public HttpResponseMessage LogExperienceEvent(string hsId, [FromBody] ExperienceLogRequest eventLogRequest)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (eventLogRequest.EmployerId > 0)
{
AppendClientVersion(eventLogRequest);
using (GetEmployerConnString gecs = new GetEmployerConnString(eventLogRequest.EmployerId))
{
using (InsertExperienceLog iel = new InsertExperienceLog())
{
iel.ExperienceEventId = eventLogRequest.EventId;
iel.ExperienceEventDesc = eventLogRequest.EventName;
if (Request.CCHID() > 0)
{
iel.CCHID = Request.CCHID();
}
if (eventLogRequest.CchId > 0)
{
iel.CCHID = eventLogRequest.CchId;
}
if (!string.IsNullOrEmpty(eventLogRequest.ContentId))
{
int contentId = eventLogRequest.ContentId.GetContentId();
if (contentId > 0)
{
iel.ContentId = contentId;
}
else
{
iel.ContentId = int.Parse(eventLogRequest.ContentId);
}
}
iel.ExperienceUserId = eventLogRequest.ExperienceUserId;
iel.Comment = eventLogRequest.LogComment;
iel.DeviceId = eventLogRequest.DeviceId;
iel.ClientVersion = eventLogRequest.ClientVersion;
iel.PostData(gecs.ConnString);
if (iel.PostReturn == 1)
{
hrm = Request.CreateResponse(HttpStatusCode.OK);
}
else
{
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent,
"Insert Experience Event Procedure Failed.");
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetVideoMemberData(string hsId, int employerId, string videoMemberId)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (employerId > 0)
{
using (var gecs = new GetEmployerConnString(employerId))
{
using (var gvcmd = new GetVideoCampaignMemberData())
{
gvcmd.VideoCampaignFileId = videoMemberId;
gvcmd.GetData(gecs.ConnString);
if (!gvcmd.HasThrownError)
{
string videoMemberData = gvcmd.VideoMemberData;
hrm = new HttpResponseMessage(HttpStatusCode.OK)
{
RequestMessage = Request,
Content = new StringContent(videoMemberData)
};
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetVideoCampaign(string hsId, int employerId, int campaignId)
{
dynamic data = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (employerId > 0)
{
using (var gecs = new GetEmployerConnString(employerId))
{
using (var gvc = new GetVideoCampaign())
{
gvc.VideoCampaignId = campaignId;
gvc.GetData(gecs.ConnString);
if (!gvc.HasThrownError)
{
data.VideoCampaignId = campaignId;
data.VideoDefinitionId = gvc.VideoDefinitionId.ToUpper();
data.IntroVideoDefinitionId = gvc.IntroVideoDefinitionId.ToUpper();
data.IsVideoCampaignActive = gvc.IsVideoCampaignActive;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetVideoFilesList(string hsId, int employerId, int campaignId)
{
dynamic data = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (employerId > 0)
{
using (var gecs = new GetEmployerConnString(employerId))
{
using (var gvcfi = new GetVideoCampaignFileIds())
{
gvcfi.CampaignId = campaignId;
gvcfi.GetData(gecs.ConnString);
if (!gvcfi.HasThrownError)
{
data.ListOfVideoIds = gvcfi.Results;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage Register1(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
{
dynamic eo = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized"));
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found"));
if (RegDateOfBirth.IsMatch(hsRequest.DateOfBirth))
{
using (var gefae = new GetEnrollmentsForAllEmployers()) {
hsRequest.LastFourSsn = hsRequest.LastFourSsn.Trim().Length > 4
? hsRequest.LastFourSsn.Substring(hsRequest.LastFourSsn.Length - 4, 4)
: hsRequest.LastFourSsn;
gefae.LastName = hsRequest.LastName;
gefae.LastFour = hsRequest.LastFourSsn;
//DateTime birthDate = DateTime.Parse(hsRequest.DateOfBirth);
//gefae.DateOfBirth = string.Format("{0}-{1}-{2}", birthDate.Year, birthDate.Month, birthDate.Day);
gefae.DateOfBirth = hsRequest.DateOfBirth;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 &&
gefae.Tables[0].Rows.Count > 0)
{
DataRow dr = gefae.Tables[0].Rows[0];
int cchid = dr.GetData <int>("CCHID");
int employerId = dr.GetData <int>("employerid");
string connString = dr.GetData("connectionstring");
//UserAccess Check dstrickland 7/8/2015
using (var cpaa = new CheckPersonApplicationAccess(cchid, connString)) {
if (!cpaa.HasAccess)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));
e.Add("UserID", hsId);
((IDictionary <string, object>)eo)["AuthHash"] = e.ToString();
hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));
//LogUserLoginHistory(null, cchid, connString);
}
}
}
}
return(hrm);
}
/// <summary>
/// Returns an object containing all configuration values.
