1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Security.Authentication;
using System.Web.Http;
using Tango.BL.Builders;
using Tango.BL.Entities;
using Tango.Core;
using Tango.Core.Cryptography;
using Tango.FSE.Web.Messages;
using Tango.Web.Controllers;
using Tango.Web.Helpers;
using Tango.Web.Security;
using Tango.Web.SQLServer;
namespace Tango.MachineService.Controllers
{
public class FSEController : TangoController
{
public class TokenObject
{
public String UserGuid { get; set; }
}
/// <summary>
/// Login to the service.
/// </summary>
/// <param name="request">The request.</param>
/// <returns></returns>
/// <exception cref="AuthenticationException"></exception>
[HttpPost]
public LoginResponse Login(LoginRequest request)
{
User user = null;
DataSource dataSource = null;
IHashGenerator hash = new BasicHashGenerator();
Version client_version;
if (!Version.TryParse(request.Version, out client_version))
{
client_version = new Version("1.0.0.0");
}
bool versionChangeRequired = false;
String requiredVersion = null;
var password = hash.Encrypt(request.Password);
using (var db = ObservablesContextHelper.CreateContext())
{
user = new UserBuilder(db).Set(x => x.Email.ToLower() == request.Email.ToLower() && x.Password == password).WithRolesAndPermissions().WithDeleted().Build();
if (user == null)
{
throw new AuthenticationException("Invalid email or password.");
}
if (user.Deleted)
{
throw new AuthenticationException("Your account has been disabled. Please contact your administrator.");
}
user.LastLogin = DateTime.UtcNow;
db.SaveChanges();
}
SQLServerManager sqlServer = new SQLServerManager();
var accessToken = sqlServer.GetAccessToken();
dataSource = new DataSource()
{
Address = MachineServiceConfig.DB_ADDRESS,
Catalog = MachineServiceConfig.DB_CATALOG,
Type = DataSourceType.AccessToken,
IntegratedSecurity = false,
AccessToken = accessToken.AccessToken,
AccessTokenExpiration = accessToken.ExpiresOn.UtcDateTime
};
//Enforce Machine Studio Version ?
//if (MachineServiceConfig.ENFORCE_MACHINE_STUDIO_VERSION)
//{
// using (var db = ObservablesContextHelper.CreateContext())
// {
// var latest_version = db.MachineStudioVersions.ToList().OrderByDescending(x => Version.Parse(x.Version)).FirstOrDefault();
// if (latest_version != null && Version.Parse(latest_version.Version) != client_version)
// {
// versionChangeRequired = true;
// requiredVersion = latest_version.Version;
// }
// }
//}
//Return data source
return new LoginResponse()
{
DataSource = dataSource,
AccessToken = WebToken<TokenObject>.CreateNew(MachineServiceConfig.JWT_TOKEN_SECRET, new TokenObject()
{
UserGuid = user.Guid,
}, DateTime.UtcNow.AddDays(1)).AccessToken,
VersionChangeRequired = versionChangeRequired,
RequiredVersion = requiredVersion,
PasswordChangeRequired = user.PasswordChangeRequired
};
}
}
}
|
