Implement authorization against the Users database and issue token based on password validation.
This commit is contained in:
@@ -3,7 +3,8 @@
|
||||
<appSettings>
|
||||
<add key="market_data" value="Database=market_data;Datasource=localhost;Username=root;Password=dbas"/>
|
||||
<add key="portfolio_data" value="Database=portfolio_data;Datasource=localhost;Username=root;Password=dbas"/>
|
||||
<add key="sms_smtpaddress" value="smtp.gmail.com"/>
|
||||
<add key="user_data" value="Database=user_data;Datasource=localhost;Username=root;Password=dbas"/>
|
||||
<add key="sms_smtpaddress" value="smtp.gmail.com"/>
|
||||
<add key="sms_smsusername" value="skessler1964@gmail.com"/>
|
||||
<add key="sms_smspassword" value="MN5191306B"/>
|
||||
<add key="sms_smsrecipients" value="6315252496@vtext.com"/>
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
using System;
|
||||
using MarketData.DataAccess;
|
||||
using MarketData.Extensions;
|
||||
using MarketData.MarketDataModel.User;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
|
||||
namespace MarketDataServer.Authorization
|
||||
@@ -8,15 +10,14 @@ namespace MarketDataServer.Authorization
|
||||
public class Authorizations
|
||||
{
|
||||
private Dictionary<String, String> authorizationDictionary = null;
|
||||
private List<String> validUsers = null;
|
||||
private static Authorizations authorizations = null;
|
||||
private bool isEnabled=true;
|
||||
|
||||
private Authorizations()
|
||||
{
|
||||
validUsers = new List<String>();
|
||||
authorizationDictionary=new Dictionary<String,String>();
|
||||
validUsers.Add("sean");
|
||||
}
|
||||
|
||||
public static Authorizations GetInstance()
|
||||
{
|
||||
lock (typeof(Authorizations))
|
||||
@@ -25,11 +26,13 @@ namespace MarketDataServer.Authorization
|
||||
}
|
||||
return authorizations;
|
||||
}
|
||||
|
||||
public bool IsEnabled
|
||||
{
|
||||
get{return isEnabled;}
|
||||
set{isEnabled=value;}
|
||||
}
|
||||
|
||||
public bool IsAuthorized(String token)
|
||||
{
|
||||
lock (this)
|
||||
@@ -38,6 +41,7 @@ namespace MarketDataServer.Authorization
|
||||
return authorizationDictionary.ContainsKey(token);
|
||||
}
|
||||
}
|
||||
|
||||
public String GetAuthenticationToken()
|
||||
{
|
||||
lock (this)
|
||||
@@ -47,13 +51,24 @@ namespace MarketDataServer.Authorization
|
||||
return token;
|
||||
}
|
||||
}
|
||||
public bool IsValidUser(String user)
|
||||
|
||||
public bool IsValidUser(String username,String password)
|
||||
{
|
||||
lock (this)
|
||||
{
|
||||
return validUsers.Any(x => x.Equals(user));
|
||||
if(!UserDA.UserExists(username))return false;
|
||||
Console.WriteLine(String.Format("[{0:G}][User {1} exists.]",DateTime.Now ,username));
|
||||
User user = UserDA.GetUser(username);
|
||||
if(null == user)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][User {1} validation failed.]",DateTime.Now ,username));
|
||||
return false;
|
||||
}
|
||||
Console.WriteLine(String.Format("[{0:G}][User {1} is validated.]",DateTime.Now ,username));
|
||||
return user.Verify(password);
|
||||
}
|
||||
}
|
||||
|
||||
public static String Xor(String input, int magic)
|
||||
{
|
||||
StringBuilder sb = new StringBuilder();
|
||||
|
||||
@@ -6,13 +6,15 @@ namespace MarketDataServer.Controllers
|
||||
{
|
||||
public class AuthorizationController : ApiController
|
||||
{
|
||||
public String GetToken(String user)
|
||||
|
||||
public String GetToken(String user, String password)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][AuthorizationController::Authorize]",DateTime.Now));
|
||||
if(null==user)return null;
|
||||
user=Authorizations.Xor(user,5);
|
||||
password=Authorizations.Xor(password,5);
|
||||
Console.WriteLine(String.Format("[{0:G}][Login requested for user '{1}']",DateTime.Now, user));
|
||||
if(!Authorizations.GetInstance().IsValidUser(user))
|
||||
if(!Authorizations.GetInstance().IsValidUser(user, password))
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][User '{1}' is not authorized]", DateTime.Now,user));
|
||||
return null;
|
||||
@@ -20,7 +22,6 @@ namespace MarketDataServer.Controllers
|
||||
String accessToken= Authorizations.GetInstance().GetAuthenticationToken();
|
||||
Console.WriteLine(String.Format("[{0:G}][Access token granted for user {1} : {2}]",DateTime.Now ,user, accessToken));
|
||||
return accessToken;
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using System.Web.Http;
|
||||
using MarketData.MarketDataModel;
|
||||
using MarketData.DataAccess;
|
||||
@@ -32,19 +29,22 @@ namespace MarketDataServer.Controllers
|
||||
positionsWithDescription.Add(new PositionWithDescription(position,companyProfile.CompanyName, companyProfile.Description));
|
||||
}
|
||||
return positionsWithDescription;
|
||||
}
|
||||
}
|
||||
|
||||
public IEnumerable<String> GetAccounts(String token)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][PortfolioController::GetAccounts]",DateTime.Now));
|
||||
if (!Authorizations.GetInstance().IsAuthorized(token)) return null;
|
||||
return PortfolioDA.GetAccounts();
|
||||
}
|
||||
|
||||
public IEnumerable<String> GetAccountsWithOpenTrades(String token)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][PortfolioController::GetAccountsWithOpenTrades]", DateTime.Now));
|
||||
if (!Authorizations.GetInstance().IsAuthorized(token)) return null;
|
||||
return PortfolioDA.GetAccountsWithOpenTrades();
|
||||
}
|
||||
|
||||
public StopLimit GetStopLimit(String token,String symbol)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][PortfolioController::GetStopLimit]",DateTime.Now));
|
||||
@@ -52,6 +52,7 @@ namespace MarketDataServer.Controllers
|
||||
StopLimit stopLimit=PortfolioDA.GetStopLimit(symbol);
|
||||
return stopLimit;
|
||||
}
|
||||
|
||||
public PortfolioTradesWithParityPrice GetPortfolioTradesWithParityPrice(String token, String symbol)
|
||||
{
|
||||
Console.WriteLine(String.Format("[{0:G}][PortfolioController::GetPortfolioTradesWithParityPrice]", DateTime.Now));
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -3,6 +3,7 @@
|
||||
<appSettings>
|
||||
<add key="market_data" value="Database=market_data;Datasource=localhost;Username=root;Password=dbas" />
|
||||
<add key="portfolio_data" value="Database=portfolio_data;Datasource=localhost;Username=root;Password=dbas" />
|
||||
<add key="user_data" value="Database=user_data;Datasource=localhost;Username=root;Password=dbas" />
|
||||
<add key="sms_smtpaddress" value="smtp.gmail.com" />
|
||||
<add key="sms_smsusername" value="skessler1964@gmail.com" />
|
||||
<add key="sms_smspassword" value="MN5191306B" />
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Reference in New Issue
Block a user