using System; using System.Collections.Generic; using System.Linq; using System.Web; using CPE.App.Web.Models; using System.Security.Cryptography; using System.Configuration; using System.Text; using CPE.App.Web.Code; namespace CPE.App.Web.Helpers { public class VerifyAccess { public static bool IsValid(PurchasedCourse course) { return (((course.PurchaseDate).AddYears(1)) > DateTime.UtcNow); } public static bool VerifyTicket(string ticket, string contenturl, string firstname, string lastname, string email) { string secret = ConfigurationManager.AppSettings["CPE.SecretWord"]; string seed = (contenturl + firstname + lastname + email + secret).ToLower(); return ticket.Equals(sha256_hash(seed).Substring(4, 6)); } public static bool VerifyTicket(string ticket, string contenturl, string firstname, string lastname, string email, string purchasedate) { string secret = ConfigurationManager.AppSettings["CPE.SecretWord"]; string seed = (contenturl + firstname + lastname + email + purchasedate + secret).ToLower(); return ticket.Equals(sha256_hash(seed).Substring(4, 6)); } public static bool AccessBlocked(PurchasedCourse course) { BlockedPurchase blockedCourse = BaseController.Database.BlockedPurchases.SingleOrDefault(bc => bc.Ticket == course.Ticket && bc.ContentUrl == course.ContentUrl && bc.Email == course.Email); return (blockedCourse != null); } public static string generateTicket(string contenturl, string firstname, string lastname, string email, string purchasedate) { string secret = ConfigurationManager.AppSettings["CPE.SecretWord"]; string seed = (contenturl + firstname + lastname + email + purchasedate + secret).ToLower(); return sha256_hash(seed).Substring(4, 6); } private static String sha256_hash(String value) { using (SHA256 hash = SHA256Managed.Create()) { return String.Join("", hash .ComputeHash(Encoding.UTF8.GetBytes(value)) .Select(item => item.ToString("x2"))); } } } }