public HttpResponseMessage Register1(String hsId, [FromBody] UserAuthenticationRequest hsRequest)
{
dynamic eo = new ExpandoObject();
HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized"));
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found"));
if (RegDateOfBirth.IsMatch(hsRequest.DateOfBirth))
{
using (var gefae = new GetEnrollmentsForAllEmployers()) {
hsRequest.LastFourSsn = hsRequest.LastFourSsn.Trim().Length > 4
? hsRequest.LastFourSsn.Substring(hsRequest.LastFourSsn.Length - 4, 4)
: hsRequest.LastFourSsn;
gefae.LastName = hsRequest.LastName;
gefae.LastFour = hsRequest.LastFourSsn;
//DateTime birthDate = DateTime.Parse(hsRequest.DateOfBirth);
//gefae.DateOfBirth = string.Format("{0}-{1}-{2}", birthDate.Year, birthDate.Month, birthDate.Day);
gefae.DateOfBirth = hsRequest.DateOfBirth;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 &&
gefae.Tables[0].Rows.Count > 0)
{
DataRow dr = gefae.Tables[0].Rows[0];
int cchid = dr.GetData <int>("CCHID");
int employerId = dr.GetData <int>("employerid");
string connString = dr.GetData("connectionstring");
//UserAccess Check dstrickland 7/8/2015
using (var cpaa = new CheckPersonApplicationAccess(cchid, connString)) {
if (!cpaa.HasAccess)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));
e.Add("UserID", hsId);
((IDictionary <string, object>)eo)["AuthHash"] = e.ToString();
hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject));
//LogUserLoginHistory(null, cchid, connString);
}
}
}
}
return(hrm);
}
protected void ValidateInput(object sender, EventArgs e)
{
//Handle no email entered
if (Email.Text.Trim() == String.Empty)
{
VerifyFailureText.Text = "Email is required.";
Email.Focus();
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
return;
}
//Handle no SSN
if (SSN.Text.Trim() == String.Empty)
{
VerifyFailureText.Text = "Please enter the last 4 digits of your SSN.";
SSN.Focus();
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
return;
}
//Always try to use SSN if it has something in the text box
Boolean ssnSuccess = false;
if (SSN.Text.Trim() != String.Empty)
{
String cleanSSN = Regex.Replace(Encoder.HtmlEncode(SSN.Text), "[^0-9]", "");
if (cleanSSN.Length == 4)
{
using (GetEnrollmentsForAllEmployers gefae = new GetEnrollmentsForAllEmployers())
{
gefae.Email = Encoder.HtmlEncode(Email.Text);
gefae.LastFour = cleanSSN;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0)
{
sSSN = cleanSSN;
ssnSuccess = true;
}
}
}
}
if (ssnSuccess)
{
sUserName = Membership.GetUserNameByEmail(Encoder.HtmlEncode(Email.Text.Trim()));
if (String.IsNullOrWhiteSpace(sUserName))
{
VerifyFailureText.Text = "User not found.";
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
else
{
lblQuestion.Text = Membership.GetUser(Email.Text.Trim()).PasswordQuestion;
tblVerify.Visible = pnlVerify.Visible = false;
tblReset.Visible = pnlReset.Visible = true;
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
}
else
{
VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again.";
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
}
protected void ValidateInput(object sender, EventArgs e)
{
//Handle no email entered
if (Email.Text.Trim() == String.Empty)
{
VerifyFailureText.Text = "Email is required.";
Email.Focus();
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
return;
}
//Handle no SSN
if (SSN.Text.Trim() == String.Empty)
{
VerifyFailureText.Text = "Please enter the last 4 digits of your SSN.";
SSN.Focus();
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
return;
}
//Always try to use SSN if it has something in the text box
Boolean ssnSuccess = false;
if (SSN.Text.Trim() != String.Empty)
{
String cleanSSN = Regex.Replace(Encoder.HtmlEncode(SSN.Text), "[^0-9]", "");
if (cleanSSN.Length == 4)
{
using (GetEnrollmentsForAllEmployers gefae = new GetEnrollmentsForAllEmployers())
{
gefae.Email = Encoder.HtmlEncode(Email.Text);
gefae.LastFour = cleanSSN;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0)
{
sSSN = cleanSSN;
ssnSuccess = true;
}
}
}
}
if (ssnSuccess)
{
sUserName = Membership.GetUserNameByEmail(Encoder.HtmlEncode(Email.Text.Trim()));
if (String.IsNullOrWhiteSpace(sUserName))
{
VerifyFailureText.Text = "User not found.";
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
else
{
lblQuestion.Text = Membership.GetUser(Email.Text.Trim()).PasswordQuestion;
tblVerify.Visible = pnlVerify.Visible = false;
tblReset.Visible = pnlReset.Visible = true;
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
}
else
{
VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again.";
ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true);
}
}
public HttpResponseMessage GetAuthMemberData(String hsId, [FromBody] AuthMemberDataRequest hsRequest)
{
HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized);
var e = new CCHEncrypt();
if (ValidateConsumer.IsValidConsumer(hsId))
{
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found"));
using (var gefae = new GetEnrollmentsForAllEmployers())
{
gefae.LastName = hsRequest.LastName;
gefae.LastFour = hsRequest.LastFourSsn;
gefae.DateOfBirth = hsRequest.DateOfBirth;
gefae.GetFrontEndData();
if (gefae.Tables.Count > 0 &&
gefae.Tables[0].Rows.Count > 0)
{
DataRow dr = gefae.Tables[0].Rows[0];
int cchid = dr.GetData <int>("CCHID");
string cnxString = dr.GetData("ConnectionString");
int employerId = dr.GetData <int>("employerid");
//UserAccess Check dstrickland 7/7/2015
using (var cpaa = new CheckPersonApplicationAccess(cchid, cnxString))
{
if (!cpaa.HasAccess)
{
return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
new Exception(cpaa.ErrorMessage)));
}
}
e.UserKey = Request.EncryptionKey();
e.SecretKey = Properties.Settings.Default.SecretKey;
e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture));
e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture));
string authHash = e.ToString();
if (employerId > 0)
{
CreateLoginAudit(hsId,
Request.RequestUri.Host.ToString(CultureInfo.InvariantCulture),
cchid, cnxString);
hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("Video Data Not Found"));
using (var gvcmi = new GetVideoCampaignMemberIdByCchId())
{
gvcmi.CampaignId = hsRequest.CampaignId;
gvcmi.CchId = cchid;
gvcmi.GetData(cnxString);
if (!gvcmi.HasThrownError && !string.IsNullOrEmpty(gvcmi.VideoCampaignMemberId))
{
using (var gvcmd = new GetVideoCampaignMemberDataById())
{
gvcmd.VideoCampaignMemberId = gvcmi.VideoCampaignMemberId;
gvcmd.GetData(cnxString);
if (!gvcmd.HasThrownError)
{
string videoMemberData = gvcmd.VideoMemberData;
string resultset =
string.Format("\"AuthHash\":\"{0}\",\"MemberData\":{1}",
authHash, videoMemberData);
resultset = string.Concat("{", resultset, "}");
hrm = new HttpResponseMessage(HttpStatusCode.OK)
{
RequestMessage = Request,
Content = new StringContent(resultset),
StatusCode = HttpStatusCode.OK
};
}
}
}
}
}
}
}
}
return(hrm);
}
