Beispiel #1
0
        /// <summary>
        /// Consulta un usuario por nombre de usuario
        /// </summary>
        /// <param name="userName">nombre de usuario</param>
        /// <returns>UserApp</returns>
        public async Task <UserApp> UserFindByUser(string userName)
        {
            try
            {
                var user = await _userAppData.UserFindByUser(userName);

                if (user != null)
                {
                    user.UserPw = string.Empty;
                }
                return(user);
            }
            catch (Exception)
            {
                throw;
            }
        }
Beispiel #2
0
        /// <summary>
        /// Verifica si el usuario puede autencarse correctamente con usuario y contraseña
        /// </summary>
        /// <param name="login">login de usuario</param>
        /// <returns>modelo de autenticacion</returns>
        public async Task <SessionAuthentication> AsyncAutenticateUser(Login login)
        {
            try
            {
                UserApp    userApp;
                PolicyView policy;
                string     pwDecode = string.Empty;
                bool       isAutenticate = false, valideNumberOfAttemps = false;
                int        stateInactiveUser = 0, stateLockedUser = 0, numberOfAttemps = 0;

                var autenticate = new SessionAuthentication()
                {
                    IsAuthenticate    = false,
                    TypeAutentication = TypeAutentication.Default
                };

                userApp = await _userAppData.UserFindByUser(login.UserName);

                if (null == userApp)
                {
                    autenticate.TypeAutentication = TypeAutentication.NotFound;
                    return(autenticate);
                }

                policy = !userApp.PolicyId.HasValue ?
                         await _policyGlobalAppData.PolicyGetGlobal() :
                         await _policyGlobalAppData.PolicyFindById(userApp.PolicyId.Value);

                pwDecode          = login.Password.Base64Decode();
                isAutenticate     = userApp.UserPw == pwDecode.SHA1();
                stateInactiveUser = await _parametersData.ValueFindByKey <int>("StateInactiveUser");

                stateLockedUser = await _parametersData.ValueFindByKey <int>("StateLockedUser");

                if (0 != stateInactiveUser && userApp.UserStateId == stateInactiveUser)
                {
                    autenticate.TypeAutentication = TypeAutentication.Inactive;
                    return(autenticate);
                }

                if (0 != stateLockedUser && userApp.UserStateId == stateLockedUser)
                {
                    autenticate.TypeAutentication = TypeAutentication.Locked;
                    return(autenticate);
                }

                if (!isAutenticate)
                {
                    numberOfAttemps       = policy.NumberOfAttemps;
                    valideNumberOfAttemps = 0 != numberOfAttemps;

                    userApp.UserNumberOfAttemps++;
                    userApp.UpdateDate = DateTime.Now;

                    if (valideNumberOfAttemps)
                    {
                        if (userApp.UserNumberOfAttemps >= numberOfAttemps)
                        {
                            autenticate.TypeAutentication = TypeAutentication.Locked;
                            userApp.UserStateId           = stateLockedUser;
                        }
                    }

                    await _userAppData.UpdateAsync(userApp);

                    autenticate.TypeAutentication = TypeAutentication.NotFound;
                }
                else
                {
                    if (policy.NumberOfDaysExpirePw > 0)
                    {
                        DateTime dateUserLastPasswordChange = userApp.UserLastPasswordChange.AddDays(policy.NumberOfDaysExpirePw.Value);
                        if (dateUserLastPasswordChange.Date >= DateTime.Now.Date)
                        {
                            autenticate.TypeAutentication = TypeAutentication.ChangePw;
                        }
                    }

                    if (autenticate.TypeAutentication == TypeAutentication.Default)
                    {
                        autenticate.TypeAutentication = TypeAutentication.Ok;
                    }

                    userApp.UserNumberOfAttemps = 0;
                    userApp.UserLastDateEntry   = DateTime.Now;
                    userApp.PolicyId            = !userApp.PolicyId.HasValue ? policy.PolicyId : userApp.PolicyId;

                    var sessionId = Guid.NewGuid();
                    using (var tran = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
                    {
                        await _userAppData.UpdateAsync(userApp);

                        await _sessionData.InsertKeyAsync <Guid>(new CurrentSession()
                        {
                            Active       = true,
                            CreationDate = DateTime.Now,
                            SessionId    = sessionId,
                            UserId       = userApp.UserId
                        });

                        tran.Complete();
                    }



                    autenticate.SessionId      = sessionId;
                    autenticate.UserId         = userApp.UserId;
                    autenticate.PolicyId       = policy.PolicyId;
                    autenticate.IsAuthenticate = true;
                }

                return(autenticate);
            }
            catch (Exception)
            {
                throw;
            }
        }