public BaseModule(string modulePath, IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes) : base(modulePath) { ErrorCodes = errorCodes; _dataStore = dataStore; _trackingUsers = trackingUsers; }
public TrackingGroupModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingGroups trackingGroups, ErrorCodes errorCodes) : base("/tracking/group", dataStore, trackingUsers, errorCodes) { _trackingGroups = trackingGroups; Before += ctx => { var user = Context.CurrentUser as UserIdentity; return(user == null ? ErrorResponse(HttpStatusCode.Unauthorized, "Invalid access token! Please login to obtain a new access token.") : null); }; Get["/{groupid}"] = parameters => { string groupId = parameters.groupId; if (groupId == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } var trackingGroup = _trackingGroups.Get(groupId); if (trackingGroup == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } if (trackingGroup.Expires <= DateTime.Now) { return(ErrorResponse(HttpStatusCode.Forbidden, "Session has expired!")); } return(Response.AsJson(trackingGroup)); }; }
public PositionModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingSessions trackingSessions, ErrorCodes errorCodes) : base("/position", dataStore, trackingUsers, errorCodes) { _trackingSessions = trackingSessions; Before += ctx => { var user = Context.CurrentUser as UserIdentity; return(user == null ? ErrorResponse(HttpStatusCode.Unauthorized, "Invalid access token! Please login to obtain a new access token.") : null); }; Post["/{sessionId}"] = parameters => { var user = Context.CurrentUser as UserIdentity; if (user == null) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } Response response; if (!CheckSaveRetention(SessionCache, out response)) { return(response); } string sessionId = parameters.sessionId; if (sessionId == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } var trackingPosition = this.Bind <TrackingPosition>(); var trackingSession = _trackingSessions.Get(sessionId); if (trackingSession.UserId != user.UserId) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } trackingSession.Positions.Add(trackingPosition); _trackingSessions.Update(trackingSession); return(Response.AsJson(trackingPosition)); }; }
public void TestTrackiflyUsers() { // Use IOC instead... const string connectionString = "mongodb://localhost"; var client = new MongoClient(connectionString); var server = client.GetServer(); var database = server.GetDatabase("test"); var dataStore = new MongoDataStore(database); var j = 1; var users = new TrackingUsers(dataStore, new PasswordManager()); for (int i = 0; i < 100; i++) { users.Add(string.Format("test{0}", j++), "test", "*****@*****.**"); users.Add(string.Format("test{0}", j++), "test", "*****@*****.**"); users.Add(string.Format("test{0}", j++), "test", "*****@*****.**"); } }
public LoginModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes, PasswordManager passwordManager) : base("/login", dataStore, trackingUsers, errorCodes) { _trackingUsers = trackingUsers; _passwordManager = passwordManager; Post["/"] = parameters => { Response response; if (!CheckSaveRetention(SessionCache, out response)) { return(response); } var loginModel = this.Bind <LoginModel>(); var trackingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == loginModel.Username); if (trackingUser == null) { return(ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!")); } var password = loginModel.Password; var passwordSalt = trackingUser.Salt; var passwordHash = trackingUser.Password; var confirmPassword = _passwordManager.ConfirmPassword(password, passwordHash, passwordSalt); if (confirmPassword) { trackingUser.AccessToken = new AccessToken(Guid.NewGuid().ToString()); _trackingUsers.Update(trackingUser); } return(confirmPassword ? Response.AsJson(trackingUser.AccessToken) : ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!")); }; }
public UserModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes, PasswordManager passwordManager) : base("/user", dataStore, trackingUsers, errorCodes) { _trackingUsers = trackingUsers; _passwordManager = passwordManager; Get["/{page?}/{take?}"] = parameters => { int page; int take; page = int.TryParse(parameters.Page, out page) ? page : 0; take = int.TryParse(parameters.Take, out take) ? take : 10; var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null) { return(HttpStatusCode.Unauthorized); } this.RequiresClaims(new[] { "Admin" }); var users = _trackingUsers.Query().Skip(page * take).Take(take).ToList(); return(currentUser.Claims.All(x => x != "Admin") ? HttpStatusCode.Unauthorized : Response.AsJson(users)); }; Get["/{userId}"] = parameters => { var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null || currentUser.AccessToken == null || string.IsNullOrWhiteSpace(currentUser.AccessToken.Token)) { return(HttpStatusCode.Unauthorized); } string userId = parameters.UserId; var accessToken = currentUser.AccessToken; this.RequiresClaims(new[] { "Admin" }); var user = _trackingUsers.Get(userId); if (currentUser.Claims.All(x => x != "Admin")) { if (user == null || user.AccessToken == null || user.AccessToken.Token != accessToken.Token) { return(HttpStatusCode.Unauthorized); } } return(user == null ? (dynamic) new BasicResponseModel((int)HttpStatusCode.NotFound, "User not found!") : Response.AsJson(user)); }; Get["/availability/{username}"] = parameters => { string username = parameters.Username; var user = _trackingUsers.Query().FirstOrDefault(x => x.Username == username); var response = user == null ? new BasicResponseModel(0, "") : new BasicResponseModel(0, "User already exists!"); return(Response.AsJson(response)); }; Get["/availability/email/{email}"] = parameters => { string email = parameters.Email; var user = _trackingUsers.Query().FirstOrDefault(x => x.Email == email); var response = user == null ? new BasicResponseModel(0, "") : new BasicResponseModel(0, "Email is already registered!"); return(Response.AsJson(response)); }; Post["/"] = _ => { var model = this.Bind <UserModel>(); if (model == null) { return(ErrorResponse(HttpStatusCode.BadRequest, "Unknown request. Please provide a username and password.")); } var existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == model.Username); if (existingUser != null) { return(ErrorResponse(HttpStatusCode.Conflict, "Username already exists!")); } existingUser = _trackingUsers.Query().FirstOrDefault(x => x.Email == model.Email); if (existingUser != null) { return(ErrorResponse(HttpStatusCode.Conflict, "E-mail is already registered!")); } var salt = Encoding.UTF8.GetBytes(Guid.NewGuid().ToString()); var hashPassword = _passwordManager.HashPassword(model.Password, salt); var user = new TrackingUser(model.Username, hashPassword, salt) { Name = model.Name, Email = model.Email, }; _trackingUsers.Add(user); return(Response.AsJson(new UserModel(user), HttpStatusCode.Created)); }; Delete["/{id}"] = parameters => { string id = parameters.Id; var currentUser = Context.CurrentUser as UserIdentity; if (currentUser == null) { return(HttpStatusCode.Unauthorized); } var accessToken = currentUser.AccessToken; this.RequiresClaims(new[] { "Admin" }); var user = _trackingUsers.Get(id); if (currentUser.Claims.All(x => x != "Admin")) { if (user.AccessToken == null || user.AccessToken.Token != accessToken.Token) { return(HttpStatusCode.Unauthorized); } } if (user == null) { return(HttpStatusCode.NotFound); } _trackingUsers.Delete(id); return(HttpStatusCode.OK); }; }
public TrackingModule(IDataStore dataStore, TrackingUsers trackingUsers, TrackingSessions trackingSessions, ErrorCodes errorCodes) : base("/tracking", dataStore, trackingUsers, errorCodes) { Before += ctx => { var user = Context.CurrentUser as UserIdentity; return(user == null ? ErrorResponse(HttpStatusCode.Unauthorized, "Invalid access token! Please login to obtain a new access token.") : null); }; _trackingSessions = trackingSessions; Get["/{sessionid}"] = parameters => { var user = Context.CurrentUser as UserIdentity; string sessionId = parameters.sessionId; if (sessionId == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } var trackingSession = _trackingSessions.Get(sessionId); if (trackingSession == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } if (user == null || trackingSession.UserId != user.UserId) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } if (trackingSession.Expires <= DateTime.Now) { return(ErrorResponse(HttpStatusCode.Forbidden, "Session has expired!")); } return(Response.AsJson(trackingSession)); }; Post["/"] = parameters => { var user = Context.CurrentUser as UserIdentity; if (user == null) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } Response response; if (!CheckSaveRetention(SessionCache, out response)) { return(response); } var trackingSession = this.Bind <TrackingSession>(); trackingSession.UserId = user.UserId; _trackingSessions.Add(trackingSession); return(Response.AsJson(trackingSession)); }; Put["/{sessionid}"] = parameters => { var user = Context.CurrentUser as UserIdentity; if (user == null) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } Response response; if (!CheckSaveRetention(SessionCache, out response)) { return(response); } string sessionId = parameters.sessionId; if (sessionId == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } var trackingSession = this.Bind <TrackingSession>(); trackingSession.Id = sessionId; trackingSession.UserId = user.UserId; _trackingSessions.Update(trackingSession); return(Response.AsJson(trackingSession)); }; Delete["/{sessionid}"] = parameters => { var user = Context.CurrentUser as UserIdentity; if (user == null) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } string sessionId = parameters.sessionId; if (sessionId != null) { var trackingSession = _trackingSessions.Get(sessionId); if (trackingSession == null) { return(ErrorResponse(HttpStatusCode.NotFound)); } if (trackingSession.UserId != user.UserId) { return(ErrorResponse(HttpStatusCode.Unauthorized)); } _trackingSessions.Delete(sessionId); return(ErrorResponse(HttpStatusCode.OK, string.Format("Tracking session '{0}' including all its positions is removed.", sessionId))); } return(ErrorResponse(HttpStatusCode.BadRequest)); }; }