public IHttpActionResult PuttUsersAudit(int id, tUsersAudit tUsersAudit)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != tUsersAudit.Id)
{
return(BadRequest());
}
db.Entry(tUsersAudit).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!tUsersAuditExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult GettUsersAudit(int id)
{
tUsersAudit tUsersAudit = db.tUsersAudits.Find(id);
if (tUsersAudit == null)
{
return(NotFound());
}
return(Ok(tUsersAudit));
}
public IHttpActionResult PosttUsersAudit(tUsersAudit tUsersAudit)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.tUsersAudits.Add(tUsersAudit);
db.SaveChanges();
return(CreatedAtRoute("DefaultApi", new { id = tUsersAudit.Id }, tUsersAudit));
}
public IHttpActionResult DeletetUsersAudit(int id)
{
tUsersAudit tUsersAudit = db.tUsersAudits.Find(id);
if (tUsersAudit == null)
{
return(NotFound());
}
db.tUsersAudits.Remove(tUsersAudit);
db.SaveChanges();
return(Ok(tUsersAudit));
}
public IHttpActionResult GetLogin(LoginModel model)
{
try
{
tUser tUser = db.tUsers
.Include("tSalt")
//.Include("tUserLoginAuths")
.SingleOrDefault(x => x.Email == model.Username &&
x.AccountStatusID == 1);
if (tUser == null)
{
throw new UserInvalidLoginException(AuditLogging.ErrMsg_Invalid_Username);
//return NotFound();
}
if (model.Password != null)
{
PasswordStorage oPassUtil = new PasswordStorage();
oPassUtil.Hashstring = tUser.PasswordHash;
oPassUtil.Saltstring = tUser.tSalt.Salt;
if (!oPassUtil.VerifyPassword(model.Password))
{
throw new UserInvalidLoginException(AuditLogging.ErrMsg_Invalid_Password, tUser.ID);
//return Unauthorized();
}
}
tUserLoginAuth userLoginAuth = db.tUserLoginAuths.FirstOrDefault(x => x.UserID == tUser.ID && x.ExpirationDate > DateTime.Now);
if (userLoginAuth != null)
{
//return existing auth
return(Ok(userLoginAuth));
}
else
{
//Insert new auth into LoginAuth
userLoginAuth = new tUserLoginAuth();
userLoginAuth.UserID = tUser.ID;
userLoginAuth.tUser = tUser;
db.tUserLoginAuths.Add(userLoginAuth);
}
//Insert Audit Log
tUsersAudit userAuditLog = new tUsersAudit();
userAuditLog.ApplicationID = (int)AuditLogging.enumApplication.SFCWebSite;
userAuditLog.EventID = (int)AuditLogging.enumEvent.Security_Login_Success;
userAuditLog.UserID = tUser.ID;
userAuditLog.Description = AuditLogging.const_Successful_Login + " from IP Address: " + model.IpAddress;
userAuditLog.TypeID = 7;//Login
db.tUsersAudits.Add(userAuditLog);
//Commit All
db.SaveChanges();
return(Ok(userLoginAuth));
}
catch (UserInvalidLoginException exLogin)
{
if (exLogin.Message == AuditLogging.ErrMsg_Invalid_Username)
{
//Insert Error Log for bad username
string sTrace = "UserName: "******"| IP Address: " + model.IpAddress;
tUsersErrLog userErrorLog = new tUsersErrLog();
userErrorLog.ErrTypeID = (int)ErrorLogging.enumErrorType.Security;
userErrorLog.ErrSourceID = (int)AuditLogging.enumApplication.SFCWebSite;
userErrorLog.Description = exLogin.Message;
userErrorLog.Trace = sTrace;
db.tUsersErrLogs.Add(userErrorLog);
db.SaveChanges();
return(NotFound());
}
else if (exLogin.Message == AuditLogging.ErrMsg_Invalid_Password)
{
//Insert Audit Log for bad password
tUsersAudit userAuditLog = new tUsersAudit();
userAuditLog.ApplicationID = (int)AuditLogging.enumApplication.SFCWebSite;
userAuditLog.EventID = (int)AuditLogging.enumEvent.Security_Login_Failed;
userAuditLog.UserID = exLogin.UserID;
userAuditLog.Description = exLogin.Message + " from IP Address: " + model.IpAddress;
userAuditLog.TypeID = 12;//LoginErr
db.tUsersAudits.Add(userAuditLog);
db.SaveChanges();
return(Unauthorized());
}
}
catch (Exception ex)
{
//Insert Error Log
tUsersErrLog userErrorLog = new tUsersErrLog();
userErrorLog.ErrTypeID = (int)ErrorLogging.enumErrorType.Application;
userErrorLog.ErrSourceID = (int)AuditLogging.enumApplication.SFCBAL;
userErrorLog.Code = ex.HResult.ToString();
userErrorLog.Description = ex.Message;
userErrorLog.Trace = ex.StackTrace;
db.tUsersErrLogs.Add(userErrorLog);
db.SaveChanges();
string ErrMsg = "An error occured and we have logged the error. Please try again later.";
Exception Err = new Exception(ErrMsg, ex);
return(InternalServerError(Err));
}
return(Ok());
}
