public AuthenticationResponse Login(string username, string password)
{
string message = String.Empty;
try
{
string encryptedUsername = EncryptionManager.EncryptString(username,
Veneka.Indigo.Common.Utilities.StaticFields.USE_HASHING_FOR_ENCRYPTION,
Veneka.Indigo.Common.Utilities.StaticFields.EXTERNAL_SECURITY_KEY);
string encryptedpwd = EncryptionManager.EncryptString(password,
Veneka.Indigo.Common.Utilities.StaticFields.USE_HASHING_FOR_ENCRYPTION,
Veneka.Indigo.Common.Utilities.StaticFields.EXTERNAL_SECURITY_KEY);
string workstation = EncryptionManager.EncryptString("APILoginAttempt" + DateTime.Now.ToString(),
Veneka.Indigo.Common.Utilities.StaticFields.USE_HASHING_FOR_ENCRYPTION,
Veneka.Indigo.Common.Utilities.StaticFields.EXTERNAL_SECURITY_KEY);
var responseObj = _userManContoller.LogIn(encryptedUsername, encryptedpwd, workstation);
if (responseObj.ResponseType == ResponseType.SUCCESSFUL)
{
string SessionKey = EncryptionManager.DecryptString(responseObj.Value.encryptedSessionKey,
Veneka.Indigo.Common.Utilities.StaticFields.USE_HASHING_FOR_ENCRYPTION,
Veneka.Indigo.Common.Utilities.StaticFields.EXTERNAL_SECURITY_KEY);
string UserId = EncryptionManager.DecryptString(responseObj.Value.encryptedUserId,
Veneka.Indigo.Common.Utilities.StaticFields.USE_HASHING_FOR_ENCRYPTION,
Veneka.Indigo.Common.Utilities.StaticFields.EXTERNAL_SECURITY_KEY);
var token = BackOfficeAPIController.CreateToken(Guid.NewGuid(), SessionKey, int.Parse(UserId), bll.Action.PrintCard);
return(new AuthenticationResponse()
{
ResponseCode = "00", ResponseMessage = "SUCCESSFUL", AuthToken = token
});
}
}
catch (Exception ex)
{
message = ex.Message;
_log.Error(ex);
}
return(new AuthenticationResponse()
{
ResponseCode = "01", ResponseMessage = "failed", AuthToken = null
});
}
/// <summary>
/// Validate that the session key is not empy and that their is a valid current session.
/// Log's warning if there is an issue.
/// </summary>
/// <param name="sessionKey"></param>
/// <returns></returns>
public SessionObject isValidSession(string encryptedSessionKey, bool isLogin)
{
try
{
if (String.IsNullOrWhiteSpace(encryptedSessionKey))
{
throw new ArgumentException("Session key is null or empty.");
}
//string sessionKey = UtilityClass.DecryptSting(encryptedSessionKey);
string sessionKey = EncryptionManager.DecryptString(encryptedSessionKey,
StaticFields.USE_HASHING_FOR_ENCRYPTION,
StaticFields.EXTERNAL_SECURITY_KEY);
//log.Debug(m => m("Validating session key: " + sessionKey));
if (!String.IsNullOrWhiteSpace(sessionKey))
{
//If this is a valid login attempt return a "valid" session object.
if (sessionKey.StartsWith("IndigoLoginAttempt") && isLogin)
{
return(new SessionObject("login", 0, "login", "login", 0, false));
}
SessionObject sesionObj;
if (_sessions.TryGetValue(sessionKey, out sesionObj))
{
_sessions[sessionKey].LastAccess = DateTime.Now;
return(sesionObj);
}
}
log.Warn("Attempted access with invalid session key.");
log.Debug(m => m("Invalid session key used: " + sessionKey));
}
catch (Exception ex)
{
log.Error(ex);
}
return(null);
}
