/// <summary>
/// Attemts to register a new user or authenticate an existing user with the given credentials
/// </summary>
/// <param name="credentials">User credentials to authenticate</param>
/// <param name="register">True if registering a new user, false otherwise</param>
/// <returns>UserToken if successful, null otherwise</returns>
internal UserToken Authenticate(Credentials credentials, bool register)
{
int userID;
if (register) {
// Register a new user
if (createUser(credentials.username, credentials.GenerateHash()))
userID = GetID(credentials.username); // User was created
else
return null; // User was not created
} else {
userID = GetID(credentials.username);
if (userID == 0)
return null;
string hash = getUserHash(userID);
if (hash != null && !credentials.Verify(hash))
return null; // Credentials were invalid
}
// Generate a new authentication token.
DateTime expiry = UserToken.GetExpiration();
string token = UserToken.GenerateToken();
storeUserToken(userID, expiry, token);
return new UserToken(credentials.username, expiry, token);
}