Ejemplo n.º 1
0
        public HttpResponseMessage LogExperienceEvent(string hsId, [FromBody] ExperienceLogRequest eventLogRequest)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (eventLogRequest.EmployerId > 0)
                {
                    AppendClientVersion(eventLogRequest);

                    using (GetEmployerConnString gecs = new GetEmployerConnString(eventLogRequest.EmployerId))
                    {
                        using (InsertExperienceLog iel = new InsertExperienceLog())
                        {
                            iel.ExperienceEventId   = eventLogRequest.EventId;
                            iel.ExperienceEventDesc = eventLogRequest.EventName;
                            if (Request.CCHID() > 0)
                            {
                                iel.CCHID = Request.CCHID();
                            }
                            if (eventLogRequest.CchId > 0)
                            {
                                iel.CCHID = eventLogRequest.CchId;
                            }
                            if (!string.IsNullOrEmpty(eventLogRequest.ContentId))
                            {
                                int contentId = eventLogRequest.ContentId.GetContentId();
                                if (contentId > 0)
                                {
                                    iel.ContentId = contentId;
                                }
                                else
                                {
                                    iel.ContentId = int.Parse(eventLogRequest.ContentId);
                                }
                            }
                            iel.ExperienceUserId = eventLogRequest.ExperienceUserId;
                            iel.Comment          = eventLogRequest.LogComment;
                            iel.DeviceId         = eventLogRequest.DeviceId;
                            iel.ClientVersion    = eventLogRequest.ClientVersion;

                            iel.PostData(gecs.ConnString);
                            if (iel.PostReturn == 1)
                            {
                                hrm = Request.CreateResponse(HttpStatusCode.OK);
                            }
                            else
                            {
                                hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent,
                                                                  "Insert Experience Event Procedure Failed.");
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage GetVideoMemberData(string hsId, int employerId, string videoMemberId)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (employerId > 0)
                {
                    using (var gecs = new GetEmployerConnString(employerId))
                    {
                        using (var gvcmd = new GetVideoCampaignMemberData())
                        {
                            gvcmd.VideoCampaignFileId = videoMemberId;
                            gvcmd.GetData(gecs.ConnString);

                            if (!gvcmd.HasThrownError)
                            {
                                string videoMemberData = gvcmd.VideoMemberData;

                                hrm = new HttpResponseMessage(HttpStatusCode.OK)
                                {
                                    RequestMessage = Request,
                                    Content        = new StringContent(videoMemberData)
                                };
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 3
0
        public HttpResponseMessage GetVideoCampaign(string hsId, int employerId, int campaignId)
        {
            dynamic             data = new ExpandoObject();
            HttpResponseMessage hrm  = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (employerId > 0)
                {
                    using (var gecs = new GetEmployerConnString(employerId))
                    {
                        using (var gvc = new GetVideoCampaign())
                        {
                            gvc.VideoCampaignId = campaignId;
                            gvc.GetData(gecs.ConnString);

                            if (!gvc.HasThrownError)
                            {
                                data.VideoCampaignId        = campaignId;
                                data.VideoDefinitionId      = gvc.VideoDefinitionId.ToUpper();
                                data.IntroVideoDefinitionId = gvc.IntroVideoDefinitionId.ToUpper();
                                data.IsVideoCampaignActive  = gvc.IsVideoCampaignActive;
                                hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage GetVideoFilesList(string hsId, int employerId, int campaignId)
        {
            dynamic             data = new ExpandoObject();
            HttpResponseMessage hrm  = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (employerId > 0)
                {
                    using (var gecs = new GetEmployerConnString(employerId))
                    {
                        using (var gvcfi = new GetVideoCampaignFileIds())
                        {
                            gvcfi.CampaignId = campaignId;
                            gvcfi.GetData(gecs.ConnString);

                            if (!gvcfi.HasThrownError)
                            {
                                data.ListOfVideoIds = gvcfi.Results;

