public RemitlyPayoutController(ISecurityService securityService, ICacheService cacheService, IFinacleRepository finacleRepository, ICashPickup cashPickupService)
 {
     _securityService    = securityService;
     _flexCubeRepository = finacleRepository;
     _cacheService       = cacheService;
     _cashPickupService  = cashPickupService;
 }
Beispiel #2
0
 public HomeController(ISecurityService securityService, IFinacleRepository finacleRepository, IAuditService auditService, IAuditRepository auditRepository, ISecurityRepository securityRepository)
 {
     _securityService    = securityService;
     _finacleRepository  = finacleRepository;
     _auditService       = auditService;
     _auditRepository    = auditRepository;
     _securityRepository = securityRepository;
 }
Beispiel #3
0
        public static AuthenticationResponse Authentication(AuthenticationRequest request, bool finacleRoleCheck, SecurityConfig settings, ISecurityService securityService, IFinacleRepository finacleRepository)
        {
            AuthenticationResponse authenticationResponse = new AuthenticationResponse();

            try
            {
                request.UserID         = request.UserID.ToUpper();
                authenticationResponse = Access.AdCallForNameEmail(request);

                if (finacleRoleCheck)
                {
                    if (authenticationResponse.ResponseCode == "0")
                    {
                        var result = finacleRepository.GetUserRoleFromFlexcube(request.UserID);

                        if (result != null)
                        {
                            authenticationResponse.BranchCode = result.BranchCode;
                            authenticationResponse.Role       = result.ApplicationName;
                        }
                    }
                    if (authenticationResponse.ResponseCode == "0" && !string.IsNullOrEmpty(authenticationResponse.Role))
                    {
                        var result = finacleRepository.GetUserTillAccountFromFinacle(request.UserID);
                        authenticationResponse.TellerTillAccount = result;
                    }
                }
            }
            catch (Exception ex)
            {
                if (request != null)
                {
                    request.Password = "******";
                }

                authenticationResponse.ResponseCode        = "1001";
                authenticationResponse.ResponseDescription = "Unable to authenticate the user. Please contact the administrator.";
            }

            if (authenticationResponse.ResponseCode != "0")
            {
                var resp = new AuthenticationResponse()
                {
                    ResponseCode = authenticationResponse.ResponseCode, ResponseDescription = authenticationResponse.ResponseDescription
                };
                authenticationResponse = resp;
            }
            return(authenticationResponse);
        }
Beispiel #4
0
        private static AuthenticationDataDto FinacleAuthorization(string username, ISecurityService authenticationService, IFinacleRepository finacleRepository, AuthenticationDataDto currentUser, AuthenticationResponse result)
        {
            //get finacle role
            FinacleRole finacleRole = finacleRepository.GetUserRoleFromFlexcube(username);

            if (finacleRole == null)
            {
                finacleRole = new FinacleRole()
                {
                    UserID = username, BranchCode = null, ApplicationName = string.Empty
                }
            }
            ;

            var roleId = authenticationService.GetRoleList().Where(r => r.RoleName.ToLower() == finacleRole.ApplicationName.ToLower()).Select(k => k.RoleId).FirstOrDefault();

            if (currentUser == null)
            {
                //create the user record for session  management purpose, only for AD/Finacle users logging in for the first time,
                //if role is recognised in this application
                var userObject = new User()
                {
                    BadPasswordCount = 0,
                    CreationDate     = Helper.GetLocalDate(),
                    CurrentSessionId = Helper.GetNextGuid(),
                    Email            = result.Email,
                    FirstName        = result.FirstName,
                    //ApprovalStatus = true,
                    IsFirstLogIn     = false,
                    Initial          = string.Empty,
                    LastLogInDate    = Helper.GetLocalDate(),
                    IsLockedOut      = false,
                    IsOnline         = true,
                    LastActivityDate = Helper.GetLocalDate(),
                    LastName         = result.LastName,
                    InitiatedBy      = username,
                    //ApprovedBy = "NULL",
                    Username       = username,
                    Telephone      = "N/A",
                    Password       = "******",
                    AccountType    = Constants.AccountType.ADFinacle,
                    ApprovalStatus = Constants.ApprovalStatus.Approved,
                    BranchID       = finacleRole.BranchCode,
                    IsDeleted      = false,
                    UserRole       = new Role()
                    {
                        RoleId = roleId
                    }
                };

                if (roleId != Guid.Empty)
                {
                    authenticationService.AddUserForSessionMgmt(userObject);
                }

                currentUser = new AuthenticationDataDto();
                {
                    currentUser.SessionId     = userObject.CurrentSessionId.ToString();
                    currentUser.Username      = username;
                    currentUser.Roles         = finacleRole.ApplicationName;
                    currentUser.IsFirstLogIn  = false;
                    currentUser.FullName      = string.Format("{0} {1}", userObject.FirstName, userObject.LastName);
                    currentUser.IsPasswordSet = false;
                    currentUser.BranchCode    = finacleRole.BranchCode;
                }
            }

