public HttpResponseMessage validate(LoginRequest model)
{
try
{
if (ModelState.IsValid)
{
IUserAuthData success = _userService.validatePassword(model.Email, model.Password);
if (success != null)
{
ItemResponse <IUserAuthData> resp = new ItemResponse <IUserAuthData>();
resp.Item = success;
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
else
{
ErrorResponse resp = new ErrorResponse("Password does not match");
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState));
}
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
public ActionResult <ItemsResponse <List <ProviderReport> > > SelectProviderLicenseList()
{
int code = 200;
BaseResponse response = null;
try
{
IUserAuthData user = _auth.GetCurrentUser();
if (user.Roles.Contains("Office Manager"))
{
List <ProviderReport> list = _service.SelectAllProviderList(user.Id);
if (list == null)
{
code = 404;
response = new ErrorResponse("Resource not found");
}
else
{
response = new ItemsResponse <ProviderReport>()
{
Items = list
};
}
}
} catch (Exception ex)
{
code = 500;
response = new ErrorResponse(ex.Message);
}
return(StatusCode(code, response));
}
public bool LogIn(string email, string password)
{
bool isSuccessful = false;
string salt = GetSalt(email);
if (salt == null)
{
return(isSuccessful);
}
if (!String.IsNullOrEmpty(salt))
{
string passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT);
IUserAuthData response = Get(email, passwordHash);
if (response != null)
{
_authenticationService.LogIn(response);
isSuccessful = true;
}
}
return(isSuccessful);
}
public MealService2(IDataProvider dataProvider, IUserService getProfile, IPrincipal user)
{
_dataProvider = dataProvider;
_getProfile = getProfile;
_principal = user;
_currentUser = _principal.Identity.GetCurrentUser();
}
public ActionResult <ItemResponse <int> > Add(AdvertisersAddRequest model)
{
int userId = _authService.GetCurrentUserId();
IUserAuthData user = _authService.GetCurrentUser();
ObjectResult result = null;
try
{
int id = _service.Add(model, userId);
ItemResponse <int> response = new ItemResponse <int>()
{
Item = id
};
result = Created201(response);
}
catch (Exception ex)
{
Logger.LogError(ex.ToString());
ErrorResponse response = new ErrorResponse(ex.Message);
result = StatusCode(500, response);
}
return(result);
}
public bool LogIn(string email, string password, bool isPersistent)
{
bool isSuccessful = false;
string salt = GetSalt(email);
bool isEmailConfirmed = GetEmailConfirmation(email);
if (!String.IsNullOrEmpty(salt) && isEmailConfirmed != false)
{
string passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT);
IUserAuthData response = Get(email, passwordHash);
if (response != null)
{
Claim firstName = new Claim("FirstName", response.FirstName);
Claim lastName = new Claim("LastName", response.LastName);
Claim photoUrl = new Claim("PhotoUrl", response.PhotoUrl);
_authenticationService.LogIn(response, isPersistent, new Claim[] { firstName, lastName, photoUrl });
isSuccessful = true;
}
}
return(isSuccessful);
}
public ActionResult <ItemResponse <IUserAuthData> > GetCurrentUser()
{
int code = 200;
BaseResponse response = null;
try
{
IUserAuthData currentUser = _authService.GetCurrentUser();
if (currentUser != null)
{
int id = currentUser.Id;
User user = _service.GetById(id);
response = new ItemResponse <User> {
Item = user
};
}
else
{
code = 404;
response = new ErrorResponse("Current user not found.");
}
}
catch (Exception ex)
{
code = 500;
response = new ErrorResponse($"Generic Error: {ex.Message}");
base.Logger.LogError(ex.ToString());
}
return(StatusCode(code, response));
}
public void LogIn(IUserAuthData user, params Claim[] extraClaims)
{
ClaimsIdentity identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie
, ClaimsIdentity.DefaultNameClaimType
, ClaimsIdentity.DefaultRoleClaimType);
identity.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider"
, _title
, ClaimValueTypes.String));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(), ClaimValueTypes.String));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, user.Name, ClaimValueTypes.String));
if (user.Roles != null && user.Roles.Any())
{
foreach (string singleRole in user.Roles)
{
identity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, singleRole, ClaimValueTypes.String));
}
}
identity.AddClaims(extraClaims);
AuthenticationProperties props = new AuthenticationProperties
{
IsPersistent = true,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddDays(60),
AllowRefresh = true
};
HttpContext.Current.GetOwinContext().Authentication.SignIn(props, identity);
}
public ActionResult <ItemResponse <IUserAuthData> > GetCurrrent()
{
IUserAuthData user = _authService.GetCurrentUser();
ItemResponse <IUserAuthData> response = new ItemResponse <IUserAuthData>();
response.Item = user;
return(Ok200(response));
}
public HttpResponseMessage GetMine(int pageIndex, int pageSize)
{
ItemResponse <Paged <Ding> > response = new ItemResponse <Paged <Ding> >();
IUserAuthData user = _auth.GetCurrentUser();
