public TokenData Authorize(string username, string password)
{
BusinessPrincipal.Login(username, password);
var result = new TokenData();
var token = new Token();
var tokenRepository = new TokenRepository();
token.Key = Guid.NewGuid().ToString().ToUpper();
token.UserName = username;
token.CreatedDate = DateTime.Now;
token.ExpirationDate = DateTime.Now.AddMinutes(30);
tokenRepository.AddToken(token);
result.Key = token.Key;
return result;
}
private void ValidateToken(string key)
{
var tokenRepository = new TokenRepository();
var token = tokenRepository.GetToken(key);
if (token == null)
{
throw new WebFaultException<string>(
string.Format("The token '{0}' is no longer valid.", key), HttpStatusCode.BadRequest);
}
if (token.CreatedDate.AddDays(1) <= DateTime.Now
|| DateTime.Now >= token.ExpirationDate)
{
tokenRepository.DeleteToken(token);
throw new WebFaultException<string>(
string.Format("The token '{0}' has expired.", key), HttpStatusCode.BadRequest);
}
token.ExpirationDate = DateTime.Now.AddMinutes(30);
tokenRepository.UpdateToken(token);
}
private void Login(string key)
{
var tokenRepository = new TokenRepository();
var token = tokenRepository.GetToken(key);
BusinessPrincipal.LoadPrincipal(token.UserName);
}