public override void OnActionExecuting(HttpActionContext actionContext)
{
SaaSResponse objResponseXML = new SaaSResponse();
bool isAuthenticated = IsAuthenticated(actionContext);
if (!isAuthenticated)
{
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
actionContext.Response = response;
}
else
{
SaaSLogin objLoginDTO = new SaaSLogin();
LoginService objLoginBL = new LoginService();
string hMACDetails = FormBufferToString();
string user = string.Empty, sharedkey = string.Empty, url = string.Empty;
string strHmacString = string.Empty;
HMACDetails objHMACDetails = new HMACDetails();
objHMACDetails = Newtonsoft.Json.JsonConvert.DeserializeObject <HMACDetails>(hMACDetails);
if (!string.IsNullOrEmpty(objHMACDetails.user))
{
objLoginDTO.UserName = objHMACDetails.user;
}
if (!string.IsNullOrEmpty(objHMACDetails.password))
{
objLoginDTO.Password = objHMACDetails.password;
}
bool IsValidUser = objLoginBL.ChkForLoginUserValidated(objLoginDTO);
if (!IsValidUser)
{
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
actionContext.Response = response;
}
}
}
public SaaSResponse AuthenticateUser(string uname, string pin)
{
bool IsValidUser = false;
SaaSLogin objLoginDTO = new SaaSLogin();
SaaSResponse objResponseXML = new SaaSResponse();
try
{
if (!string.IsNullOrEmpty(uname))
{
objLoginDTO.UserName = uname;
}
if (!string.IsNullOrEmpty(pin))
{
objLoginDTO.Password = pin;
}
LoginService objLoginBL = new LoginService();
IsValidUser = objLoginBL.ChkForLoginUserValidated(objLoginDTO);
//objResponseXML.CrosscareData.Result = objLoginDTO.ToString();
objResponseXML._saasData = Common.GetXMLFromObject <SaaSLogin>(objLoginDTO);
}
catch
{
objResponseXML._fault = HttpStatusCode.Unauthorized.ToString();
// throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
return(objResponseXML);
//return new HttpResponseMessage() { Content = new StringContent(, Encoding.UTF8, "application/xml") };
}
/// <summary>
/// Function for Getting Login User Details by UserID
/// </summary>
/// <param name="userID">int</param>
/// <returns>UserDTO</returns>
public SaaSLogin GetUserDetails(int userID)
{
SaaSLogin objUserDTO = new SaaSLogin();
//Check for Passing Argument
if (userID <= 0)
{
throw new Exception("Invalid Argument");
}
using (HackSaaSEntities Context = new HackSaaSEntities())
{
try
{
var user = Context.UserInfo.Where(x => x.UserID == userID).FirstOrDefault();
if (user == null || user.UserID <= 0)
{
throw new Exception("User does not Exists.");
}
//Converting User Entity to UserDTO
objUserDTO = ConvertUserEntitytoUserDTO(user);
}
catch
{
throw new Exception("Error on Getting User Details,Try again later");
}
}
return(objUserDTO);
}
//Method to convert Table User Entity to UserDTO
public SaaSLogin ConvertUserEntitytoUserDTO(UserInfo objUser)
{
SaaSLogin objUserDTO = new SaaSLogin();
objUserDTO.UserID = objUser.UserID;
objUserDTO.FullName = objUser.FullName;
objUserDTO.CreatedDtm = objUser.RegisteredDate;
objUserDTO.UpdatedDtm = objUser.AmendedOn;
objUserDTO.Email = objUser.Email;
return(objUserDTO);
}
/// <summary>
/// Function for checking Login User Credentials is valid or not
/// </summary>
/// <param name="loginDTO">LoginDTO</param>
/// <returns>bool</returns>
public bool ChkForLoginUserValidated(SaaSLogin loginDTO)
{
bool isValidUser = false;
//Check for Passing Argument
if (string.IsNullOrEmpty(loginDTO.UserName) || string.IsNullOrEmpty(loginDTO.Password))
{
throw new Exception("Invalid Argument");
}
using (HackSaaSEntities Context = new HackSaaSEntities())
{
try
{
var login = Context.UserInfo.Where(x => x.UserName == loginDTO.UserName && x.Password == loginDTO.Password).FirstOrDefault();
if (login == null || login.UserID <= 0)
{
throw new Exception("User is Not Valid");
}
//'login.Status = (int)CrossCarePatientPortalPOCDAL.Enum.LoginStatus.AlreadyLogin;
//'HttpContext.Current.Session["PatientID"] = loginDTO.UserID;
//'login.SessionID = HttpContext.Current.Session.SessionID;
//Context.SaveChanges();
//'loginDTO.loginStatus = SaaSDTO.SaaSLogin.LoginStatus.AlreadyLogin;
//loginDTO.Login = true;
//'loginDTO.SessionId = login.SessionID;
//loginDTO.UserID = login.UserID;
isValidUser = true;
}
catch (Exception ex)
{
throw new Exception("Error on Check Valid User,Try again later");
}
}
return(isValidUser);
}
