public IHttpActionResult UpdatePreferredRole(PreferredRoleRequest req)
{
try
{
User user = GetLoggedInUser();
string token = HttpUtilities.GetRequestToken(this.Request);
if (user == null)
{
return(BadRequest(ErrorCodes.USER_DOES_NOT_EXISTS.ToString()));
}
Role role = _context.Roles.FirstOrDefault(i => i.Id == req.RoleId);
if (role == null)
{
return(BadRequest(ErrorCodes.ROLE_DOES_NOT_EXISTS.ToString()));
}
UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == req.RoleId && i.UserId == user.Id);
if (userRoleMap == null)
{
return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
}
else
{
userRoleMap.IsPreferredRole = true;
//UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
//if (existingRoles != null)
//{
// existingRoles.IsPreferredRole = false;
//}
//remove existing preference.
_context.SaveChanges();
DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request, req.RoleId, token);
return(Ok());
}
}
catch (Exception ex)
{
LGSELogger.Error(ex);
return(InternalServerError(ex));
}
}
public IHttpActionResult Logout()
{
try
{
string userRole = HttpUtilities.GetUserRoleAccessApi(this.Request);
string token = HttpUtilities.GetRequestToken(this.Request);
var user = GetLoggedInUser();
UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == userRole && i.UserId == user.Id);
if (userRoleMap == null)
{
return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
}
else
{
userRoleMap.IsPreferredRole = false;
//UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
//if (existingRoles != null)
//{
// existingRoles.IsPreferredRole = false;
//}
//remove existing preference.
_context.SaveChanges();
//return Ok();
}
UserRoleMap userRoleMapIsAvailable = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.IsPreferredRole == true);
if (userRoleMapIsAvailable == null)
{
user.IsLoggedIn = false;
// user.UpdatedAt = DateTimeOffset.UtcNow;
_context.SaveChanges();
}
DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGOUT, this.Request, userRole, token);
return(Ok());
}
catch (Exception ex)
{
LGSELogger.Error(ex);
return(InternalServerError());
}
}
public IHttpActionResult Login(LoginRequest request)
{
try
{
User account = _context.Users.Where(a => a.Email == request.Email).SingleOrDefault();
ValidationUtilities.ValidateUserForLogin(request, account);
if (account != null)
{
if (account.IsActiveUser == false)
{
return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString()));
//var response = HttpUtilities.FrameHTTPResp(System.Net.HttpStatusCode.BadRequest, ErrorCodes.USER_DEACTIVATED_BY_ADMIN);
// throw new HttpResponseException(response);
}
if (account.IsActivated == false)
{
return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
}
if (!account.IsLocked)
{
byte[] incoming = AuthorizationUtilities.hash(request.Password, account.Salt);
if (Utilities.Utilities.slowEquals(incoming, account.Password))
{
if (account.IsActivated)
{
//Audit Trial Entry.
//DbUtilities.AuditTrialEntry(account, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request);
//Creating a Token
ClaimsIdentity claimsIdentity = new ClaimsIdentity();
claimsIdentity.AddClaim(new Claim(Constants.STR_FIRSTNAME, account.FirstName));
claimsIdentity.AddClaim(new Claim(Constants.STR_LASTNAME, account.LastName));
claimsIdentity.AddClaim(new Claim(ClaimTypes.Email, request.Email));
claimsIdentity.AddClaim(new Claim(JwtRegisteredClaimNames.Sub, request.Email));
claimsIdentity.AddClaim(new Claim("UserId", account.Id));
List <Role> roles = (from userMaps in _context.UserRoleMaps.ToList()
join rol in _context.Roles.ToList() on userMaps.RoleId equals rol.Id
where userMaps.UserId == account.Id && userMaps.Deleted == false
select rol).ToList();
if (roles != null && roles.Count > 0)
{
foreach (var item in roles)
{
claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName));
//claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName + "|" + item.Id));
}
}
// Update user details:
UpdateUserDetailsInLogin(account);
JwtSecurityToken token = AuthorizationUtilities.GetAuthenticationTokenForUser(request.Email, claimsIdentity.Claims.ToArray());
return(Ok(new
{
Token = token.RawData,
Username = request.Email,
UserId = account.Id
}));
}
else
{
return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
}
}
else
{
//Audit Trial Entry.
DbUtilities.AuditTrialEntry(account, AuditTrialStatus.FAILURE, AuditTrialOpType.LOGIN, this.Request);
// return Unauthorized();
return(BadRequest(ErrorCodes.PASSWORD_NOTMATCHED.ToString()));
}
}
else
{
return(BadRequest(ErrorCodes.ACCOUNT_LOCKED.ToString()));
}
}
return(Unauthorized());
}
catch (HttpResponseException ex)
{
throw ex;
}
catch (Exception ex)
{
LGSELogger.Error(ex);
return(InternalServerError(ex));
}
}
