diff options
| author | Roy Ben Shabat <Roy.mail.net@gmail.com> | 2020-01-19 00:30:23 +0200 |
|---|---|---|
| committer | Roy Ben Shabat <Roy.mail.net@gmail.com> | 2020-01-19 00:30:23 +0200 |
| commit | b9c104e259ca24d2ae7ca82387209779fefddd34 (patch) | |
| tree | 2da044a8b7ebe835363145a739ed09561e5460bd /Software/Visual_Studio/Web/Tango.MachineService/Controllers | |
| parent | 6ec4f8acc13384edb04b96c01c3e87b7681304d7 (diff) | |
| download | Tango-b9c104e259ca24d2ae7ca82387209779fefddd34.tar.gz Tango-b9c104e259ca24d2ae7ca82387209779fefddd34.zip | |
Implemented machine studio connection via access token WORKING!.
Implemented machine studio login method selection.
Diffstat (limited to 'Software/Visual_Studio/Web/Tango.MachineService/Controllers')
| -rw-r--r-- | Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs | 181 |
1 files changed, 106 insertions, 75 deletions
diff --git a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs index da5ce16f7..0fd116361 100644 --- a/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs +++ b/Software/Visual_Studio/Web/Tango.MachineService/Controllers/MachineStudioController.cs @@ -286,20 +286,9 @@ namespace Tango.MachineService.Controllers public LoginResponse Login(LoginRequest request) { AuthenticationResult authResult = null; - - try - { - authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password); - } - catch (Exception ex) - { - throw new AuthenticationException(ex.FlattenMessage()); - } - - if (!_ad_manager.CanUserAccessCurrentEnvironment(request.Email)) - { - throw new AuthenticationException($"You do not have permissions to access the {MachineServiceConfig.DEPLOYMENT_SLOT.ToDescription()} environment."); - } + User user = null; + DataSource dataSource = null; + IHashGenerator hash = new BasicHashGenerator(); Version client_version; @@ -310,84 +299,122 @@ namespace Tango.MachineService.Controllers bool versionChangeRequired = false; String requiredVersion = null; + bool isPasswordOK = false; - User user = null; - - using (ObservablesContext db = ObservablesContextHelper.CreateContext()) + try { - db.Roles.ToList(); - db.Permissions.ToList(); - db.UsersRoles.ToList(); - db.RolesPermissions.ToList(); + authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password); + isPasswordOK = true; + } + catch {} - user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower()).WithRolesAndPermissions().WithDeleted().Build(); + //Login via Active Directory + if (request.Method == LoginMethod.ActiveDirectory) + { + try + { + authResult = _ad_manager.ValidateUserCredentials(request.Email, request.Password); + } + catch (Exception ex) + { + throw new AuthenticationException(ex.FlattenMessage()); + } - IHashGenerator g = new BasicHashGenerator(); + if (!_ad_manager.CanUserAccessCurrentEnvironment(request.Email)) + { + throw new AuthenticationException($"You do not have permissions to access the {MachineServiceConfig.DEPLOYMENT_SLOT.ToDescription()} environment."); + } - if (user == null) + using (ObservablesContext db = ObservablesContextHelper.CreateContext()) { - //Than add the user !! - User new_user = new User(); - new_user.Email = request.Email; - new_user.Password = g.Encrypt(request.Password); - new_user.Organization = db.Organizations.Include(x => x.Address).Single(x => x.Name == "Twine"); - new_user.Address = new_user.Organization.Address.Clone(); - new_user.Contact = new Contact() - { - FirstName = authResult.UserInfo.GivenName, - LastName = authResult.UserInfo.FamilyName, - FullName = authResult.UserInfo.GivenName + " " + authResult.UserInfo.FamilyName, - Email = request.Email, - }; + db.Roles.ToList(); + db.Permissions.ToList(); + db.UsersRoles.ToList(); + db.RolesPermissions.ToList(); - db.UsersRoles.Add(new UsersRole() - { - User = new_user, - Role = db.Roles.Single(x => (Roles)x.Code == Roles.User), - }); + user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower()).WithRolesAndPermissions().WithDeleted().Build(); - db.UsersRoles.Add(new