Beispiel #1
0
        public IHttpActionResult ResetPassword(SendActivationReq req)
        {
            try
            {
                string currentUsrEmail = HttpUtilities.GetUserNameFromToken(this.Request);
                byte[] salt            = AuthorizationUtilities.generateSalt();
                User   user            = _context.Users.FirstOrDefault(i => i.Id == req.UserId);
                //  if (user.IsActiveUser == false)
                ValidationUtilities.ValidateUserforNewPassword(req.UserId, user);

                string generatedPassword = AuthorizationUtilities.GeneratePassword();
                AuthorizationUtilities.SendPasswordtoUser(user.Email, generatedPassword);
                byte[] pwdhash = AuthorizationUtilities.hash(generatedPassword, user.Salt);
                //  user.Salt = salt;
                user.Password   = pwdhash;//AuthorizationUtilities.hash(generatedPassword, salt);
                user.ModifiedBy = currentUsrEmail;
                // user.UpdatedAt = DateTimeOffset.UtcNow;
                _context.Entry(user).State = System.Data.Entity.EntityState.Modified;
                _context.SaveChanges();
                return(Ok());
            }
            catch (HttpResponseException ex)
            {
                throw ex;
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError(ex));
            }
        }
Beispiel #2
0
 // POST tables/User
 public IHttpActionResult PostUser(RegisterRequest request)
 {
     try
     {
         string errorMessage = ValidationUtilities.ValidateUserDetails(request);
         var    domainObj    = DbUtilities.GetDomainDetails(request.Email);
         if (errorMessage.Equals(string.Empty))
         {
             string otpCode   = AuthorizationUtilities.GenerateOTPCode();
             string userEmail = HttpUtilities.GetUserNameFromToken(this.Request);
             DbUtilities.SaveTheUser(request, otpCode, domainObj, userEmail, request.IsActiveUser);
             AuthorizationUtilities.SendOTPtoUser(request.Email, otpCode);
             return(Ok(HttpUtilities.CustomResp(ErrorCodes.USER_CREATED.ToString())));
         }
         else
         {
             return(BadRequest(errorMessage));
         }
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
     //return CreatedAtRoute("Tables", new { id = current.Id }, current);
 }
Beispiel #3
0
        //List<Features>
        public bool AuthorizeUser(string userName, string userRole, string token, Features[] dataEntity, OperationType ops)// Abhijeet - 30-10-2018 -Added role id
        {
            try
            {
                LGSELogger.Information("AuthorizeUser method has veen called");



                //if (isUserExist)
                //{
                if (CheckPermission(userName, userRole, dataEntity, ops))   // Abhijeet - 30-10-2018 -Added role id
                {
                    return(true);
                }
                //}
                //else
                //{

