/// <summary> /// Attemts to register a new user or authenticate an existing user with the given credentials /// </summary> /// <param name="credentials">User credentials to authenticate</param> /// <param name="register">True if registering a new user, false otherwise</param> /// <returns>UserToken if successful, null otherwise</returns> internal UserToken Authenticate(Credentials credentials, bool register) { int userID; if (register) { // Register a new user if (createUser(credentials.username, credentials.GenerateHash())) userID = GetID(credentials.username); // User was created else return null; // User was not created } else { userID = GetID(credentials.username); if (userID == 0) return null; string hash = getUserHash(userID); if (hash != null && !credentials.Verify(hash)) return null; // Credentials were invalid } // Generate a new authentication token. DateTime expiry = UserToken.GetExpiration(); string token = UserToken.GenerateToken(); storeUserToken(userID, expiry, token); return new UserToken(credentials.username, expiry, token); }