public static object[] Login(string enc_username, string enc_password) { tbl_Customer customer = new tbl_Customer(); tbl_AddressCustomer address = new tbl_AddressCustomer(); tbl_NetMembership current_netmembership = new tbl_NetMembership(); CustomerResponseCode response_code = Authenticate(enc_username, enc_password); if (response_code == CustomerResponseCode.SUCCESS) { customer = new tbl_Customer(enc_username, true, true); address = new tbl_AddressCustomer(customer.addID); current_netmembership = tbl_NetMembership.GetCurrentNetMembership(customer.cusID); if (current_netmembership == null) { response_code = CustomerResponseCode.NO_SUB; } } return(new object[] { response_code, customer, address, current_netmembership }); }
private void RecordLoginAttempt(string enc_username, string enc_password, ResponseObject response, CustomerResponseCode response_code) { string u = response.ResponseCode == (int)CustomerResponseCode.CANNOT_DECRYPT_INPUT ? string.Empty : Cryptography.Decrypt256FromHEX(enc_username); using (AHT_MainDataContext context = new AHT_MainDataContext(ConfigurationManager.ConnectionStrings["AHT_MainConnectionString"].ConnectionString)) { tbl_AppEventLog ael = new tbl_AppEventLog(); ael.aelUserName = u; ael.aelSection = "Login"; ael.aelAppName = "CustomerWebService"; ael.aelSeverity = response.ResponseCode > 0 ? "ERROR" : "INFO"; ael.aelEvent = response.ResponseCode == (int)CustomerResponseCode.SUCCESS ? "LOGIN_SUCCEEDED" : "LOGIN_FAILED"; ael.aelMessage1 = string.Format("U:{0} P:{1}", new object[] { enc_username, enc_password }); ael.aelMessage2 = string.Format(response_code.ToString()); ael.aelDateCreated = DateTime.Now; context.tbl_AppEventLogs.InsertOnSubmit(ael); context.SubmitChanges(); } }
public static object[] CreateCustomer(string address1, string address2, string address3, string city, string region, string country, string postal, string source, string password, string customertype, string salutation, string firstname, string middleinitial, string lastname, string suffix, string emailaddress, string username, string newmemberid, string pubcode, string expiredate, string startdate, string screenname, string mobilephone, string secondemail, string keycode) { CustomerResponseCode responsecode = 0; tbl_Customer Customer = new tbl_Customer(); tbl_NetMembership NetMembership = new tbl_NetMembership(); tbl_AddressCustomer Address = new tbl_AddressCustomer(); #region convert string input to correct types DateTime dt_expiredate = new DateTime(); DateTime dt_startdate = new DateTime(); if (!DateTime.TryParse(expiredate, out dt_expiredate)) { responsecode = CustomerResponseCode.CANNOT_CONVERT_EXPIREDATE; } if (!DateTime.TryParse(startdate, out dt_startdate)) { responsecode = CustomerResponseCode.CANNOT_CONVERT_STARTDATE; } #endregion if (responsecode == 0) { #region check user name availability switch (tbl_Customer.CheckUserName(username)) { case 0: responsecode = 0; break; case 1: responsecode = CustomerResponseCode.DUPLICATE_USER_NAME; break; case 2: responsecode = CustomerResponseCode.DUPLICATE_EMAIL_ADDRESS; break; case 3: responsecode = CustomerResponseCode.DUPLICATE_USER_NAME; break; } #endregion if (responsecode == 0) { using (AHT_MainDataContext context = new AHT_MainDataContext(ConfigurationManager.ConnectionStrings["AHT_MainConnectionString"].ConnectionString)) { #region get cuscustnum long newcustnum = 0; try { long lastcustomer = (from a in context.tbl_Customers select a.cusCustNum).Select(x => Convert.ToInt64(x)).Max(); newcustnum = lastcustomer + 1; } catch { responsecode = CustomerResponseCode.CANNOT_CREATE_CUSCUSTNUM; } #endregion if (responsecode == 0) { #region address data at AH Address = new tbl_AddressCustomer(); Address.addAddress1 = address1; Address.addAddress2 = address2; Address.addAddress3 = address3; Address.addCity = city; Address.addCountry = country; Address.addDateCreated = DateTime.Now; Address.addDateUpdated = DateTime.Now; Address.addPostalCode = postal; Address.addRegion = string.IsNullOrEmpty(region) ? "" : region; Address.addSource = string.Empty; context.tbl_AddressCustomers.InsertOnSubmit(Address); context.SubmitChanges(); #endregion #region customer data at AH Customer.cusEncryptedPassword = HarperCRYPTO.Cryptography.EncryptData(password); Customer.cusPassword = HarperCRYPTO.Cryptography.Encrypt256(password); Customer.cusPasswordSalt = HarperCRYPTO.Cryptography.Salt; Customer.addID = Address.addID; Customer.cusCustNum = newcustnum.ToString(); Customer.cusCustType = customertype; Customer.cusFirstName = firstname; Customer.cusLastName = lastname; Customer.cusPriFirstName = firstname; Customer.cusPriLastName = lastname; Customer.cusEmail = emailaddress; Customer.cusUserName = username; Customer.cusIsCharterMem = false; Customer.cusDateCreated = DateTime.Now; Customer.cusDateUpdated = DateTime.Now; Customer.cusIsDeleted = false; Customer.cusSex = 'U'; Customer.cusGUID = Guid.NewGuid(); Customer.cusDisplayName = screenname; Customer.cusMobile = mobilephone; Customer.cusHasDisplayName = true; Customer.cusSecondEmail = secondemail; Customer.cusMemberSince = DateTime.Now; Customer.cusSource = source; Customer.cusKeyCode = keycode; Customer.csoCode = source; long.TryParse(newmemberid, out Customer.SfgId); context.tbl_Customers.InsertOnSubmit(Customer); context.SubmitChanges(); #endregion #region sfg customer number data at AH HarperLINQ.SFG_CustomerNumber SfgData = new HarperLINQ.SFG_CustomerNumber(); SfgData.cusID = Customer.cusID; SfgData.SFGCustNum = newmemberid; context.SFG_CustomerNumbers.InsertOnSubmit(SfgData); context.SubmitChanges(); #endregion #region net membership data at AH NetMembership = new tbl_NetMembership(); NetMembership.cusID = Customer.cusID; NetMembership.mtyCode = HarperLINQ.SFG_ProdCode.GetFromExtCode(pubcode).IntCode; NetMembership.nmbDateCreated = DateTime.Now; NetMembership.nmbDateEnd = dt_expiredate; NetMembership.nmbDateStart = dt_startdate; context.tbl_NetMemberships.InsertOnSubmit(NetMembership); context.SubmitChanges(); #endregion } } } } return(new object[] { responsecode, Customer, Address, NetMembership }); }
public static CustomerResponseCode Authenticate(string enc_username, string enc_password) { bool result = true; CustomerResponseCode response_code = CustomerResponseCode.SUCCESS; #region decrypt input string u = string.Empty; string p = string.Empty; try { u = HarperCRYPTO.Cryptography.Decrypt256FromHEX(enc_username); p = HarperCRYPTO.Cryptography.Decrypt256FromHEX(enc_password); } catch { result = false; response_code = CustomerResponseCode.CANNOT_DECRYPT_INPUT; } #endregion if (result) { using (AHT_MainDataContext context = new AHT_MainDataContext(ConfigurationManager.ConnectionStrings["AHT_MainConnectionString"].ConnectionString)) { #region get customer by username tbl_Customer customer = new tbl_Customer(); try { customer = (from a in context.tbl_Customers where a.cusUserName == u && a.cusIsDeleted == false select a).SingleOrDefault(); if (customer == null) { result = false; response_code = CustomerResponseCode.NO_SUCH_USER_NAME; } } catch { result = false; response_code = CustomerResponseCode.DUPLICATE_USER_NAME; } #endregion if (result) { #region decrypt password string storedpwd = string.Empty; try { storedpwd = HarperCRYPTO.Cryptography.Decrypt256FromHEX(customer.cusPassword); } catch { result = false; response_code = CustomerResponseCode.CANNOT_DECRYPT_STORED_PWD; } #endregion if (result) { #region compare passwords if (storedpwd != p) { result = false; response_code = CustomerResponseCode.INVALID_PASSWORD; } #endregion } } } } return(response_code); }