                //    throw new UnauthorizedAccessException(ErrorCodes.USER_DOES_NOT_EXISTS.ToString());
                //}
                return(false);
            }
            catch (UnauthorizedAccessException ex)
            {
                LGSELogger.Error(ex);
                throw ex;
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                throw ex;
            }
        }
Beispiel #4
0
 public IHttpActionResult GetUserDetails()
 {
     try
     {
         string  userEmail = HttpUtilities.GetUserNameFromToken(this.Request);
         dynamic useDetails;
         //dynamic user = new ExpandoObject();
         useDetails = (from user in _context.Users
                       where user.Email == userEmail
                       select new
         {
             userId = user.Id,
             firtName = user.FirstName,
             lastName = user.LastName,
             email = user.Email,
             domainId = user.DomainId,
             employeeId = user.EmployeeId,
             eusr = user.EUSR,
             contactNo = user.ContactNo,
             isAvailable = user.IsAvailable,
             roles = user.UserRoleMap.Where(i => i.UserId == user.Id && i.Deleted == false)
                     .Select(r => new { r.Role.Id, r.Role.RoleName }).ToList(),
             PreferredRole = user.UserRoleMap.Where(i => i.IsPreferredRole == true && i.Deleted == false).Select(i => i.Role.RoleName).FirstOrDefault()
         }).FirstOrDefault();
         return(Ok(useDetails));
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }
Beispiel #5
0
 public IHttpActionResult SendActivationLink(SendActivationReq req)
 {
     try
     {
         string currentUsrEmail = HttpUtilities.GetUserNameFromToken(this.Request);
         var    user            = _context.Users.FirstOrDefault(i => i.Id == req.UserId);
         if (user.IsActiveUser == false)
         {
             return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString()));
         }
         else if (user.Domain.IsActive == false)
         {
             return(BadRequest(ErrorCodes.DOMAIN_IS_INACTIVE.ToString()));
         }
         ValidationUtilities.ValidateUserforActivationLink(req.UserId, user);
         string otpCode = AuthorizationUtilities.GenerateOTPCode();
         AuthorizationUtilities.SendOTPtoUser(user.Email, otpCode);
         user.OTPCode        = otpCode;
         user.OTPGeneratedAt = DateTimeOffset.UtcNow;
         user.ModifiedBy     = currentUsrEmail;
         // user.UpdatedAt = DateTimeOffset.UtcNow;
         _context.Entry(user).State = System.Data.Entity.EntityState.Modified;
         _context.SaveChanges();
         return(Ok());
     }
     catch (HttpResponseException ex)
     {
         throw ex;
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }
Beispiel #6
0
 public IHttpActionResult OTP(BaseRequest request)
 {
     try
     {
         if (!request.Email.Equals(string.Empty))
         {
             //Check the user exists with that Email
             User user = _context.Users.SingleOrDefault(a => a.Email == request.Email);
             //&& a.IsActiveUser == true && a.IsActivated == true && a.Domain.IsActive == true
             if (user != null && user.IsActiveUser == false)
             {
                 return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString()));//BadRequest(Constants.INVALID_USER);
             }
             else if (user != null && user.IsActivated == false)
             {
                 return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));//BadRequest(Constants.INVALID_USER);
             }
             else if (user != null && user.Domain.IsActive == false)
             {
                 return(BadRequest(ErrorCodes.DOMAIN_IS_INACTIVE.ToString()));//BadRequest(Constants.INVALID_USER);
             }
             else if (user != null)
             {
                 if (DateTimeOffset.UtcNow < user.OTPGeneratedAt.Value.AddMinutes(Convert.ToInt64(ConfigurationManager.AppSettings[Constants.OTP_REQTIME_CONN_STRING])))
                 {
                     return(BadRequest(ErrorCodes.OTP_GENERATED_ALREADY.ToString())); //HttpUtilities.FrameHTTPResp(HttpStatusCode.OK, Constants.OTP_GENERATED_ALREADY);//Ok(Constants.OTP_GENERATED_ALREADY);
                 }
                 else
                 {
                     string otpCode = AuthorizationUtilities.GenerateOTPCode();
                     user.OTPGeneratedAt = DateTimeOffset.UtcNow;
                     AuthorizationUtilities.SendOTPForPwdReset(user.Email, otpCode);
                     user.OTPCode    = otpCode;
                     user.ModifiedBy = request.Email;
                     //    user.UpdatedAt = DateTimeOffset.UtcNow;
                     _context.SaveChanges();
                     return(Ok(HttpUtilities.CustomResp(ErrorCodes.OTP_GENERATED.ToString())));
                 }
             }
             //user doesn't exists
             return(BadRequest(ErrorCodes.INVALID_USER.ToString()));//BadRequest(Constants.INVALID_USER);
         }
         else
         {
             //Empty Email ID
             return(BadRequest(ErrorCodes.EMPTY_USER_ID.ToString()));//HttpUtilities.FrameHTTPResp(HttpStatusCode.BadRequest, Constants.EMPTY_USER_ID);//BadRequest(Constants.EMPTY_USER_ID);
         }
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));//HttpUtilities.FrameHTTPResp(HttpStatusCode.BadRequest,ex.Message);   //InternalServerError(ex);
     }
 }
Beispiel #7
0
        public IHttpActionResult ForgotPassword(ActivationRequest request)
        {
            try
            {
                var user = DbUtilities.GetUserByEmail(request.Email);
                if (user != null)
                {
                    string validStatus = ValidationUtilities.ValidateForActivation(request, user, true);
                    if (validStatus == Constants.SUCCESS_MSG)
                    {
                        User account = _context.Users.Where(a => a.Email == request.Email).SingleOrDefault();
                        //if (IsPasswordCorrect(request.Password, account))
                        //    return BadRequest(ErrorCodes.PASSWORD_ALREADY_USED.ToString());
                        byte[] pwdhash = AuthorizationUtilities.hash(request.Password, account.Salt);

                        //  account.UpdatedAt = DateTime.UtcNow;
                        account.ModifiedBy  = request.Email;
                        account.IsActivated = true;
                        account.OTPCode     = "";