UsersRole() + if (user == null) { - User = new_user, - Role = db.Roles.Single(x => (Roles)x.Code == Roles.MachineStudioUser), - }); + user = new User(); + user.Email = request.Email; + user.Password = hash.Encrypt(request.Password); + user.Organization = db.Organizations.Include(x => x.Address).Single(x => x.Name == "Twine"); + user.Address = user.Organization.Address.Clone(); + user.Contact = new Contact() + { + FirstName = authResult.UserInfo.GivenName, + LastName = authResult.UserInfo.FamilyName, + FullName = authResult.UserInfo.GivenName + " " + authResult.UserInfo.FamilyName, + Email = request.Email, + }; - new_user.LastLogin = DateTime.UtcNow; - db.Users.Add(new_user); - } - else - { - if (user.Deleted) + db.UsersRoles.Add(new UsersRole() + { + User = user, + Role = db.Roles.Single(x => (Roles)x.Code == Roles.User), + }); + + db.UsersRoles.Add(new UsersRole() + { + User = user, + Role = db.Roles.Single(x => (Roles)x.Code == Roles.MachineStudioUser), + }); + + user.Password = hash.Encrypt(request.Password); + + db.Users.Add(user); + } + else { - throw new AuthenticationException("Your account has been disabled. Please contact your administrator."); + if (user.Deleted) + { + throw new AuthenticationException("Your account has been disabled. Please contact your administrator."); + } } user.LastLogin = DateTime.UtcNow; - user.Password = g.Encrypt(request.Password); + + db.SaveChanges(); } - db.SaveChanges(); + dataSource = new DataSource() + { + Address = MachineServiceConfig.DB_ADDRESS, + Catalog = MachineServiceConfig.DB_CATALOG, + Type = Core.DataSourceType.Azure, + IntegratedSecurity = false, + UserName = request.Email, + Password = request.Password, + }; + } + //Login via Database standard user + else + { + var password = hash.Encrypt(request.Password); - if (MachineServiceConfig.ENFORCE_MACHINE_STUDIO_VERSION) + using (var db = ObservablesContextHelper.CreateContext()) { - var latest_version = db.MachineStudioVersions.ToList().OrderByDescending(x => Version.Parse(x.Version)).FirstOrDefault(); + user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower() && (isPasswordOK || x.Password == password)).WithRolesAndPermissions().WithDeleted().Build(); - if (latest_version != null && Version.Parse(latest_version.Version) != client_version) + if (user == null) { - versionChangeRequired = true; - requiredVersion = latest_version.Version; + throw new AuthenticationException("Invalid email or password."); } - } - } - Core.DataSource dataSource = null; + if (user.Deleted) + { + throw new AuthenticationException("Your account has been disabled. Please contact your administrator."); + } + + user.LastLogin = DateTime.UtcNow; + db.SaveChanges(); + } - if (MachineServiceConfig.USE_DB_ACCESS_TOKENS) - { SQLServerManager sqlServer = new SQLServerManager(); var accessToken = sqlServer.GetAccessToken(); - dataSource = new Core.DataSource() + dataSource = new DataSource() { Address = MachineServiceConfig.DB_ADDRESS, Catalog = MachineServiceConfig.DB_CATALOG, @@ -397,19 +424,23 @@ namespace Tango.MachineService.Controllers AccessTokenExpiration = accessToken.ExpiresOn.UtcDateTime }; } - else + + //Enforce Machine Studio Version ? + if (MachineServiceConfig.ENFORCE_MACHINE_STUDIO_VERSION) { - dataSource = new Core.DataSource() + using (var db = ObservablesContextHelper.CreateContext()) { - Address = MachineServiceConfig.DB_ADDRESS, - Catalog = MachineServiceConfig.DB_CATALOG, - Type = Core.DataSourceType.Azure, - IntegratedSecurity = false, - UserName = request.Email, - Password = request.Password, - }; + var latest_version = db.MachineStudioVersions.ToList().OrderByDescending(x => Version.Parse(x.Version)).FirstOrDefault(); + + if (latest_version != null && Version.Parse(latest_version.Version) != client_version) + { + versionChangeRequired = true; + requiredVersion = latest_version.Version; + } + } } + //Return data source return new LoginResponse() { DataSource = dataSource, |