Example #1
0
        public HttpResponseMessage ValidateLogin([FromBody] LoginDTO data)
        {
            var userName = data.UserName;
            var password = data.Password;

            var userDomain = new AppUserDomain();
            //Validate if user exist in the system
            int?companyId = -1;

            if (userDomain.ValidateLogin(userName, password, ref companyId))
            {
                //Create repositories
                var userRepository = new AppUserRepository();
                var roleRepository = new AppUserRoleRepository();

                //Get user
                SGApp.Models.EF.User user = userRepository.GetUser(userName, SecurityUtils.GetBinaryPassword(password), ref companyId);


                //Get user roles
                IList <SGApp.Models.EF.UserRole> userRoles = roleRepository.GetUserRoles(user.UserId);

                var dic = new List <Dictionary <string, string> >();
                foreach (var item in userRoles)
                {
                    var d = new Dictionary <string, string>();
                    d.Add("RoleID", item.RoleId.ToString());
                    d.Add("RoleDescription", item.Role.RoleName);
                    dic.Add(d);
                }
                int compid = (int)companyId;
                var retVal = new KeyDTO {
                    UserID    = user.UserId.ToString(),
                    CompanyId = user.CompanyId.ToString(),
                    UserRoles = dic,
                    Key       = SecurityUtils.CreateUserSecurityKey(userName, password, compid)/*,
                                                                                                * UserRoles = userRoles*/
                };
                return(Request.CreateResponse(HttpStatusCode.OK, retVal));
                //return Request.CreateResponse(HttpStatusCode.OK, JsonConvert.SerializeObject(
                //            retVal,
                //            Formatting.Indented,
                //            new JsonSerializerSettings() {
                //                PreserveReferencesHandling = PreserveReferencesHandling.Objects,
                //                ReferenceLoopHandling = ReferenceLoopHandling.Serialize
                //            }
                //        ));
            }
            else
            {
                var message = "Invalid user name and/or password";
                return(Request.CreateResponse(HttpStatusCode.NotFound, message));
            }
        }
Example #2
0
        public int ValidateUser(string inKey, out string outKey, ref int companyId)
        {
            int?userID;

            outKey = string.Empty;
            var cipherTextBytes = Convert.FromBase64String(inKey);
            var keyBytes        = new Rfc2898DeriveBytes(Constants.hash, Encoding.ASCII.GetBytes(Constants.salt)).GetBytes(256 / 8);
            var symmetricKey    = new RijndaelManaged()
            {
                Mode    = CipherMode.CBC,
                Padding = PaddingMode.None
            };

            var decryptor      = symmetricKey.CreateDecryptor(keyBytes, Encoding.ASCII.GetBytes(Constants.VIKey));
            var memoryStream   = new MemoryStream(cipherTextBytes);
            var cryptoStream   = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
            var plainTextBytes = new byte[cipherTextBytes.Length];

            var decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);

            memoryStream.Close();
            cryptoStream.Close();
            var decryptedString = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount).TrimEnd("\0".ToCharArray());

            if (companyId > -1)
            {
                var companyIndex = decryptedString.IndexOf("||");
                companyId       = int.Parse(decryptedString.Substring(0, companyIndex));
                decryptedString = decryptedString.Substring(companyIndex + 2);
            }
            var lastPipe   = decryptedString.LastIndexOf("||");
            var firstIndex = decryptedString.IndexOf("||");

            string timeString = decryptedString.Substring(lastPipe + 2, decryptedString.Length - lastPipe - 2);
            var    time       = DateTime.ParseExact(timeString, Constants.SecurityTokenDateFormat, CultureInfo.InvariantCulture);

            var ts = DateTime.Now.Subtract(time);

            if (ts.Minutes < 15)
            {
                int?compId   = (int?)companyId;
                var userName = decryptedString.Substring(0, firstIndex);
                var password = decryptedString.Substring(firstIndex + 2, lastPipe - firstIndex - 2);
                userID = ValidateUser(userName, SecurityUtils.GetBinaryPassword(password), ref compId);
                if (userID.HasValue && userID.Value > 0)
                {
                    outKey = SecurityUtils.CreateUserSecurityKey(userName, password, companyId);
                    return(userID.Value);
                }
                return(0);
            }
            return(0);
        }
Example #3
0
        public HttpResponseMessage InitiateCrhDailyProcessing(OracleCloudDto dto)
        {
            var limitRecords = dto.LimitRecords;
            var companyId    = dto.CompanyId;
            var startDate    = dto.StartDate.AddDays(-1).AddHours(23).AddMinutes(59).AddSeconds(59).AddMilliseconds(999);
            var endDate      = dto.EndDate.AddDays(1);
            var key          = SecurityUtils.CreateUserSecurityKey(" ", " ", companyId);
            var oRep         = dto.OracleRepository != null ? dto.OracleRepository : new OracleRepository();
            var runId        = oRep.GetNextRunId();
            var oraObj       = LoadOracleObject(limitRecords, key, companyId, startDate, endDate, oRep, runId);

            try {
                TransmitData(oraObj, dto, runId);
            }
            catch (Exception ex) {
                return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
            }

            return(Request.CreateResponse(HttpStatusCode.OK, "Got Here"));
        }