public ResultUserAuthenticationDto GetAuthentication(string userName, string password)
{
userName = Crypto.DecryptStringAes(userName);
password = Crypto.DecryptStringAes(password);
BasicAuthenticationDto dtoBasicAuthentication = this.GetBasicAuthentication(userName, password, null, null, "not apply");
ResultUserAuthenticationDto dtoResultUserAuthentication = new ResultUserAuthenticationDto();
dtoResultUserAuthentication.AuthenticationCod = dtoBasicAuthentication.AuthenticationCod;
dtoResultUserAuthentication.MessageAuthentication = dtoBasicAuthentication.MessageAuthentication;
if (dtoResultUserAuthentication.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success))
{
dtoResultUserAuthentication.UserApplication = Mapper.Map <UserApplicationDto, ResultUserDto>(dtoBasicAuthentication.User);
CompanyApplicationDto dtoApplication = new CompanyApplicationDto();
dtoApplication.IdCompany = dtoBasicAuthentication.User.IdCompany;
dtoApplication.ReferenceTableApplication = true;
//list aplication
dtoResultUserAuthentication.ListApplication = CompanyApplicationRepository.GetCompanyApplication(dtoApplication).Select(data => Mapper.Map <ApplicationDto, ResultApplicationDto>(data.Application)).ToList();
dtoResultUserAuthentication.ListApplication.ForEach(data =>
{
//set ticket by app
data.Ticket = GetServiceToken();
});
}
return(dtoResultUserAuthentication);
}
public AllowResourcesDto GetAllowResources(string userName, string password, long idCompany, long idApplication, string token)
{
userName = Crypto.DecryptStringAes(userName);
password = Crypto.DecryptStringAes(password);
BasicAuthenticationDto dtoBasicAuthentication = this.GetBasicAuthentication(userName, password, idCompany, idApplication, token);
AllowResourcesDto dtoAllowResources = new AllowResourcesDto();
dtoAllowResources.AuthenticationCod = dtoBasicAuthentication.AuthenticationCod;
dtoAllowResources.MessageAuthentication = dtoBasicAuthentication.MessageAuthentication;
if (dtoAllowResources.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success))
{
dtoAllowResources = this.GetAppResources(userName, password, idApplication);
}
return(dtoAllowResources);
}
public ResultDto AuthenticationChangePassword(ChangePasswordDto dtoChangePassword)
{
ResultDto dtoresult = new ResultDto();
dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.AccessDenied);
dtoresult.Message = "AccessDenied";
try
{
dtoChangePassword.UserName = Crypto.DecryptStringAes(dtoChangePassword.UserName);
dtoChangePassword.Password = Crypto.DecryptStringAes(dtoChangePassword.Password);
dtoChangePassword.NewPassword = Crypto.DecryptStringAes(dtoChangePassword.NewPassword);
BasicAuthenticationDto dtoBasicAuthentication = GetBasicAuthentication(dtoChangePassword.UserName, dtoChangePassword.Password, dtoChangePassword.IdCompany, dtoChangePassword.IdApplication, dtoChangePassword.Token);
if (dtoBasicAuthentication.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success) && !string.IsNullOrEmpty(dtoChangePassword.NewPassword))
{
UserApplicationDto dtoUserApplication = new UserApplicationDto();
dtoUserApplication.UserName = dtoChangePassword.UserName;
dtoUserApplication.UserPassword = dtoChangePassword.Password;
dtoUserApplication.State = true;
dtoUserApplication = UserApplicationRepository.GetUserApplication(dtoUserApplication).First();
dtoUserApplication.UserPassword = dtoChangePassword.NewPassword.ToUpper();
UserApplicationRepository.SaveUserApplication(dtoUserApplication);
dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.Success);
dtoresult.Message = "Success";
}
}
catch (Exception)
{
dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.AccessDenied);
dtoresult.Message = "AccessDenied";
}
return(dtoresult);
}
private BasicAuthenticationDto GetBasicAuthentication(string userName, string password, long?idCompany, long?idApplication, string token)
{
bool authenticationError = false;
BasicAuthenticationDto dtoResultUserAuthentication = new BasicAuthenticationDto();
dtoResultUserAuthentication.AuthenticationCod = Convert.ToInt16(AuthenticationCode.AccessDenied);
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";
if (token != "not apply")
{
if (this.GetServiceToken() != token)
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";
}
}
if (String.IsNullOrEmpty(userName) || String.IsNullOrEmpty(password))
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";
}
if (authenticationError == false)
{
UserApplicationDto dtoUserApplication = new UserApplicationDto();
dtoUserApplication.UserName = userName;
dtoUserApplication.UserPassword = password;
dtoUserApplication.IdCompany = idCompany;
dtoUserApplication.State = true;
dtoUserApplication = UserApplicationRepository.GetUserApplication(dtoUserApplication).FirstOrDefault();
if (dtoUserApplication == null)
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";
}
else
{
dtoUserApplication.UserPassword = null;
if (dtoUserApplication.EffectiveDate != null && dtoUserApplication.EffectiveDate >= DateTime.Now)
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied - Limit Date";
}
else
{
dtoResultUserAuthentication.User = dtoUserApplication;
}
if (idCompany != null && authenticationError == false)
{
if (dtoResultUserAuthentication.User.IdCompany != idCompany)
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";
}
}
if (idApplication != null && authenticationError == false)
{
CompanyApplicationDto dtoApplication = new CompanyApplicationDto();
dtoApplication.IdApplication = idApplication;
dtoApplication.IdCompany = dtoResultUserAuthentication.User.IdCompany;
List <CompanyApplicationDto> listApplicationDto = CompanyApplicationRepository.GetCompanyApplication(dtoApplication);
if (listApplicationDto.Count != 1)
{
authenticationError = true;
dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";// - ApplicationNotFound";
}
}
}
}
if (authenticationError == false)
{
dtoResultUserAuthentication.AuthenticationCod = Convert.ToInt16(AuthenticationCode.Success);
dtoResultUserAuthentication.MessageAuthentication = "Success";
}
return(dtoResultUserAuthentication);
}