/// </summary>
/// <param name="employerId"></param>
/// <param name="hsId"></param>
/// <returns></returns>
/// <remarks>
/// It currently returns only minimum secret answer length. ClearCost.Data will need to
/// be updated to return all of the client configuration values. Updating ClearCost.Data
/// broke several things last time. As new configuration values are created, the Settings
/// class should be updated so that all configuration values are returned in a single request.
/// </remarks>
public HttpResponseMessage GetConfigurationValues(int employerId, string handshakeId)
{
var hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Client Handshake is Not Authorized"));
if (ValidateConsumer.IsValidConsumer(handshakeId))
{
var settings = new Models.Settings();
settings.Security.MinimumSecurityAnswerLength = SecurityConfiguration.Settings.MinimumSecretAnswerLength;
hrm = Request.CreateResponse(HttpStatusCode.OK, settings);
}
return(hrm);
}
public HttpResponseMessage GetMemberAuthorization(int employerId, int cchId, String hsId)
{
dynamic eo = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Client Handshake is Not Authorized"));
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Member with CCH ID was Not Found"));
using (GetEmployerConnString gecs = new GetEmployerConnString(employerId)) {
//UserAccess Check dstrickland 7/8/2015
using (var cpaa = new CheckPersonApplicationAccess(cchId, gecs.ConnString)) {
if (!cpaa.HasAccess)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
using (GetKeyEmployeeInfoByCchId gkeibc = new GetKeyEmployeeInfoByCchId()) {
gkeibc.CchId = cchId;
gkeibc.GetData(gecs.ConnString);
if (gkeibc.Tables.Count > 0 && gkeibc.Tables[0].Rows.Count > 0)
{
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("CCHID", cchId.ToString());
e.Add("EmployerID", employerId.ToString());
e.Add("UserID", hsId);
((IDictionary <string, object>)eo)["AuthHash"] = e.ToString();
hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));
//InsertAuditTrail(cchId, hsId,
// "Animation CCHID Login", Request.RequestUri.Host, gecs.ConnString);
string userName = gkeibc.Tables[0].Rows[0].GetData("Email");
//LogUserLoginHistory(userName, cchId, gecs.ConnString);
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetConfigurationValue(int employerId, string hsId, [FromUri] string configKey)
{
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Client Handshake is Not Authorized"));
if (ValidateConsumer.IsValidConsumer(hsId))
{
var configValue = ClientSettingCache.Settings(employerId)
.FirstOrDefault(s => s.Key.Equals(configKey));
dynamic data = new ExpandoObject();
data.Results = configValue;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
return(hrm);
}
public HttpResponseMessage GetEmployerNotificationsLocale(string hsId, string localeCode, int employerId, int pageSize,
string baseContentId)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateResponse(HttpStatusCode.NoContent);
dynamic data = new ExpandoObject();
using (GetEmployerConnString gecs = new GetEmployerConnString(employerId))
{
if (!string.IsNullOrEmpty(gecs.ConnString))
{
using (GetAnonymousContent gac = new GetAnonymousContent())
{
gac.LocaleCode = localeCode;
if (pageSize > 0)
{
gac.PagesSize = pageSize;
}
if (!string.IsNullOrEmpty(baseContentId))
{
int campaignId = baseContentId.GetCampaignId();
int contentId = baseContentId.GetContentId();
if (campaignId == 0 && contentId > 0)
{
gac.BaseContentId = contentId;
}
}
gac.GetData(gecs.ConnString);
data.Results = gac.Results;
data.TotalCount = gac.TotalCount;
}
if (data.TotalCount > 0)
{
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
}
}
}
return(hrm);
}
public HttpResponseMessage LogInitialExperience(string hsId, [FromBody] ExperienceLogRequest eventLogRequest)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (eventLogRequest.EmployerId > 0)
{
AppendClientVersion(eventLogRequest);
using (GetEmployerConnString gecs = new GetEmployerConnString(eventLogRequest.EmployerId))
{
try
{
using (InsertExperienceLog iel = new InsertExperienceLog())
{
ExperienceLogResponse elr = new ExperienceLogResponse
{
ExperienceUserId = Guid.NewGuid().ToString()
};
iel.ExperienceEventId = eventLogRequest.EventId;
iel.ExperienceEventDesc = eventLogRequest.EventName;
iel.ExperienceUserId = elr.ExperienceUserId;
iel.Comment = eventLogRequest.LogComment;