            //with finacle authorization, we check whether the locally saved role
            //is the same as we got from Finacle, if not we update the local db.
            //and we always override local role even if available
            //this ensure if the role changed in Finacle it is inherited in the application.
            //we also ensure if user branch in finacle has changed, is changed here too
            if ((currentUser.Roles.ToLower() != finacleRole.ApplicationName.ToLower() && roleId != Guid.Empty) || (currentUser.BranchCode != finacleRole.BranchCode && !string.IsNullOrEmpty(finacleRole.BranchCode)))
            {
                authenticationService.UpdateUserRoleUserBranch(currentUser.Username, roleId, finacleRole.BranchCode);
                currentUser.Roles      = finacleRole.ApplicationName;
                currentUser.BranchCode = finacleRole.BranchCode;
            }


            return(currentUser);
        }
Beispiel #5
0
        public static bool SignIn(string username, string password, string tokenCode, ISecurityService authenticationService, IFinacleRepository finacleRepository, out bool isFirstLogIn, ref ValidationStateDictionary states)
        {
            isFirstLogIn = false;
            AuthenticationDataDto currentUser = null;
            bool validateWithAD = false;
            bool useFinacleRole = false;
            var  hashedPassword = string.Empty;
            var  settings       = SecurityConfig.GetCurrent();

            if (settings.Cookie.PasswordHashed && !string.IsNullOrEmpty(password))
            {
                var lowerUsername = string.Empty;
                if (!string.IsNullOrEmpty(username))
                {
                    lowerUsername = username.ToLower();
                }
                hashedPassword = PasswordHash.Hash(lowerUsername, password);
            }
            currentUser = authenticationService.SignIn(username, hashedPassword, true, ref states);
            if (currentUser != null)
            {
                if (currentUser.AppAuthenticationFailed)
                {
                    return(false);
                }
            }
            states.Clear();

            SetAuthMode(currentUser, ref validateWithAD, ref useFinacleRole);

            AuthenticationResponse result = new AuthenticationResponse();

            if (validateWithAD)
            {
                var ADResult = ADAuthentication(username, password, tokenCode, authenticationService, finacleRepository, states, settings, ref result);
                if (!ADResult)
                {
                    if (currentUser != null)
                    {
                        authenticationService.SignOut(currentUser.SessionId);
                    }
                    return(false);
                }
            }

            if (useFinacleRole)
            {
                currentUser = FinacleAuthorization(username, authenticationService, finacleRepository, currentUser, result);
            }
            else
            {
                if (!ValidateLocalUserRole(states, currentUser))
                {
                    if (currentUser != null)
                    {
                        authenticationService.SignOut(currentUser.SessionId);
                    }
                    return(false);
                }
            }

            if (!ValidateRoleAndUser(username, authenticationService, states, currentUser))
            {
                if (currentUser != null)
                {
                    authenticationService.SignOut(currentUser.SessionId);
                }
                return(false);
            }

            if (!Check2FA(username, tokenCode, states, currentUser, settings))
            {
                if (currentUser != null)
                {
                    authenticationService.SignOut(currentUser.SessionId);
                }
                return(false);
            }

            CreateThreadPrincipalAndAuthCookie(currentUser, settings);

            isFirstLogIn = validateWithAD == true ? false : currentUser.IsFirstLogIn;

            //if (useFinacleRole) /no longer needed.
            //{
            //    //cache the role, so that we don't go back to finacle on every session renewal
            //    ICacheService cacheService = ((IContainer)System.Web.HttpContext.Current.Application["container"]).Resolve<ICacheService>();
            //    CacheItemPolicy policy = new CacheItemPolicy() { SlidingExpiration = new TimeSpan(0, settings.Cookie.Timeout + 1, 0) };
            //    cacheService.Add(string.Format("UserSessionID:{0}", currentUser.SessionId), currentUser.Roles, policy);
            //}
            return(true);
        }
Beispiel #6
0
        private static bool ADAuthentication(string username, string password, string tokenCode, ISecurityService authenticationService, IFinacleRepository finacleRepository, ValidationStateDictionary states, SecurityConfig settings, ref AuthenticationResponse result)
        {
            var status3 = true;

            result = Authentication(new AuthenticationRequest()
            {
                UserID    = username,
                Password  = password,
                TokenCode = tokenCode
            }, false, settings, authenticationService, finacleRepository);
            if (result.ResponseCode != "0")
            {
                ValidationState v = new ValidationState();
                v.Errors.Add(new ValidationError("Username.InvalidUsername", username, "Invalid Username or Password"));
                states.Add(typeof(LogInDto), v);
                status3 = false;
            }
            return(status3);
        }
 public UserSetupController(ISecurityService securityService, ICacheService cacheService, IFinacleRepository finacleRepository)
 {
     _securityService    = securityService;
     _flexCubeRepository = finacleRepository;
     _cacheService       = cacheService;
 }