                                hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage Register1(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
        {
            dynamic             eo  = new ExpandoObject();
            HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized"));
            var e = new CCHEncrypt();

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found"));

                if (RegDateOfBirth.IsMatch(hsRequest.DateOfBirth))
                {
                    using (var gefae = new GetEnrollmentsForAllEmployers()) {
                        hsRequest.LastFourSsn = hsRequest.LastFourSsn.Trim().Length > 4
                            ? hsRequest.LastFourSsn.Substring(hsRequest.LastFourSsn.Length - 4, 4)
                            : hsRequest.LastFourSsn;

                        gefae.LastName = hsRequest.LastName;
                        gefae.LastFour = hsRequest.LastFourSsn;
                        //DateTime birthDate = DateTime.Parse(hsRequest.DateOfBirth);
                        //gefae.DateOfBirth = string.Format("{0}-{1}-{2}", birthDate.Year, birthDate.Month, birthDate.Day);
                        gefae.DateOfBirth = hsRequest.DateOfBirth;
                        gefae.GetFrontEndData();

                        if (gefae.Tables.Count > 0 &&
                            gefae.Tables[0].Rows.Count > 0)
                        {
                            DataRow dr         = gefae.Tables[0].Rows[0];
                            int     cchid      = dr.GetData <int>("CCHID");
                            int     employerId = dr.GetData <int>("employerid");
                            string  connString = dr.GetData("connectionstring");

                            //UserAccess Check dstrickland 7/8/2015
                            using (var cpaa = new CheckPersonApplicationAccess(cchid, connString)) {
                                if (!cpaa.HasAccess)
                                {
                                    return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                       new Exception(cpaa.ErrorMessage)));
                                }
                            }

                            e.UserKey   = Request.EncryptionKey();
                            e.SecretKey = Properties.Settings.Default.SecretKey;
                            e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
                            e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));
                            e.Add("UserID", hsId);

                            ((IDictionary <string, object>)eo)["AuthHash"] = e.ToString();
                            hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));

                            //LogUserLoginHistory(null, cchid, connString);
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 6
0
        /// <summary>
        /// Returns an object containing all configuration values.
        /// </summary>
        /// <param name="employerId"></param>
        /// <param name="hsId"></param>
        /// <returns></returns>
        /// <remarks>
        /// It currently returns only minimum secret answer length.  ClearCost.Data will need to
        /// be updated to return all of the client configuration values.  Updating ClearCost.Data
        /// broke several things last time.  As new configuration values are created, the Settings
        /// class should be updated so that all configuration values are returned in a single request.
        /// </remarks>
        public HttpResponseMessage GetConfigurationValues(int employerId, string handshakeId)
        {
            var hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                  new Exception("Client Handshake is Not Authorized"));

            if (ValidateConsumer.IsValidConsumer(handshakeId))
            {
                var settings = new Models.Settings();
                settings.Security.MinimumSecurityAnswerLength = SecurityConfiguration.Settings.MinimumSecretAnswerLength;

                hrm = Request.CreateResponse(HttpStatusCode.OK, settings);
            }

            return(hrm);
        }
        public HttpResponseMessage GetMemberAuthorization(int employerId, int cchId, String hsId)
        {
            dynamic             eo  = new ExpandoObject();
            HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                  new Exception("Client Handshake is Not Authorized"));
            var e = new CCHEncrypt();

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                  new Exception("Member with CCH ID was Not Found"));

                using (GetEmployerConnString gecs = new GetEmployerConnString(employerId)) {
                    //UserAccess Check dstrickland 7/8/2015
                    using (var cpaa = new CheckPersonApplicationAccess(cchId, gecs.ConnString)) {
                        if (!cpaa.HasAccess)
                        {
                            return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                               new Exception(cpaa.ErrorMessage)));
                        }
                    }

                    using (GetKeyEmployeeInfoByCchId gkeibc = new GetKeyEmployeeInfoByCchId()) {
                        gkeibc.CchId = cchId;
                        gkeibc.GetData(gecs.ConnString);

