/// <summary>
/// Login
/// </summary>
/// <param name="user"></param>
/// <param name="transaction"></param>
/// <returns></returns>
public async Task<User> Login(User user, TransactionInformation transaction)
{
try
{
_accountDataService.CreateSession();
user = _accountDataService.Login(user.UserName, user.Password);
if (user != null)
{
_accountDataService.BeginTransaction();
_accountDataService.UpdateLastLogin(user);
await _accountDataService.CommitTransaction(true);
transaction.ReturnStatus = true;
}
else
{
transaction.ReturnStatus = false;
transaction.ReturnMessage.Add("Invalid login or password.");
}
}
catch (Exception ex)
{
transaction.AddExceptionMessage(ex);
}
finally
{
_accountDataService.CloseSession();
}
return user;
}
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
var request = actionContext.Request;
var headers = request.Headers;
if (!headers.Contains("X-Requested-With") || headers.GetValues("X-Requested-With").FirstOrDefault() != "XMLHttpRequest")
{
TransactionInformation transactionInformation = new TransactionInformation();
transactionInformation.ReturnMessage.Add("Access has been denied.");
transactionInformation.ReturnStatus = false;
actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation);
}
else
{
HttpContext ctx = default(HttpContext);
ctx = HttpContext.Current;
if (ctx.User.Identity.IsAuthenticated == false)
{
TransactionInformation transactionInformation = new TransactionInformation();
transactionInformation.ReturnMessage.Add("Your session has expired.");
transactionInformation.ReturnStatus = false;
actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation);
}
}
}
/// <summary>
/// Register User
/// </summary>
/// <param name="user"></param>
/// <param name="confirmationPassword"></param>
/// <param name="transaction"></param>
/// <returns></returns>
public async Task<User> RegisterUser(User user, string confirmationPassword, TransactionInformation transaction)
{
try
{
user.FirstName = Utilities.UppercaseFirstLetter(user.FirstName.Trim());
user.LastName = Utilities.UppercaseFirstLetter(user.LastName.Trim());
_accountDataService.CreateSession();
_businessRules.ValidateUser(user);
_businessRules.ValidatePassword(user.Password, confirmationPassword);
if (_businessRules.ValidationStatus == true)
{
_accountDataService.BeginTransaction();
_accountDataService.RegisterUser(user);
await _accountDataService.CommitTransaction(true);
transaction.ReturnStatus = true;
transaction.ReturnMessage.Add("User registered successfully.");
}
else
{
transaction.ReturnStatus = _businessRules.ValidationStatus;
transaction.ReturnMessage = _businessRules.ValidationMessage;
transaction.ValidationErrors = _businessRules.ValidationErrors;
}
}
catch (Exception ex)
{
transaction.AddExceptionMessage(ex);
}
finally
{
_accountDataService.CloseSession();
}
return user;
}
