public HttpResponseMessage Login(ProductsApp.Models.Accounts.Login param)
{
try
{
string Token = string.Empty;
AccountsServices accService = new AccountsServices();
string result = accService.Login(param, out Token);
List<string> li = new List<string>();
li.Add(Token);
li.Add(result);
if (string.IsNullOrEmpty(Token))
{
return Request.CreateResponse(HttpStatusCode.Unauthorized, li);
}
if (result == "Login Successfull")
{
return Request.CreateResponse(HttpStatusCode.OK, li);
}
return Request.CreateResponse(HttpStatusCode.InternalServerError, new List<string>() { "", "Error" });
}
catch (Exception ex)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError, new List<string>() { "", "Api error!! Sorry!!" });
}
}
public string Login(ProductsApp.Models.Accounts.Login param, out string Token)
{
try
{
Token = string.Empty;
if (string.IsNullOrWhiteSpace(param.Username) || string.IsNullOrWhiteSpace(param.Password))
{
return "Username or password can't be blank";
}
string getUsernameSqlQuery = string.Empty;
string result = string.Empty;
string username = param.Username.Trim();
//string email = param.Email.Trim();
string password = param.Password.Trim();
#region//unauthorized access check
string url = ConfigurationManager.AppSettings["hostUrl"] + "projects.json";
try
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Credentials = new NetworkCredential(username, password);
HttpWebResponse response;
response = (HttpWebResponse)request.GetResponse();
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
return "Un-Authorized Access!!Check Id or Password";
}
}
catch (WebException we)
{
try
{
if (we.Status == WebExceptionStatus.ProtocolError)
{
var response = we.Response as HttpWebResponse;
if (response != null)
{
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
return "Un-Authorized Access!!Check Id or Password";
}
}
else
{
Logger.Debug("AccountsServices.Login " + we.ToString());
// no http status code available
}
}
else
{
Logger.Debug("AccountsServices.Login " + we.ToString());
// no http status code available
}
}
catch (Exception exe)
{
Logger.Error("AccountsServices.Login " + exe.ToString());
}
}
#endregion
SqlParameter[] sqlParam = new SqlParameter[1];
sqlParam[0] = new SqlParameter("@Username", System.Data.SqlDbType.VarChar);
sqlParam[0].Value = username;
getUsernameSqlQuery = "Select [RedmineUserId] from [dbo].[Users] where [Username] = @Username and [Active] = 1";
DataTable dt = new DataTable();
string redmineUserIdDB = dc.GetSingleCell(getUsernameSqlQuery, sqlParam);
if (!string.IsNullOrWhiteSpace(redmineUserIdDB))
{
string randomToken = Encryption.RandomStringGenerator();
string setTokenQuery = "Update [dbo].[Users] set [Token]=@Token where [RedmineUserId] = @RedmineUserId";
sqlParam = new SqlParameter[2];
sqlParam[0] = new SqlParameter("@Token", System.Data.SqlDbType.VarChar);
sqlParam[0].Value = randomToken;
sqlParam[1] = new SqlParameter("@RedmineUserId", System.Data.SqlDbType.VarChar);
sqlParam[1].Value = redmineUserIdDB;
if (dc.InsertUpdateDelete(setTokenQuery, sqlParam))
{
Token = Encryption.Encrypt(randomToken);
result = "Login Successfull";
}
else
result = "Server Error";
}
else
return "Sorry!! User Not Authorized To View Campaigns";
return result;
}
catch (Exception ex)
{
Logger.Error("AccountsServices.Login Exception: " + ex.ToString());
Token = string.Empty;
return "Sorry!! Api exception occured. Please check logs";
}
}