                        if (gkeibc.Tables.Count > 0 && gkeibc.Tables[0].Rows.Count > 0)
                        {
                            e.UserKey   = Request.EncryptionKey();
                            e.SecretKey = Properties.Settings.Default.SecretKey;
                            e.Add("CCHID", cchId.ToString());
                            e.Add("EmployerID", employerId.ToString());
                            e.Add("UserID", hsId);

                            ((IDictionary <string, object>)eo)["AuthHash"] = e.ToString();
                            hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));

                            //InsertAuditTrail(cchId, hsId,
                            //    "Animation CCHID Login", Request.RequestUri.Host, gecs.ConnString);

                            string userName = gkeibc.Tables[0].Rows[0].GetData("Email");
                            //LogUserLoginHistory(userName, cchId, gecs.ConnString);
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 8
0
        public HttpResponseMessage GetConfigurationValue(int employerId, string hsId, [FromUri] string configKey)
        {
            HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                  new Exception("Client Handshake is Not Authorized"));

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                var configValue = ClientSettingCache.Settings(employerId)
                                  .FirstOrDefault(s => s.Key.Equals(configKey));

                dynamic data = new ExpandoObject();
                data.Results = configValue;

                hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
            }
            return(hrm);
        }
Ejemplo n.º 9
0
        public HttpResponseMessage GetEmployerNotificationsLocale(string hsId, string localeCode, int employerId, int pageSize,
                                                                  string baseContentId)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateResponse(HttpStatusCode.NoContent);

                dynamic data = new ExpandoObject();
                using (GetEmployerConnString gecs = new GetEmployerConnString(employerId))
                {
                    if (!string.IsNullOrEmpty(gecs.ConnString))
                    {
                        using (GetAnonymousContent gac = new GetAnonymousContent())
                        {
                            gac.LocaleCode = localeCode;
                            if (pageSize > 0)
                            {
                                gac.PagesSize = pageSize;
                            }
                            if (!string.IsNullOrEmpty(baseContentId))
                            {
                                int campaignId = baseContentId.GetCampaignId();
                                int contentId  = baseContentId.GetContentId();

                                if (campaignId == 0 && contentId > 0)
                                {
                                    gac.BaseContentId = contentId;
                                }
                            }
                            gac.GetData(gecs.ConnString);

                            data.Results    = gac.Results;
                            data.TotalCount = gac.TotalCount;
                        }
                        if (data.TotalCount > 0)
                        {
                            hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 10
0
        public HttpResponseMessage LogInitialExperience(string hsId, [FromBody] ExperienceLogRequest eventLogRequest)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (eventLogRequest.EmployerId > 0)
                {
                    AppendClientVersion(eventLogRequest);

                    using (GetEmployerConnString gecs = new GetEmployerConnString(eventLogRequest.EmployerId))
                    {
                        try
                        {
                            using (InsertExperienceLog iel = new InsertExperienceLog())
                            {
                                ExperienceLogResponse elr = new ExperienceLogResponse
                                {
                                    ExperienceUserId = Guid.NewGuid().ToString()
                                };
                                iel.ExperienceEventId   = eventLogRequest.EventId;
                                iel.ExperienceEventDesc = eventLogRequest.EventName;
                                iel.ExperienceUserId    = elr.ExperienceUserId;
                                iel.Comment             = eventLogRequest.LogComment;
                                iel.DeviceId            = eventLogRequest.DeviceId;
                                iel.ClientVersion       = eventLogRequest.ClientVersion;

                                iel.PostData(gecs.ConnString);
                                hrm = Request.CreateResponse(HttpStatusCode.OK, elr);
                            }
                        }
                        catch (Exception exc)
                        {
                            hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, String.Format("Insert Experience Event Procedure Failed: {0}", exc.Message));
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 11
0
        public HttpResponseMessage GetCampaignMemberInfo(string hsId, int employerId, string campaignMemberId)
        {
            dynamic             data = new ExpandoObject();
            HttpResponseMessage hrm  = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (employerId > 0)
                {
                    using (var gecs = new GetEmployerConnString(employerId))
                    {
                        using (var gvcmi = new GetVideoCampaignMemberInfo())
                        {
                            gvcmi.VideoCampaignMemberId = campaignMemberId;
                            gvcmi.GetData(gecs.ConnString);