iel.DeviceId = eventLogRequest.DeviceId;
iel.ClientVersion = eventLogRequest.ClientVersion;
iel.PostData(gecs.ConnString);
hrm = Request.CreateResponse(HttpStatusCode.OK, elr);
}
}
catch (Exception exc)
{
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, String.Format("Insert Experience Event Procedure Failed: {0}", exc.Message));
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetCampaignMemberInfo(string hsId, int employerId, string campaignMemberId)
{
dynamic data = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (employerId > 0)
{
using (var gecs = new GetEmployerConnString(employerId))
{
using (var gvcmi = new GetVideoCampaignMemberInfo())
{
gvcmi.VideoCampaignMemberId = campaignMemberId;
gvcmi.GetData(gecs.ConnString);
if (!gvcmi.HasThrownError)
{
data.DateOfBirth = gvcmi.DateOfBirth;
data.IntroVideoDefinitionId = gvcmi.IntroVideoDefinitionId.ToUpper();
data.IntroVideoDefinitionName = gvcmi.IntroVideoDefinitionName;
data.IsVideoCampaignActive = gvcmi.IsVideoCampaignActive;
data.LastName = gvcmi.LastName;
data.MemberSsn = gvcmi.MemberSsn;
data.VideoCampaignFileId = gvcmi.VideoCampaignFileId.ToUpper();
data.VideoCampaignId = gvcmi.VideoCampaignId;
data.VideoDefinitionName = gvcmi.VideoDefinitionName;
data.CchEmployerLink = gvcmi.CchEmployerLink;
data.EmployerBenefitsLink = gvcmi.EmployerBenefitsLink;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage PushPromptStatus(int employerId, string hsId, string deviceId)
{
dynamic data = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Client Handshake is Not Authorized"));
if (ValidateConsumer.IsValidConsumer(hsId))
{
using (GetEmployerConnString gecs = new GetEmployerConnString(employerId))
{
using (GetDevicePushPromptStatus gdpps = new GetDevicePushPromptStatus())
{
gdpps.DeviceId = deviceId;
gdpps.GetData(gecs.ConnString);
data.PromptStatus = gdpps.PromptStatus ? "1" : "0";
}
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
}
return(hrm);
}
public HttpResponseMessage LogAnEvent(string hsId, [FromBody] VideoEventLog eventLog)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(
HttpStatusCode.NoContent, "Unexpected Error");
if (eventLog.EmployerId > 0)
{
using (GetEmployerConnString gecs = new GetEmployerConnString(eventLog.EmployerId))
{
using (LogVideoEvent lve = new LogVideoEvent())
{
lve.VideoCampaignMemberId = eventLog.VideoCampaignMemberId;
lve.VideoLogEvent = eventLog.VideoLogEvent;
lve.VideoLogEventId = eventLog.VideoLogEventId;
lve.Comment = eventLog.Comment;
lve.PostData(gecs.ConnString);
if (lve.PostReturn == 1)
{
hrm = Request.CreateResponse(HttpStatusCode.OK);
}
else
{
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent,
"Log Video Event Procedure Failed.");
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage GetAuthMemberData(String hsId, [FromBody] AuthMemberDataRequest hsRequest)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found"));
using (var gefae = new GetEnrollmentsForAllEmployers())
{
gefae.LastName = hsRequest.LastName;
gefae.LastFour = hsRequest.LastFourSsn;
gefae.DateOfBirth = hsRequest.DateOfBirth;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 &&
gefae.Tables[0].Rows.Count > 0)
{
DataRow dr = gefae.Tables[0].Rows[0];
int cchid = dr.GetData <int>("CCHID");
string cnxString = dr.GetData("ConnectionString");
int employerId = dr.GetData <int>("employerid");
//UserAccess Check dstrickland 7/7/2015
using (var cpaa = new CheckPersonApplicationAccess(cchid, cnxString))
{
if (!cpaa.HasAccess)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));
string authHash = e.ToString();
if (employerId > 0)
{
CreateLoginAudit(hsId,
Request.RequestUri.Host.ToString(CultureInfo.InvariantCulture),
cchid, cnxString);
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("Video Data Not Found"));
using (var gvcmi = new GetVideoCampaignMemberIdByCchId())
{
gvcmi.CampaignId = hsRequest.CampaignId;
gvcmi.CchId = cchid;
gvcmi.GetData(cnxString);
if (!gvcmi.HasThrownError && !string.IsNullOrEmpty(gvcmi.VideoCampaignMemberId))
{
using (var gvcmd = new GetVideoCampaignMemberDataById())
{
gvcmd.VideoCampaignMemberId = gvcmi.VideoCampaignMemberId;
gvcmd.GetData(cnxString);
if (!gvcmd.HasThrownError)
{
string videoMemberData = gvcmd.VideoMemberData;
string resultset =
string.Format("\"AuthHash\":\"{0}\",\"MemberData\":{1}",
