// POST: api/Signup_Verify
public SignupVerifyResponse Post(SignupVerify signupverify)
{
SignupPersistance signupPersistance = new SignupPersistance();
if (signupPersistance == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound));
}
//Signup signup = new Signup();
return(signupPersistance.GetSignupVerify(signupverify));
}
public SignupVerifyResponse GetSignupVerify(SignupVerify signupverify)
{
OleDbConnection conn = null;
OleDbCommand command = null;
OleDbDataReader mySQLReader = null;
var hash = System.Security.Cryptography.SHA512.Create();
SignupVerifyResponse signupVerifyResponse = new SignupVerifyResponse();
signupVerifyResponse.Message = "Not Found";
signupVerifyResponse.Status = "Fail";
bool hasRows = false;
try
{
string myConnectionString = ConfigurationManager.ConnectionStrings["localDB"].ConnectionString;;
conn = new OleDbConnection(myConnectionString);
conn.Open();
command = new OleDbCommand();
command.Connection = conn;
command.CommandTimeout = 0;
command.CommandType = CommandType.Text;
command.CommandText = "select otp.Mobile_No, otp.OTP_No, otp.Ref_No, otp.Dt_Gen,customer.UnitHolder from SrvA_OTP_Cloud otp left join SrvA_Customer_Cloud customer on otp.Mobile_No = customer.Mobile_No where (otp.Mobile_No = ? and otp.OTP_No = ? and DATEDIFF(minute, otp.Dt_Gen, GETDATE()) <= 3 and otp.flag = 1)";
command.Parameters.Clear();
command.Parameters.AddWithValue("@Mobile_No", signupverify.Mobile_No == null ? new byte[0] : hash.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signupverify.Mobile_No.Trim())));
command.Parameters.AddWithValue("@OTP", signupverify.OTP == null ? "" : signupverify.OTP.Trim());
mySQLReader = command.ExecuteReader();
/*
* while (mySQLReader.Read())
* {
* signupVerifyResponse.UnitHolder = mySQLReader.GetString(mySQLReader.GetOrdinal("UnitHolder"));
* }
*/
if (mySQLReader.HasRows)
{
hasRows = true;
}
mySQLReader.Close();
if (hasRows)
{
/*
* //-------------------------------- Hash Password --------------------------
* byte[] bytes = System.Text.Encoding.Unicode.GetBytes(signupverify.Password.Trim()); //password
* byte[] src = Convert.FromBase64String("g+6JjGHD75cSeRBQOvkyXQ==");//salt
* //byte[] src = System.Text.Encoding.UTF8.GetBytes("g+6JjGHD75cSeRBQOvkyXQ==");//salt
* byte[] dst = new byte[src.Length + bytes.Length];
*
* Buffer.BlockCopy(src, 0, dst, 0, src.Length);
* Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
* HashAlgorithm algorithm = HashAlgorithm.Create("SHA1");
* byte[] inArray = algorithm.ComputeHash(dst);
* signupVerifyResponse.Password = Convert.ToBase64String(inArray);
* signupVerifyResponse.Message = "Success";
* signupVerifyResponse.Status = "OK";
* //-------------------------------- /Hash Password --------------------------
*/
command.CommandType = CommandType.Text;
command.CommandText = "Insert Into SrvA_PIN_Cloud(Mobile_No,PIN,Dt_Gen,Flag)VALUES(?,?,GETDATE(),1)";
command.Parameters.Clear();
command.Parameters.AddWithValue("@Mobile_No", signupverify.Mobile_No == null ? new byte[0] : hash.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signupverify.Mobile_No.Trim())));
command.Parameters.AddWithValue("@PIN", signupverify.PIN == null ? new byte[0] : hash.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signupverify.PIN.Trim())));
command.ExecuteNonQuery();
TokenService tokenService = new TokenService();
var token = tokenService.GetToken(signupverify.Mobile_No.Trim().ToString(), signupverify.PIN.Trim().ToString());
//var token = GetToken("0813963651", "315709");
signupVerifyResponse.AccessToken = token;
signupVerifyResponse.Message = "Success";
signupVerifyResponse.Status = "OK";
}
else
{
signupVerifyResponse.Message = "มีการลงทะเบียนเรียบร้อยแล้ว";
}
//return signupArrayList;
return(signupVerifyResponse);
}
/*catch (SqlException ex)
* {
* throw ex;
* }
*/
catch (Exception ex)
{
signupVerifyResponse.Message = ex.ToString();
signupVerifyResponse.Status = "Fail";
return(signupVerifyResponse);
}
finally
{
if (mySQLReader != null)
{
mySQLReader.Close();
}
if (conn != null)
{
conn.Close();
}
}
}