                            if (!gvcmi.HasThrownError)
                            {
                                data.DateOfBirth              = gvcmi.DateOfBirth;
                                data.IntroVideoDefinitionId   = gvcmi.IntroVideoDefinitionId.ToUpper();
                                data.IntroVideoDefinitionName = gvcmi.IntroVideoDefinitionName;
                                data.IsVideoCampaignActive    = gvcmi.IsVideoCampaignActive;
                                data.LastName             = gvcmi.LastName;
                                data.MemberSsn            = gvcmi.MemberSsn;
                                data.VideoCampaignFileId  = gvcmi.VideoCampaignFileId.ToUpper();
                                data.VideoCampaignId      = gvcmi.VideoCampaignId;
                                data.VideoDefinitionName  = gvcmi.VideoDefinitionName;
                                data.CchEmployerLink      = gvcmi.CchEmployerLink;
                                data.EmployerBenefitsLink = gvcmi.EmployerBenefitsLink;
                                hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage PushPromptStatus(int employerId, string hsId, string deviceId)
        {
            dynamic             data = new ExpandoObject();
            HttpResponseMessage hrm  = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                   new Exception("Client Handshake is Not Authorized"));

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                using (GetEmployerConnString gecs = new GetEmployerConnString(employerId))
                {
                    using (GetDevicePushPromptStatus gdpps = new GetDevicePushPromptStatus())
                    {
                        gdpps.DeviceId = deviceId;
                        gdpps.GetData(gecs.ConnString);

                        data.PromptStatus = gdpps.PromptStatus ? "1" : "0";
                    }
                    hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                }
            }
            return(hrm);
        }
        public HttpResponseMessage LogAnEvent(string hsId, [FromBody] VideoEventLog eventLog)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(
                    HttpStatusCode.NoContent, "Unexpected Error");

                if (eventLog.EmployerId > 0)
                {
                    using (GetEmployerConnString gecs = new GetEmployerConnString(eventLog.EmployerId))
                    {
                        using (LogVideoEvent lve = new LogVideoEvent())
                        {
                            lve.VideoCampaignMemberId = eventLog.VideoCampaignMemberId;
                            lve.VideoLogEvent         = eventLog.VideoLogEvent;
                            lve.VideoLogEventId       = eventLog.VideoLogEventId;
                            lve.Comment = eventLog.Comment;

                            lve.PostData(gecs.ConnString);
                            if (lve.PostReturn == 1)
                            {
                                hrm = Request.CreateResponse(HttpStatusCode.OK);
                            }
                            else
                            {
                                hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent,
                                                                  "Log Video Event Procedure Failed.");
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
Ejemplo n.º 14
0
        public HttpResponseMessage GetAuthMemberData(String hsId, [FromBody] AuthMemberDataRequest hsRequest)
        {
            HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
            var e = new CCHEncrypt();

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found"));

                using (var gefae = new GetEnrollmentsForAllEmployers())
                {
                    gefae.LastName    = hsRequest.LastName;
                    gefae.LastFour    = hsRequest.LastFourSsn;
                    gefae.DateOfBirth = hsRequest.DateOfBirth;
                    gefae.GetFrontEndData();

                    if (gefae.Tables.Count > 0 &&
                        gefae.Tables[0].Rows.Count > 0)
                    {
                        DataRow dr         = gefae.Tables[0].Rows[0];
                        int     cchid      = dr.GetData <int>("CCHID");
                        string  cnxString  = dr.GetData("ConnectionString");
                        int     employerId = dr.GetData <int>("employerid");