                        //add the new password to the database
                        account.Password     = pwdhash;
                        account.PwdStartDate = DateTimeOffset.UtcNow;
                        account.IsLocked     = false;
                        _context.SaveChanges();
                        return(Ok(HttpUtilities.CustomResp(ErrorCodes.PWD_UPDATED.ToString())));
                    }
                    else
                    {
                        return(BadRequest(validStatus));
                    }
                }
                else
                {
                    //user doesn't exists
                    return(BadRequest(ErrorCodes.INVALID_USER.ToString()));
                }
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError(ex));
            }
        }
Beispiel #8
0
        /// <summary>
        /// Checks for the user authorization
        /// </summary>
        /// <param name="actionContext"></param>
        /// <returns></returns>
        protected override bool IsAuthorized(HttpActionContext actionContext)
        {
            try
            {
                // return true;
                //traceWriter = actionContext.ControllerContext.Configuration.Services.GetTraceWriter();
                //traceWriter.Info("Custom Authorization started");

                using (var dbContext = new LGSE_APIContext())
                {
                    authManager = new AuthorizationManager(dbContext);
                    string userEmail = HttpUtilities.GetUserNameFromToken(actionContext.Request);
                    // Abhijeet - 30-10-2018 -Added role id
                    string userRole = HttpUtilities.GetUserRoleAccessApi(actionContext.Request);



                    if (authManager.IsUserExists(userEmail))
                    {
                        return(authManager.AuthorizeUser(userEmail, userRole,
                                                         HttpUtilities.GetRequestToken(actionContext.Request), Module, OperationType));
                    }
                    else
                    {
                        HandleUnauthenticatedRequests(actionContext, "User Doesnt Exist");
                        return(false);
                    }
                }
            }
            catch (UnauthorizedAccessException ex)
            {
                HandleUnauthorizedRequests(actionContext, ex.Message);
                return(true);
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                //  traceWriter.Error(ex, actionContext.Request,"CustomAuthorizeError");
                //this.Configuration.Services.GetTraceWriter()
                //log error message
                //throw ex;
                return(false);
            }
        }
Beispiel #9
0
 public IHttpActionResult ChangePassword(ChangePasswordRequest request)
 {
     try
     {
         //get user details from request _context
         User account = GetLoggedInUser();
         if (account != null)
         {
             //compare old password with the one saved in Db
             if (IsPasswordCorrect(request.OldPassword))
             {
                 if (IsPasswordCorrect(request.NewPassword))
                 {
                     return(BadRequest(ErrorCodes.PASSWORD_ALREADY_USED.ToString()));
                 }
                 byte[] pwdhash = AuthorizationUtilities.hash(request.NewPassword, account.Salt);
                 //     account.UpdatedAt = DateTime.UtcNow;
                 account.ModifiedBy   = account.Email;
                 account.Password     = pwdhash;
                 account.PwdStartDate = DateTimeOffset.UtcNow;
                 // _context.Entry(account).State = System.Data.Entity.EntityState.Modified;
                 _context.SaveChanges();
                 return(Ok(HttpUtilities.CustomResp(ErrorCodes.PWD_CHANGED.ToString())));
             }
             else
             {
                 return(BadRequest(ErrorCodes.OLD_PWD_NOTMATCHED.ToString()));
             }
         }
         else
         {
             return(BadRequest(ErrorCodes.INVALID_USER.ToString()));
         }
         //return Ok();
     }
     catch (Exception ex)
     {
         //Services.Log.Error(ex);
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }
Beispiel #10
0
        public IHttpActionResult Logout()
        {
            try
            {
                string userRole = HttpUtilities.GetUserRoleAccessApi(this.Request);
                string token    = HttpUtilities.GetRequestToken(this.Request);
                var    user     = GetLoggedInUser();

                UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == userRole && i.UserId == user.Id);
                if (userRoleMap == null)
                {
                    return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
                }
                else
                {
                    userRoleMap.IsPreferredRole = false;
                    //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
                    //if (existingRoles != null)
                    //{
                    //    existingRoles.IsPreferredRole = false;
                    //}
                    //remove existing preference.
                    _context.SaveChanges();
                    //return Ok();
                }
                UserRoleMap userRoleMapIsAvailable = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.IsPreferredRole == true);
                if (userRoleMapIsAvailable == null)
                {
                    user.IsLoggedIn = false;
                    //   user.UpdatedAt = DateTimeOffset.UtcNow;
                    _context.SaveChanges();
                }
                DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGOUT, this.Request, userRole, token);
                return(Ok());
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError());
            }
        }
Beispiel #11
0
        public IHttpActionResult UpdatePreferredRole(PreferredRoleRequest req)
        {
            try
            {
                User   user  = GetLoggedInUser();
                string token = HttpUtilities.GetRequestToken(this.Request);
                if (user == null)
                {
                    return(BadRequest(ErrorCodes.USER_DOES_NOT_EXISTS.ToString()));
                }
                Role role = _context.Roles.FirstOrDefault(i => i.Id == req.RoleId);
                if (role == null)
                {
                    return(BadRequest(ErrorCodes.ROLE_DOES_NOT_EXISTS.ToString()));
                }
                UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == req.RoleId && i.UserId == user.Id);
                if (userRoleMap == null)
                {
                    return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
                }
                else
                {
                    userRoleMap.IsPreferredRole = true;
                    //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
                    //if (existingRoles != null)
                    //{
                    //    existingRoles.IsPreferredRole = false;
                    //}
                    //remove existing preference.
                    _context.SaveChanges();
                    DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request, req.RoleId, token);

