public LoginUserReponse LoginUserAction(IUserProfile UserProfileObj)
{
bool IsLoggedIn = false;
string Email = UserProfileObj.GetEmail();
string Password = UserProfileObj.GetPassword();
string Token = "";
string ErrorText = "";
string DbSalt = "";
string DbHashPassword = "";
string HashPassword = "";
try
{
DataSet output = new UserActionsDataLayer(UserProfileObj).GetHashedPassword();
if (output.Tables[0].Rows.Count > 0)
{
DbSalt = output.Tables[0].Rows[0]["salt"].ToString();
DbHashPassword = output.Tables[0].Rows[0]["password"].ToString();
HashPassword = SHA256.Instance().hash(Password + DbSalt);
if (DbHashPassword == HashPassword)
{
Token = SHA256.Instance().hash(Email + Password + DateTime.Now.ToString());
// create a long token
Token += SHA256.Instance().hash(Email + Password + DateTime.Now.AddSeconds(200).ToString());
UserProfileObj.SetToken(Token);
// update the token value to database so as to authenticate the user for all events
new Security(UserProfileObj).AddTokenToDB();
IsLoggedIn = true;
}
else
{
IsLoggedIn = false;
Logger.Instance().Log(Warn.Instance(), new WarnDebug("Authentication failed for email : " + Email.ToString()));
ErrorText = "Invalid Email ID and password combination";
}
}
else
{
IsLoggedIn = false;
ErrorText = "Invalid Email ID and password combination";
}
}
catch (Exception ex)
{
Logger.Instance().Log(Fatal.Instance(), ex);
IsLoggedIn = false;
ErrorText = "Unable to login to the system, please try again later. This event has been logged";
throw ex;
}
LoginUserReponse LoginResponse = new LoginUserReponse();
LoginResponse.SetIsLoggedIn(IsLoggedIn);
LoginResponse.SetErrorText(ErrorText);
LoginResponse.SetToken(Token);
return(LoginResponse);
}