                        //UserAccess Check dstrickland 7/7/2015
                        using (var cpaa = new CheckPersonApplicationAccess(cchid, cnxString))
                        {
                            if (!cpaa.HasAccess)
                            {
                                return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                   new Exception(cpaa.ErrorMessage)));
                            }
                        }

                        e.UserKey   = Request.EncryptionKey();
                        e.SecretKey = Properties.Settings.Default.SecretKey;
                        e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
                        e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));

                        string authHash = e.ToString();

                        if (employerId > 0)
                        {
                            CreateLoginAudit(hsId,
                                             Request.RequestUri.Host.ToString(CultureInfo.InvariantCulture),
                                             cchid, cnxString);

                            hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("Video Data Not Found"));

                            using (var gvcmi = new GetVideoCampaignMemberIdByCchId())
                            {
                                gvcmi.CampaignId = hsRequest.CampaignId;
                                gvcmi.CchId      = cchid;
                                gvcmi.GetData(cnxString);

                                if (!gvcmi.HasThrownError && !string.IsNullOrEmpty(gvcmi.VideoCampaignMemberId))
                                {
                                    using (var gvcmd = new GetVideoCampaignMemberDataById())
                                    {
                                        gvcmd.VideoCampaignMemberId = gvcmi.VideoCampaignMemberId;
                                        gvcmd.GetData(cnxString);

                                        if (!gvcmd.HasThrownError)
                                        {
                                            string videoMemberData = gvcmd.VideoMemberData;

                                            string resultset =
                                                string.Format("\"AuthHash\":\"{0}\",\"MemberData\":{1}",
                                                              authHash, videoMemberData);
                                            resultset = string.Concat("{", resultset, "}");

                                            hrm = new HttpResponseMessage(HttpStatusCode.OK)
                                            {
                                                RequestMessage = Request,
                                                Content        = new StringContent(resultset),
                                                StatusCode     = HttpStatusCode.OK
                                            };
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage Register2(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
        {
            dynamic             eo  = new ExpandoObject();
            HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                                  new Exception("Client Handshake is Not Authorized"));
            var e = new CCHEncrypt();

            if (ValidateConsumer.IsValidConsumer(hsId))
            {
                hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found"));

                using (GetEmployerConnString gecs = new GetEmployerConnString(Request.EmployerID())) {
                    const string employeeQuery =
                        "SELECT CONVERT(varchar(10), DateOfBirth, 111) AS DateOfBirthText, * FROM Enrollments WHERE CCHID = @CchId";
                    using (var employeeDb = new DataBase(employeeQuery, true)) {
                        employeeDb.AddParameter("CchId", Request.CCHID());
                        employeeDb.GetData(gecs.ConnString);

                        if (employeeDb.Tables.Count > 0 && employeeDb.Tables[0].Rows.Count > 0)
                        {
                            hsRequest.FirstName   = employeeDb.Tables[0].Rows[0].GetData("FirstName");
                            hsRequest.LastName    = employeeDb.Tables[0].Rows[0].GetData("LastName");
                            hsRequest.LastName    = hsRequest.LastName.Replace("_", " ");
                            hsRequest.DateOfBirth = employeeDb.Tables[0].Rows[0].GetData("DateOfBirthText");
                            hsRequest.LastFourSsn = employeeDb.Tables[0].Rows[0].GetData("MemberSsn");
                            hsRequest.MedicalId   = employeeDb.Tables[0].Rows[0].GetData("MemberMedicalId");

                            string fullName       = string.Format("{0} {1}", hsRequest.FirstName, hsRequest.LastName);
                            string mobilePhone    = hsRequest.MobilePhone;
                            string alternatePhone = hsRequest.Phone;

                            eo.UserName       = hsRequest.UserName;
                            eo.DisplayName    = fullName;
                            eo.MobilePhone    = mobilePhone;
                            eo.AlternatePhone = alternatePhone;

                            using (GetUserContentPreference gucp = new GetUserContentPreference()) {
                                gucp.CCHID = Request.CCHID();
                                gucp.GetData(gecs.ConnString);