                    return(Ok());
                }
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError(ex));
            }
        }
Beispiel #12
0
        public async Task <IHttpActionResult> PostDomain(DomainRequest item)
        {
            // Mapper.Reset();
            try
            {
                ValidationUtilities.ValidateDomain(item);
                string currentUserEmail = HttpUtilities.GetUserNameFromToken(this.Request);
                Mapper.Initialize(cfg => cfg.CreateMap <DomainRequest, Domain>().ForMember(i => i.CreatedBy,
                                                                                           j => j.UseValue(currentUserEmail)));
                var domain = Mapper.Map <DomainRequest, Domain>(item);
                domain.Id = Guid.NewGuid().ToString();
                Domain current = await InsertAsync(domain);

                return(CreatedAtRoute("Tables", new { id = current.Id }, current));
            }
            catch (HttpResponseException ex)
            {
                LGSELogger.Error(ex);
                throw ex;
            }
        }
Beispiel #13
0
 // PATCH tables/Domain/48D68C86-6EA6-4C25-AA33-223FC9A27959
 public Task <Domain> PatchDomain(string id, Delta <DomainRequest> patch)
 {
     try
     {
         // patch Mappers does not work for Patch.Itws a limitation.
         ValidationUtilities.ValidateEditDomainRequest(patch.GetEntity(), patch.GetChangedPropertyNames().ToList());
         string         currentUserEmail = HttpUtilities.GetUserNameFromToken(this.Request);
         Delta <Domain> deltaDest        = new Delta <Domain>();
         //Domain dbObject = context.Domains.FirstOrDefault(a => a.Id == id);
         //Mapper.Initialize(cfg => cfg.CreateMap<DomainRequest, Domain>()
         // .ForMember(i => i.ModifiedBy, j => j.UseValue(currentUserEmail))
         // .ForMember(i => i.UpdatedAt, j => j.UseValue(DateTimeOffset.UtcNow))
         //);
         //var domainMap = Mapper.Map<DomainRequest, Domain>(patch.GetEntity(), dbObject);
         //deltaDest.Put(domainMap);
         //patch.
         foreach (var item in patch.GetChangedPropertyNames())
         {
             object result;
             patch.TryGetPropertyValue(item, out result);
             bool bResult;
             if (bool.TryParse(result.ToString(), out bResult))
             {
                 deltaDest.TrySetPropertyValue(item, bResult);
             }
             else
             {
                 deltaDest.TrySetPropertyValue(item, result);
             }
         }
         deltaDest.TrySetPropertyValue("ModifiedBy", currentUserEmail);
         deltaDest.TrySetPropertyValue("UpdatedAt", DateTimeOffset.UtcNow);
         return(UpdateAsync(id, deltaDest));
     }
     catch (HttpResponseException ex)
     {
         LGSELogger.Error(ex);
         throw ex;
     }
 }
Beispiel #14
0
        public IHttpActionResult ActivateUser(ActivationRequest request)
        {
            try
            {
                var dbUser = DbUtilities.GetUserByEmail(request.Email);
                if (dbUser != null)
                {
                    string validStatus = DbUtilities.ValidateForActivation(request, dbUser, false);
                    if (validStatus == Constants.SUCCESS_MSG)
                    {
                        //Need to get Oorg id based on domain
                        byte[] salt = AuthorizationUtilities.generateSalt();

