public HttpResponseMessage Register1(String hsId, [FromBody] UserAuthenticationRequest hsRequest) { dynamic eo = new ExpandoObject(); HttpResponseMessage hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("Client Handshake is Not Authorized")); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception("User was Not Found")); if (RegDateOfBirth.IsMatch(hsRequest.DateOfBirth)) { using (var gefae = new GetEnrollmentsForAllEmployers()) { hsRequest.LastFourSsn = hsRequest.LastFourSsn.Trim().Length > 4 ? hsRequest.LastFourSsn.Substring(hsRequest.LastFourSsn.Length - 4, 4) : hsRequest.LastFourSsn; gefae.LastName = hsRequest.LastName; gefae.LastFour = hsRequest.LastFourSsn; //DateTime birthDate = DateTime.Parse(hsRequest.DateOfBirth); //gefae.DateOfBirth = string.Format("{0}-{1}-{2}", birthDate.Year, birthDate.Month, birthDate.Day); gefae.DateOfBirth = hsRequest.DateOfBirth; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { DataRow dr = gefae.Tables[0].Rows[0]; int cchid = dr.GetData <int>("CCHID"); int employerId = dr.GetData <int>("employerid"); string connString = dr.GetData("connectionstring"); //UserAccess Check dstrickland 7/8/2015 using (var cpaa = new CheckPersonApplicationAccess(cchid, connString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture)); e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture)); e.Add("UserID", hsId); ((IDictionary <string, object>)eo)["AuthHash"] = e.ToString(); hrm = Request.CreateResponse(HttpStatusCode.OK, (eo as ExpandoObject)); //LogUserLoginHistory(null, cchid, connString); } } } } return(hrm); }
protected void ValidateInput(object sender, EventArgs e) { //Handle no email entered if (Email.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Email is required."; Email.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Handle no SSN if (SSN.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Please enter the last 4 digits of your SSN."; SSN.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Always try to use SSN if it has something in the text box Boolean ssnSuccess = false; if (SSN.Text.Trim() != String.Empty) { String cleanSSN = Regex.Replace(Encoder.HtmlEncode(SSN.Text), "[^0-9]", ""); if (cleanSSN.Length == 4) { using (GetEnrollmentsForAllEmployers gefae = new GetEnrollmentsForAllEmployers()) { gefae.Email = Encoder.HtmlEncode(Email.Text); gefae.LastFour = cleanSSN; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { sSSN = cleanSSN; ssnSuccess = true; } } } } if (ssnSuccess) { sUserName = Membership.GetUserNameByEmail(Encoder.HtmlEncode(Email.Text.Trim())); if (String.IsNullOrWhiteSpace(sUserName)) { VerifyFailureText.Text = "User not found."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } else { lblQuestion.Text = Membership.GetUser(Email.Text.Trim()).PasswordQuestion; tblVerify.Visible = pnlVerify.Visible = false; tblReset.Visible = pnlReset.Visible = true; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } } else { VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } }
protected void ValidateInput(object sender, EventArgs e) { //Handle no email entered if (Email.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Email is required."; Email.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Handle no SSN if (SSN.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Please enter the last 4 digits of your SSN."; SSN.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Always try to use SSN if it has something in the text box Boolean ssnSuccess = false; if (SSN.Text.Trim() != String.Empty) { String cleanSSN = Regex.Replace(Encoder.HtmlEncode(SSN.Text), "[^0-9]", ""); if (cleanSSN.Length == 4) { using (GetEnrollmentsForAllEmployers gefae = new GetEnrollmentsForAllEmployers()) { gefae.Email = Encoder.HtmlEncode(Email.Text); gefae.LastFour = cleanSSN; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { sSSN = cleanSSN; ssnSuccess = true; } } } } if (ssnSuccess) { sUserName = Membership.GetUserNameByEmail(Encoder.HtmlEncode(Email.Text.Trim())); if (String.IsNullOrWhiteSpace(sUserName)) { VerifyFailureText.Text = "User not found."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } else { lblQuestion.Text = Membership.GetUser(Email.Text.Trim()).PasswordQuestion; tblVerify.Visible = pnlVerify.Visible = false; tblReset.Visible = pnlReset.Visible = true; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } } else { VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } }
public HttpResponseMessage GetAuthMemberData(String hsId, [FromBody] AuthMemberDataRequest hsRequest) { HttpResponseMessage hrm = Request.CreateResponse(HttpStatusCode.Unauthorized); var e = new CCHEncrypt(); if (ValidateConsumer.IsValidConsumer(hsId)) { hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("User Not Found")); using (var gefae = new GetEnrollmentsForAllEmployers()) { gefae.LastName = hsRequest.LastName; gefae.LastFour = hsRequest.LastFourSsn; gefae.DateOfBirth = hsRequest.DateOfBirth; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { DataRow dr = gefae.Tables[0].Rows[0]; int cchid = dr.GetData <int>("CCHID"); string cnxString = dr.GetData("ConnectionString"); int employerId = dr.GetData <int>("employerid"); //UserAccess Check dstrickland 7/7/2015 using (var cpaa = new CheckPersonApplicationAccess(cchid, cnxString)) { if (!cpaa.HasAccess) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new Exception(cpaa.ErrorMessage))); } } e.UserKey = Request.EncryptionKey(); e.SecretKey = Properties.Settings.Default.SecretKey; e.Add("CCHID", cchid.ToString(CultureInfo.InvariantCulture)); e.Add("EmployerID", employerId.ToString(CultureInfo.InvariantCulture)); string authHash = e.ToString(); if (employerId > 0) { CreateLoginAudit(hsId, Request.RequestUri.Host.ToString(CultureInfo.InvariantCulture), cchid, cnxString); hrm = Request.CreateErrorResponse(HttpStatusCode.NoContent, new Exception("Video Data Not Found")); using (var gvcmi = new GetVideoCampaignMemberIdByCchId()) { gvcmi.CampaignId = hsRequest.CampaignId; gvcmi.CchId = cchid; gvcmi.GetData(cnxString); if (!gvcmi.HasThrownError && !string.IsNullOrEmpty(gvcmi.VideoCampaignMemberId)) { using (var gvcmd = new GetVideoCampaignMemberDataById()) { gvcmd.VideoCampaignMemberId = gvcmi.VideoCampaignMemberId; gvcmd.GetData(cnxString); if (!gvcmd.HasThrownError) { string videoMemberData = gvcmd.VideoMemberData; string resultset = string.Format("\"AuthHash\":\"{0}\",\"MemberData\":{1}", authHash, videoMemberData); resultset = string.Concat("{", resultset, "}"); hrm = new HttpResponseMessage(HttpStatusCode.OK) { RequestMessage = Request, Content = new StringContent(resultset), StatusCode = HttpStatusCode.OK }; } } } } } } } } return(hrm); }