                                eo.SmsInd           = gucp.SmsInd;
                                eo.EmailInd         = gucp.EmailInd;
                                eo.OsBasedAlertInd  = gucp.OsBasedAlertInd;
                                eo.LocaleCode       = gucp.LocaleCode;
                                eo.PreferredContact = gucp.ContactPhoneNumber;
                            }

                            MembershipCreateStatus status;
                            if (CreateNewMemberAccount(email: hsRequest.UserName, firstName: hsRequest.FirstName,
                                                       lastName: hsRequest.LastName, phone: hsRequest.Phone,
                                                       secretQuestionId: hsRequest.SecretQuestionId, secretAnswer: hsRequest.SecretAnswer,
                                                       password: hsRequest.Password, mobilePhone: hsRequest.MobilePhone,
                                                       cchid: Request.CCHID(), employerId: Request.EmployerID(),
                                                       cnxString: gecs.ConnString, status: out status))
                            {
                                var membershipUser = Membership.GetUser(hsRequest.UserName);
                                if (membershipUser != null)
                                {
                                    if (membershipUser.ProviderUserKey != null)
                                    {
                                        eo.Question = membershipUser.PasswordQuestion;

                                        string aspUserId = membershipUser.ProviderUserKey.ToString();
                                        e.UserKey   = Request.EncryptionKey();
                                        e.SecretKey = Properties.Settings.Default.SecretKey;
                                        e.Add("UserID", aspUserId);
                                        e.Add("CCHID", Request.CCHID().ToString());
                                        e.Add("EmployerID", Request.EmployerID().ToString());
                                        e.Add("UserName", hsRequest.UserName);

                                        //((IDictionary<string, object>) eo)["AuthHash"] = e.ToString();
                                        //hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));
                                        eo.AuthHash = e.ToString();
                                        hrm         = Request.CreateResponse(HttpStatusCode.OK, (object)eo);

                                        //InsertAuditTrail(Request.CCHID(), aspUserId,
                                        //    "Animation Register", Request.RequestUri.Host, gecs.ConnString);
                                        LogUserLoginHistory(hsRequest.UserName, Request.CCHID(), gecs.ConnString);
                                    }
                                }
                            }
                            else
                            {
                                switch (status)
                                {
                                case MembershipCreateStatus.DuplicateUserName:
                                    hrm = Request.CreateErrorResponse(HttpStatusCode.Conflict,
                                                                      new Exception("Member Account already exists"));
                                    break;

                                default:
                                    hrm = Request.CreateErrorResponse(HttpStatusCode.InternalServerError,
                                                                      new Exception("Error in creating new Member Account"));
                                    break;
                                }
                            }
                        }
                    }
                }
            }
            return(hrm);
        }
        public HttpResponseMessage Login(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
        {
            var     hrm  = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized"));
            var     e    = new CCHEncrypt();
            dynamic data = new ExpandoObject();

            if (!ValidateConsumer.IsValidConsumer(hsId))
            {
                LogUtil.Log(string.Format("Login failed. Inavlid Handshake Id {0}", hsId), LogLevel.Info);
                return(hrm);
            }

            hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User Name and Password Do Not Match"));

            if (!Membership.ValidateUser(hsRequest.UserName, hsRequest.Password))
            {
                // This can also happen if the account is locked.  Check to see if it is locked
                // and return an appropriate error message.
                if (IsUserLocked(hsRequest.UserName))
                {
                    LogUtil.Log(string.Format("Login failed for user {0}.  Account is locked.",
                                              hsRequest.UserName), LogLevel.Info);
                    hrm = Request.CreateErrorResponse(HttpStatusCode.Forbidden, new Exception("Account locked"));
                }
                else
                {
                    LogUtil.Log(string.Format("Login failed for user {0}.  Credentials failed membership validation.",
                                              hsRequest.UserName), LogLevel.Info);
                }
                return(hrm);
            }