                        User account = _context.Users.SingleOrDefault(a => a.Email == request.Email);
                        //    account.UpdatedAt = DateTime.UtcNow;
                        account.ModifiedBy  = request.Email;
                        account.Salt        = salt;
                        account.Password    = AuthorizationUtilities.hash(request.Password, salt);
                        account.IsActivated = true;
                        account.OTPCode     = "";
                        _context.SaveChanges();
                        return(Ok(HttpUtilities.CustomResp(ErrorCodes.USER_ACTIVATED.ToString())));
                    }
                    else
                    {
                        return(BadRequest(validStatus));
                    }
                }
                else
                {
                    return(BadRequest(ErrorCodes.INVALID_USER.ToString()));
                }
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError(ex));
            }
        }
Beispiel #15
0
 public IHttpActionResult SignUp(RegisterRequest request)
 {
     try
     {
         string errorMessage = ValidationUtilities.ValidateUserDetails(request);
         var    domainObj    = DbUtilities.GetDomainDetails(request.Email);
         if (errorMessage.Equals(string.Empty))
         {
             string otpCode = AuthorizationUtilities.GenerateOTPCode();
             DbUtilities.SaveTheUser(request, otpCode, domainObj, request.Email, true);
             AuthorizationUtilities.SendOTPtoUser(request.Email, otpCode);
             return(Ok(HttpUtilities.CustomResp(ErrorCodes.USER_REGISTERED.ToString())));
         }
         else
         {
             return(BadRequest(errorMessage));
         }
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }
Beispiel #16
0
 /// <summary>
 /// Return internal server exceptions for table controllers.
 /// </summary>
 /// <param name="ex"></param>
 /// <param name="request"></param>
 public static void ServerError(Exception ex, HttpRequestMessage request)
 {
     LGSELogger.Error(ex);
     throw new HttpResponseException(request.CreateErrorResponse(HttpStatusCode.InternalServerError, "System exception has occurred. Please contact administrator.", ex));
 }
Beispiel #17
0
 public IHttpActionResult Login(LoginRequest request)
 {
     try
     {
         User account = _context.Users.Where(a => a.Email == request.Email).SingleOrDefault();
         ValidationUtilities.ValidateUserForLogin(request, account);
         if (account != null)
         {
             if (account.IsActiveUser == false)
             {
                 return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString()));
                 //var response = HttpUtilities.FrameHTTPResp(System.Net.HttpStatusCode.BadRequest, ErrorCodes.USER_DEACTIVATED_BY_ADMIN);
                 // throw new HttpResponseException(response);
             }
             if (account.IsActivated == false)
             {
                 return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
             }
             if (!account.IsLocked)
             {
                 byte[] incoming = AuthorizationUtilities.hash(request.Password, account.Salt);
                 if (Utilities.Utilities.slowEquals(incoming, account.Password))
                 {
                     if (account.IsActivated)
                     {
                         //Audit Trial Entry.
                         //DbUtilities.AuditTrialEntry(account, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request);
                         //Creating a Token
                         ClaimsIdentity claimsIdentity = new ClaimsIdentity();
                         claimsIdentity.AddClaim(new Claim(Constants.STR_FIRSTNAME, account.FirstName));
                         claimsIdentity.AddClaim(new Claim(Constants.STR_LASTNAME, account.LastName));
                         claimsIdentity.AddClaim(new Claim(ClaimTypes.Email, request.Email));
                         claimsIdentity.AddClaim(new Claim(JwtRegisteredClaimNames.Sub, request.Email));
                         claimsIdentity.AddClaim(new Claim("UserId", account.Id));
                         List <Role> roles = (from userMaps in _context.UserRoleMaps.ToList()
                                              join rol in _context.Roles.ToList() on userMaps.RoleId equals rol.Id
                                              where userMaps.UserId == account.Id && userMaps.Deleted == false
                                              select rol).ToList();
                         if (roles != null && roles.Count > 0)
                         {
                             foreach (var item in roles)
                             {
                                 claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName));
                                 //claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName + "|" + item.Id));
                             }
                         }
                         // Update user details:
                         UpdateUserDetailsInLogin(account);
                         JwtSecurityToken token = AuthorizationUtilities.GetAuthenticationTokenForUser(request.Email, claimsIdentity.Claims.ToArray());
                         return(Ok(new
                         {
                             Token = token.RawData,
                             Username = request.Email,
                             UserId = account.Id
                         }));
                     }
                     else
                     {
                         return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
                     }
                 }
                 else
                 {
                     //Audit Trial Entry.
                     DbUtilities.AuditTrialEntry(account, AuditTrialStatus.FAILURE, AuditTrialOpType.LOGIN, this.Request);
                     // return Unauthorized();
                     return(BadRequest(ErrorCodes.PASSWORD_NOTMATCHED.ToString()));
                 }
             }
             else
             {
                 return(BadRequest(ErrorCodes.ACCOUNT_LOCKED.ToString()));
             }
         }
         return(Unauthorized());
     }
     catch (HttpResponseException ex)
     {
         throw ex;
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }