public RemitlyPayoutController(ISecurityService securityService, ICacheService cacheService, IFinacleRepository finacleRepository, ICashPickup cashPickupService)
{
_securityService = securityService;
_flexCubeRepository = finacleRepository;
_cacheService = cacheService;
_cashPickupService = cashPickupService;
}
public HomeController(ISecurityService securityService, IFinacleRepository finacleRepository, IAuditService auditService, IAuditRepository auditRepository, ISecurityRepository securityRepository)
{
_securityService = securityService;
_finacleRepository = finacleRepository;
_auditService = auditService;
_auditRepository = auditRepository;
_securityRepository = securityRepository;
}
public static AuthenticationResponse Authentication(AuthenticationRequest request, bool finacleRoleCheck, SecurityConfig settings, ISecurityService securityService, IFinacleRepository finacleRepository)
{
AuthenticationResponse authenticationResponse = new AuthenticationResponse();
try
{
request.UserID = request.UserID.ToUpper();
authenticationResponse = Access.AdCallForNameEmail(request);
if (finacleRoleCheck)
{
if (authenticationResponse.ResponseCode == "0")
{
var result = finacleRepository.GetUserRoleFromFlexcube(request.UserID);
if (result != null)
{
authenticationResponse.BranchCode = result.BranchCode;
authenticationResponse.Role = result.ApplicationName;
}
}
if (authenticationResponse.ResponseCode == "0" && !string.IsNullOrEmpty(authenticationResponse.Role))
{
var result = finacleRepository.GetUserTillAccountFromFinacle(request.UserID);
authenticationResponse.TellerTillAccount = result;
}
}
}
catch (Exception ex)
{
if (request != null)
{
request.Password = "******";
}
authenticationResponse.ResponseCode = "1001";
authenticationResponse.ResponseDescription = "Unable to authenticate the user. Please contact the administrator.";
}
if (authenticationResponse.ResponseCode != "0")
{
var resp = new AuthenticationResponse()
{
ResponseCode = authenticationResponse.ResponseCode, ResponseDescription = authenticationResponse.ResponseDescription
};
authenticationResponse = resp;
}
return(authenticationResponse);
}
private static AuthenticationDataDto FinacleAuthorization(string username, ISecurityService authenticationService, IFinacleRepository finacleRepository, AuthenticationDataDto currentUser, AuthenticationResponse result)
{
//get finacle role
FinacleRole finacleRole = finacleRepository.GetUserRoleFromFlexcube(username);
if (finacleRole == null)
{
finacleRole = new FinacleRole()
{
UserID = username, BranchCode = null, ApplicationName = string.Empty
}
}
;
var roleId = authenticationService.GetRoleList().Where(r => r.RoleName.ToLower() == finacleRole.ApplicationName.ToLower()).Select(k => k.RoleId).FirstOrDefault();
if (currentUser == null)
{
//create the user record for session management purpose, only for AD/Finacle users logging in for the first time,
//if role is recognised in this application
var userObject = new User()
{
BadPasswordCount = 0,
CreationDate = Helper.GetLocalDate(),
CurrentSessionId = Helper.GetNextGuid(),
Email = result.Email,
FirstName = result.FirstName,
//ApprovalStatus = true,
IsFirstLogIn = false,
Initial = string.Empty,
LastLogInDate = Helper.GetLocalDate(),
IsLockedOut = false,
IsOnline = true,
LastActivityDate = Helper.GetLocalDate(),
LastName = result.LastName,
InitiatedBy = username,
//ApprovedBy = "NULL",
Username = username,
Telephone = "N/A",
Password = "******",
AccountType = Constants.AccountType.ADFinacle,
ApprovalStatus = Constants.ApprovalStatus.Approved,
BranchID = finacleRole.BranchCode,
IsDeleted = false,
UserRole = new Role()
{
RoleId = roleId
}
};
if (roleId != Guid.Empty)
{
authenticationService.AddUserForSessionMgmt(userObject);
}
currentUser = new AuthenticationDataDto();
{
currentUser.SessionId = userObject.CurrentSessionId.ToString();
currentUser.Username = username;
currentUser.Roles = finacleRole.ApplicationName;
currentUser.IsFirstLogIn = false;
currentUser.FullName = string.Format("{0} {1}", userObject.FirstName, userObject.LastName);
currentUser.IsPasswordSet = false;
currentUser.BranchCode = finacleRole.BranchCode;
}
}
//with finacle authorization, we check whether the locally saved role
//is the same as we got from Finacle, if not we update the local db.
//and we always override local role even if available
//this ensure if the role changed in Finacle it is inherited in the application.
//we also ensure if user branch in finacle has changed, is changed here too
if ((currentUser.Roles.ToLower() != finacleRole.ApplicationName.ToLower() && roleId != Guid.Empty) || (currentUser.BranchCode != finacleRole.BranchCode && !string.IsNullOrEmpty(finacleRole.BranchCode)))
{
authenticationService.UpdateUserRoleUserBranch(currentUser.Username, roleId, finacleRole.BranchCode);
currentUser.Roles = finacleRole.ApplicationName;
currentUser.BranchCode = finacleRole.BranchCode;
}
return(currentUser);
}
public static bool SignIn(string username, string password, string tokenCode, ISecurityService authenticationService, IFinacleRepository finacleRepository, out bool isFirstLogIn, ref ValidationStateDictionary states)
{
isFirstLogIn = false;
AuthenticationDataDto currentUser = null;
bool validateWithAD = false;
bool useFinacleRole = false;
var hashedPassword = string.Empty;
var settings = SecurityConfig.GetCurrent();
if (settings.Cookie.PasswordHashed && !string.IsNullOrEmpty(password))
{
var lowerUsername = string.Empty;
if (!string.IsNullOrEmpty(username))
{
lowerUsername = username.ToLower();
}
hashedPassword = PasswordHash.Hash(lowerUsername, password);
}
currentUser = authenticationService.SignIn(username, hashedPassword, true, ref states);
if (currentUser != null)
{
if (currentUser.AppAuthenticationFailed)
{
return(false);
}
}
states.Clear();
SetAuthMode(currentUser, ref validateWithAD, ref useFinacleRole);
AuthenticationResponse result = new AuthenticationResponse();
if (validateWithAD)
{
var ADResult = ADAuthentication(username, password, tokenCode, authenticationService, finacleRepository, states, settings, ref result);
if (!ADResult)
{
if (currentUser != null)
{
authenticationService.SignOut(currentUser.SessionId);
}
return(false);
}
}
if (useFinacleRole)
{
currentUser = FinacleAuthorization(username, authenticationService, finacleRepository, currentUser, result);
}
else
{
if (!ValidateLocalUserRole(states, currentUser))
{
if (currentUser != null)
{
authenticationService.SignOut(currentUser.SessionId);
}
return(false);
}
}
if (!ValidateRoleAndUser(username, authenticationService, states, currentUser))
{
if (currentUser != null)
{
authenticationService.SignOut(currentUser.SessionId);
}
return(false);
}
if (!Check2FA(username, tokenCode, states, currentUser, settings))
{
if (currentUser != null)
{
authenticationService.SignOut(currentUser.SessionId);
}
return(false);
}
CreateThreadPrincipalAndAuthCookie(currentUser, settings);
isFirstLogIn = validateWithAD == true ? false : currentUser.IsFirstLogIn;
//if (useFinacleRole) /no longer needed.
//{
// //cache the role, so that we don't go back to finacle on every session renewal
// ICacheService cacheService = ((IContainer)System.Web.HttpContext.Current.Application["container"]).Resolve<ICacheService>();
// CacheItemPolicy policy = new CacheItemPolicy() { SlidingExpiration = new TimeSpan(0, settings.Cookie.Timeout + 1, 0) };
// cacheService.Add(string.Format("UserSessionID:{0}", currentUser.SessionId), currentUser.Roles, policy);
//}
return(true);
}
private static bool ADAuthentication(string username, string password, string tokenCode, ISecurityService authenticationService, IFinacleRepository finacleRepository, ValidationStateDictionary states, SecurityConfig settings, ref AuthenticationResponse result)
{
var status3 = true;
result = Authentication(new AuthenticationRequest()
{
UserID = username,
Password = password,
TokenCode = tokenCode
}, false, settings, authenticationService, finacleRepository);
if (result.ResponseCode != "0")
{
ValidationState v = new ValidationState();
v.Errors.Add(new ValidationError("Username.InvalidUsername", username, "Invalid Username or Password"));
states.Add(typeof(LogInDto), v);
status3 = false;
}
return(status3);
}
public UserSetupController(ISecurityService securityService, ICacheService cacheService, IFinacleRepository finacleRepository)
{
_securityService = securityService;
_flexCubeRepository = finacleRepository;
_cacheService = cacheService;
}
