."
, userName), LogName));
var Message = new LoginStatus()
{
Message = "SUCCESS"
};
return(Request.CreateResponse(HttpStatusCode.OK, Message, Configuration.Formatters.JsonFormatter));
}
else
{
await logger.StoreNewLogMessage(new Logging.Message(String.Format("UAPPLOGINERRO for user {0} Message: {1}."
, userName, "Wrong login data."), LogName));
var Message = new LoginStatus()
{
Message = "FAILURE"
};
return(Request.CreateResponse(HttpStatusCode.OK, Message, Configuration.Formatters.JsonFormatter));
}
}
else
{
await logger.StoreNewLogMessage(new Logging.Message(String.Format("UAPPLOGINERRO for user {0} Message: {1}."
, userName, "No such app user."), LogName));
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User does not exist."));
}
}
catch (Exception ex)
{
logger.StoreNewLogMessage(new Logging.Message(String.Format("APPERROR, METHOD {0} ERROR {1}"
, "LoginUserApp", ex.ToString()), LogName)).Wait();
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.ToString()));
}
}
}