authHash, videoMemberData);
resultset = string.Concat("{", resultset, "}");
hrm = new HttpResponseMessage(HttpStatusCode.OK)
{
RequestMessage = Request,
Content = new StringContent(resultset),
StatusCode = HttpStatusCode.OK
};
}
}
}
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage Register2(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
{
dynamic eo = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Client Handshake is Not Authorized"));
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found"));
using (GetEmployerConnString gecs = new GetEmployerConnString(Request.EmployerID())) {
const string employeeQuery =
"SELECT CONVERT(varchar(10), DateOfBirth, 111) AS DateOfBirthText, * FROM Enrollments WHERE CCHID = @CchId";
using (var employeeDb = new DataBase(employeeQuery, true)) {
employeeDb.AddParameter("CchId", Request.CCHID());
employeeDb.GetData(gecs.ConnString);
if (employeeDb.Tables.Count > 0 && employeeDb.Tables[0].Rows.Count > 0)
{
hsRequest.FirstName = employeeDb.Tables[0].Rows[0].GetData("FirstName");
hsRequest.LastName = employeeDb.Tables[0].Rows[0].GetData("LastName");
hsRequest.LastName = hsRequest.LastName.Replace("_", " ");
hsRequest.DateOfBirth = employeeDb.Tables[0].Rows[0].GetData("DateOfBirthText");
hsRequest.LastFourSsn = employeeDb.Tables[0].Rows[0].GetData("MemberSsn");
hsRequest.MedicalId = employeeDb.Tables[0].Rows[0].GetData("MemberMedicalId");
string fullName = string.Format("{0} {1}", hsRequest.FirstName, hsRequest.LastName);
string mobilePhone = hsRequest.MobilePhone;
string alternatePhone = hsRequest.Phone;
eo.UserName = hsRequest.UserName;
eo.DisplayName = fullName;
eo.MobilePhone = mobilePhone;
eo.AlternatePhone = alternatePhone;
using (GetUserContentPreference gucp = new GetUserContentPreference()) {
gucp.CCHID = Request.CCHID();
gucp.GetData(gecs.ConnString);
eo.SmsInd = gucp.SmsInd;
eo.EmailInd = gucp.EmailInd;
eo.OsBasedAlertInd = gucp.OsBasedAlertInd;
eo.LocaleCode = gucp.LocaleCode;
eo.PreferredContact = gucp.ContactPhoneNumber;
}
MembershipCreateStatus status;
if (CreateNewMemberAccount(email: hsRequest.UserName, firstName: hsRequest.FirstName,
lastName: hsRequest.LastName, phone: hsRequest.Phone,
secretQuestionId: hsRequest.SecretQuestionId, secretAnswer: hsRequest.SecretAnswer,
password: hsRequest.Password, mobilePhone: hsRequest.MobilePhone,
cchid: Request.CCHID(), employerId: Request.EmployerID(),
cnxString: gecs.ConnString, status: out status))
{
var membershipUser = Membership.GetUser(hsRequest.UserName);
if (membershipUser != null)
{
if (membershipUser.ProviderUserKey != null)
{
eo.Question = membershipUser.PasswordQuestion;
string aspUserId = membershipUser.ProviderUserKey.ToString();
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("UserID", aspUserId);
e.Add("CCHID", Request.CCHID().ToString());
e.Add("EmployerID", Request.EmployerID().ToString());
e.Add("UserName", hsRequest.UserName);
//((IDictionary<string, object>) eo)["AuthHash"] = e.ToString();
//hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));
eo.AuthHash = e.ToString();
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)eo);
//InsertAuditTrail(Request.CCHID(), aspUserId,
// "Animation Register", Request.RequestUri.Host, gecs.ConnString);
LogUserLoginHistory(hsRequest.UserName, Request.CCHID(), gecs.ConnString);
}
}
}
else
{
switch (status)
{
case MembershipCreateStatus.DuplicateUserName:
hrm = Request.CreateErrorResponse(HttpStatusCode.Conflict,
new Exception("Member Account already exists"));
break;
default:
hrm = Request.CreateErrorResponse(HttpStatusCode.InternalServerError,
new Exception("Error in creating new Member Account"));
break;
}
}
}
}
}
}
return(hrm);
}
public HttpResponseMessage Login(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
{
var hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized"));
var e = new CCHEncrypt();
dynamic data = new ExpandoObject();
if (!ValidateConsumer.IsValidConsumer(hsId))
{
LogUtil.Log(string.Format("Login failed. Inavlid Handshake Id {0}", hsId), LogLevel.Info);
return(hrm);
}
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User Name and Password Do Not Match"));
if (!Membership.ValidateUser(hsRequest.UserName, hsRequest.Password))
{
// This can also happen if the account is locked. Check to see if it is locked
// and return an appropriate error message.
if (IsUserLocked(hsRequest.UserName))
{
LogUtil.Log(string.Format("Login failed for user {0}. Account is locked.",
hsRequest.UserName), LogLevel.Info);
hrm = Request.CreateErrorResponse(HttpStatusCode.Forbidden, new Exception("Account locked"));
}
else
{
LogUtil.Log(string.Format("Login failed for user {0}. Credentials failed membership validation.",
hsRequest.UserName), LogLevel.Info);
}
return(hrm);
}
using (var employerDb = new DataBase(EMPLOYER_QUERY, true)) {
employerDb.AddParameter("Email", hsRequest.UserName);
employerDb.GetFrontEndData();
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("User Profile was Not Found"));
if (employerDb.Tables.Count < 1 || employerDb.Tables[0].Rows.Count < 1)
{
LogUtil.Log(string.Format("Login failed for user {0}. User Profile was not found.",
hsRequest.UserName), LogLevel.Info);
return(hrm);
}
e.Add("EmployerID", employerDb.Tables[0].Rows[0].GetData("employerId"));
using (var gkei = new GetKeyEmployeeInfo()) {
gkei.Email = hsRequest.UserName;
string cnxString = employerDb.Tables[0].Rows[0].GetData("connectionString");
gkei.GetData(cnxString);
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception("Employee Info on User Name was Not Found"));
if (gkei.Tables.Count < 1 || gkei.Tables[0].Rows.Count < 1)
{
LogUtil.Log(string.Format("Login failed for user {0}. Employee Info was not found.",
hsRequest.UserName), LogLevel.Info);
return(hrm);
}
//UserAccess Check dstrickland 7/7/2015
using (var cpaa = new CheckPersonApplicationAccess(gkei.CCHID, cnxString)) {
if (!cpaa.HasAccess)
{
LogUtil.Log(string.Format("Login failed for user {0}. User does not have acces to AppId 2.",
hsRequest.UserName), LogLevel.Info);
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
var firstName = gkei.Tables[0].Rows[0].GetData("FirstName");
var lastName = gkei.Tables[0].Rows[0].GetData("LastName");
var fullName = string.Format("{0} {1}", firstName, lastName);
var mobilePhone = gkei.Tables[0].Rows[0].GetData("MobilePhone");
var alternatePhone = gkei.Tables[0].Rows[0].GetData("Phone");
using (var gucp = new GetUserContentPreference()) {
gucp.CCHID = gkei.CCHID;
gucp.GetData(cnxString);
data.SmsInd = gucp.SmsInd;
data.EmailInd = gucp.EmailInd;
data.OsBasedAlertInd = gucp.OsBasedAlertInd;
data.LocaleCode = gucp.LocaleCode;
data.PreferredContact = gucp.ContactPhoneNumber;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
}
var membershipUser = Membership.GetUser(hsRequest.UserName);
if (membershipUser != null && membershipUser.ProviderUserKey != null)
{
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("UserName", hsRequest.UserName);
e.Add("CCHID", gkei.CCHID.ToString());
string aspUserId = membershipUser.ProviderUserKey.ToString();
e.Add("UserID", aspUserId);
string authHash = e.ToString();
data.AuthHash = authHash;
data.UserName = hsRequest.UserName;
data.DisplayName = fullName;
data.MobilePhone = mobilePhone;
data.AlternatePhone = alternatePhone;
data.Question = membershipUser.PasswordQuestion;
hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
LogUserLoginHistory(hsRequest.UserName, gkei.CCHID, cnxString);
//Load accumulations for all dependents
Task.Run(async() => await LoadEmployeeAndDependentsAccumulationsAsync(
Int32.Parse(employerDb.Tables[0].Rows[0].GetData("employerId")),
Int32.Parse(gkei.CCHID.ToString())));
}
}
}
return(hrm);
}
