public HttpResponseMessage Login(ProductsApp.Models.Accounts.Login param) { try { string Token = string.Empty; AccountsServices accService = new AccountsServices(); string result = accService.Login(param, out Token); List<string> li = new List<string>(); li.Add(Token); li.Add(result); if (string.IsNullOrEmpty(Token)) { return Request.CreateResponse(HttpStatusCode.Unauthorized, li); } if (result == "Login Successfull") { return Request.CreateResponse(HttpStatusCode.OK, li); } return Request.CreateResponse(HttpStatusCode.InternalServerError, new List<string>() { "", "Error" }); } catch (Exception ex) { return Request.CreateResponse(HttpStatusCode.InternalServerError, new List<string>() { "", "Api error!! Sorry!!" }); } }
public string Login(ProductsApp.Models.Accounts.Login param, out string Token) { try { Token = string.Empty; if (string.IsNullOrWhiteSpace(param.Username) || string.IsNullOrWhiteSpace(param.Password)) { return "Username or password can't be blank"; } string getUsernameSqlQuery = string.Empty; string result = string.Empty; string username = param.Username.Trim(); //string email = param.Email.Trim(); string password = param.Password.Trim(); #region//unauthorized access check string url = ConfigurationManager.AppSettings["hostUrl"] + "projects.json"; try { HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Credentials = new NetworkCredential(username, password); HttpWebResponse response; response = (HttpWebResponse)request.GetResponse(); if (response.StatusCode == HttpStatusCode.Unauthorized) { return "Un-Authorized Access!!Check Id or Password"; } } catch (WebException we) { try { if (we.Status == WebExceptionStatus.ProtocolError) { var response = we.Response as HttpWebResponse; if (response != null) { if (response.StatusCode == HttpStatusCode.Unauthorized) { return "Un-Authorized Access!!Check Id or Password"; } } else { Logger.Debug("AccountsServices.Login " + we.ToString()); // no http status code available } } else { Logger.Debug("AccountsServices.Login " + we.ToString()); // no http status code available } } catch (Exception exe) { Logger.Error("AccountsServices.Login " + exe.ToString()); } } #endregion SqlParameter[] sqlParam = new SqlParameter[1]; sqlParam[0] = new SqlParameter("@Username", System.Data.SqlDbType.VarChar); sqlParam[0].Value = username; getUsernameSqlQuery = "Select [RedmineUserId] from [dbo].[Users] where [Username] = @Username and [Active] = 1"; DataTable dt = new DataTable(); string redmineUserIdDB = dc.GetSingleCell(getUsernameSqlQuery, sqlParam); if (!string.IsNullOrWhiteSpace(redmineUserIdDB)) { string randomToken = Encryption.RandomStringGenerator(); string setTokenQuery = "Update [dbo].[Users] set [Token]=@Token where [RedmineUserId] = @RedmineUserId"; sqlParam = new SqlParameter[2]; sqlParam[0] = new SqlParameter("@Token", System.Data.SqlDbType.VarChar); sqlParam[0].Value = randomToken; sqlParam[1] = new SqlParameter("@RedmineUserId", System.Data.SqlDbType.VarChar); sqlParam[1].Value = redmineUserIdDB; if (dc.InsertUpdateDelete(setTokenQuery, sqlParam)) { Token = Encryption.Encrypt(randomToken); result = "Login Successfull"; } else result = "Server Error"; } else return "Sorry!! User Not Authorized To View Campaigns"; return result; } catch (Exception ex) { Logger.Error("AccountsServices.Login Exception: " + ex.ToString()); Token = string.Empty; return "Sorry!! Api exception occured. Please check logs"; } }