            using (var employerDb = new DataBase(EMPLOYER_QUERY, true)) {
                employerDb.AddParameter("Email", hsRequest.UserName);
                employerDb.GetFrontEndData();

                hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                  new Exception("User Profile was Not Found"));

                if (employerDb.Tables.Count < 1 || employerDb.Tables[0].Rows.Count < 1)
                {
                    LogUtil.Log(string.Format("Login failed for user {0}.  User Profile was not found.",
                                              hsRequest.UserName), LogLevel.Info);
                    return(hrm);
                }

                e.Add("EmployerID", employerDb.Tables[0].Rows[0].GetData("employerId"));

                using (var gkei = new GetKeyEmployeeInfo()) {
                    gkei.Email = hsRequest.UserName;
                    string cnxString = employerDb.Tables[0].Rows[0].GetData("connectionString");

                    gkei.GetData(cnxString);

                    hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                      new Exception("Employee Info on User Name was Not Found"));

                    if (gkei.Tables.Count < 1 || gkei.Tables[0].Rows.Count < 1)
                    {
                        LogUtil.Log(string.Format("Login failed for user {0}.  Employee Info was not found.",
                                                  hsRequest.UserName), LogLevel.Info);
                        return(hrm);
                    }

                    //UserAccess Check dstrickland 7/7/2015
                    using (var cpaa = new CheckPersonApplicationAccess(gkei.CCHID, cnxString)) {
                        if (!cpaa.HasAccess)
                        {
                            LogUtil.Log(string.Format("Login failed for user {0}.  User does not have acces to AppId 2.",
                                                      hsRequest.UserName), LogLevel.Info);
                            return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
                                                               new Exception(cpaa.ErrorMessage)));
                        }
                    }

                    var firstName      = gkei.Tables[0].Rows[0].GetData("FirstName");
                    var lastName       = gkei.Tables[0].Rows[0].GetData("LastName");
                    var fullName       = string.Format("{0} {1}", firstName, lastName);
                    var mobilePhone    = gkei.Tables[0].Rows[0].GetData("MobilePhone");
                    var alternatePhone = gkei.Tables[0].Rows[0].GetData("Phone");

                    using (var gucp = new GetUserContentPreference()) {
                        gucp.CCHID = gkei.CCHID;
                        gucp.GetData(cnxString);

                        data.SmsInd           = gucp.SmsInd;
                        data.EmailInd         = gucp.EmailInd;
                        data.OsBasedAlertInd  = gucp.OsBasedAlertInd;
                        data.LocaleCode       = gucp.LocaleCode;
                        data.PreferredContact = gucp.ContactPhoneNumber;

                        hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);
                    }

                    var membershipUser = Membership.GetUser(hsRequest.UserName);
                    if (membershipUser != null && membershipUser.ProviderUserKey != null)
                    {
                        e.UserKey   = Request.EncryptionKey();
                        e.SecretKey = Properties.Settings.Default.SecretKey;
                        e.Add("UserName", hsRequest.UserName);
                        e.Add("CCHID", gkei.CCHID.ToString());

                        string aspUserId = membershipUser.ProviderUserKey.ToString();
                        e.Add("UserID", aspUserId);
                        string authHash = e.ToString();

                        data.AuthHash       = authHash;
                        data.UserName       = hsRequest.UserName;
                        data.DisplayName    = fullName;
                        data.MobilePhone    = mobilePhone;
                        data.AlternatePhone = alternatePhone;
                        data.Question       = membershipUser.PasswordQuestion;

                        hrm = Request.CreateResponse(HttpStatusCode.OK, (object)data);

                        LogUserLoginHistory(hsRequest.UserName, gkei.CCHID, cnxString);

                        //Load accumulations for all dependents
                        Task.Run(async() => await LoadEmployeeAndDependentsAccumulationsAsync(
                                     Int32.Parse(employerDb.Tables[0].Rows[0].GetData("employerId")),
                                     Int32.Parse(gkei.CCHID.ToString())));
                    }
                }
            }

            return(hrm);
        }