public void ChangeMyPassword(LoginToken <AirlineCompany> token, string oldPassword, string newPassword)
{
if (token != null)
{
if (oldPassword == token.User.user.Password)
{
token.User.user.Password = newPassword;
_userDAO.Update(token.User.user);
//log4net
}
else
{
logger.Debug($"Attempt to change Password for airline {token.User.Name} has failed. ");
throw new WrongCredentialsException("The old password is incorrect. Please try again.");
}
}
else
{
logger.Error("Error - token is null");
throw new NullTokenException($"There is a problem to to change Password for airline {token.User.Name}. Please check your login details.Token is null.");
}
}
public void CreateAdmin(LoginToken <Administrator> token, Administrator admin)
{
logger.Debug("starting CreateAdmin()");
if (token != null)
{
if (token.User.Level == 3)
{
//_userDAO.Add(admin.user);
_adminDAO.Add(admin);
}
else
{
logger.Debug("This administrator level is not authorized to create a new admin.");
throw new WrongLevelOfAccessException("Access is denied. You have no authorization to create a new admin.");
}
}
else
{
logger.Error("Error - token is null");
throw new NullTokenException("There is a problem to create a new admin. Access is denied.");
}
}
public bool TryLogin(string userName, string password, out ILoginToken token)
{
token = null;
if (userName == "admin" && password == "9999")
{
logger.Info("Super administrator logged in.");
token = new LoginToken <Administrator>();
return(true);
}
else
{
try
{
User user;
try
{
user = _userDAO.GetUserByUsername(userName);
}
catch (Exception e)
{
logger.Fatal("Wrong username. Please try again.", e);
return(false);
}
if (user.Password == password)
{
if (user.User_Role == 1)
{
Administrator admin = _adminDAO.GetById(user.Id);
admin.user = user;
token = new LoginToken <Administrator>()
{
User = admin
};
}
if (user.User_Role == 2)
{
AirlineCompany airline = _airlineDAO.GetAirlineByUsername(user.Username); //TODO check if null
airline.user = user;
token = new LoginToken <AirlineCompany>()
{
User = airline
};
}
if (user.User_Role == 3)
{
Customer customer = _customerDAO.GetCustomerByUsername(user.Username);
customer.user = user;
token = new LoginToken <Customer>()
{
User = customer
};
}
logger.Info("Login was completed. Username and password are correct.");
return(true);
}
else
{
logger.Error("Login failed. Username or password are incorrect.");
throw new WrongCredentialsException("Username or password are incorrect. Please try again.");
}
}
catch (Exception e)
{
Console.WriteLine(e);
logger.Error("Login failed.", e);
return(false);
}
//log4net
}
}