int userId = user.Id;
response.Item = _service.GetMine(userId, pageIndex, pageSize);
return(Request.CreateResponse(HttpStatusCode.OK, response));
}
//Login from fb,google,linkedin without needing password
public bool LogInFree(UserFreeRequest model)
{
IUserAuthData response = GetFree(model.Email);
_authenticationService.LogIn(response);
bool isSuccessful = true;
return(isSuccessful);
}
public HttpResponseMessage UploadFile()
{
var httpPostedFile = HttpContext.Current.Request.Files[0];
string fileName = Path.GetFileNameWithoutExtension(httpPostedFile.FileName);
string extension = Path.GetExtension(httpPostedFile.FileName);
var newGuid = Guid.NewGuid().ToString("");
var newFileName = fileName + "_" + newGuid + extension;
Stream st = httpPostedFile.InputStream;
try
{
if (httpPostedFile != null)
{
TransferUtility utility = new TransferUtility(awsS3Client);
TransferUtilityUploadRequest request = new TransferUtilityUploadRequest();
request.BucketName = bucketname;
request.Key = newFileName;
request.InputStream = st;
log.Debug(newFileName + "uploading to AWS S3");
utility.Upload(request); //File Streamed to AWS
FileStorageAddRequest model = new FileStorageAddRequest();
IUserAuthData currentUser = _principal.Identity.GetCurrentUser();
if (extension == ".jpg" || extension == ".jpeg" || extension == ".png" ||
extension == ".gif" || extension == ".bmp" || extension == ".svg")
{
model.FileTypeId = 1;
}
else
{
model.FileTypeId = 8;
}
//Logic needed in order to separate filetypeId in correct type because this is more specific to documents...
model.UserFileName = fileName;
model.SystemFileName = newFileName;
model.Location = "https://sabio-training.s3.us-west-2.amazonaws.com/C53/" + newFileName;
model.CreatedBy = currentUser.Name;
int id = _fileStorageService.Insert(model);
ItemResponse <int> resp = new ItemResponse <int>();
resp.Item = id;
log.Debug("URL:" + " " + model.Location);
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
else
{
log.Error("Error trying to upload and store metadata");
return(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState));
}
}
catch (Exception ex)
{
log.Error("Unable to upload files");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
public ActionResult <SuccessResponse> ResetPassword(int id, UserUpdatePasswordRequest model)
{
int iCode = 200;
BaseResponse response = null;
try
{
int userId = _service.GetUserIdByToken(model.Token);
if (userId > 0)
{
bool successful = _service.VerifyTokenResetPassword(model.Token, model.Password);
if (successful)
{
response = new SuccessResponse();
}
else
{
iCode = 404;
response = new ErrorResponse("Could not locate UserId with this token");
}
}
else
{
IUserAuthData currentUser = _authService.GetCurrentUser();
if (currentUser != null)
{
id = currentUser.Id;
_service.UpdatePassword(id, model.Password, model.ConfirmPassword);
response = new SuccessResponse();
}
else
{
iCode = 404;
response = new ErrorResponse("Could not locate UserId");
}
}
}
catch (Exception ex)
{
iCode = 500;
base.Logger.LogError(ex.ToString());
response = new ErrorResponse($"Generic Error: ${ ex.Message }");
}
return(StatusCode(iCode, response));
}
public ActionResult <ItemResponse <Provider> > SelectDetailsById(int id)
{
int code = 200;
BaseResponse response;
try
{
IUserAuthData user = _auth.GetCurrentUser();
Provider provider = null;
if (user.Roles.Contains("SysAdmin"))
{
provider = _service.SelectDetailsById(id);
}
if (!user.Roles.Contains("Consumer") && !user.Roles.Contains("SysAdmin"))
{
if (user.Roles.Contains("Provider"))
//provider is making request
{
provider = _service.SelectDetailsById(id);
}
else
//office manager or provider assistant is making request
{
provider = _service.SelectDetailsById(id, user.Id);
}
}
if (provider == null)
{
code = 404;
response = new ErrorResponse("App resource not found.");
}
else
{
response = new ItemResponse <Provider>()
{
Item = provider
};
}
}
catch (Exception ex)
{
code = 500;
response = new ErrorResponse(ex.Message);
base.Logger.LogError(ex.ToString());
}
return(StatusCode(code, response));
}
public UsersApiController(IUserService userService, IAuthenticationService auth, IPrincipal principal, IAddressService addressService, IEmailService emailService, ICommentsService commentsService,
ITokenService tokenService)
{
_userService = userService;
_auth = auth;
_principal = principal;
_addressService = addressService;
_emailService = emailService;
_tokenService = tokenService;
_currentUser = _principal.Identity.GetCurrentUser();
_commentsService = commentsService;
}
public async Task <bool> LogInAsync(string email, string password)
{
bool isSuccessful = false;
IUserAuthData response = Get(email, password);
if (response != null)
{
await _authenticationService.LogInAsync(response);
isSuccessful = true;
}
return(isSuccessful);
}
public bool LogIn(string userName, string password)
{
bool isSuccessful = false;
IUserAuthData response = SelectByUserName(userName, password);
if (response != null)
{
_authenticationService.LogIn(response);
isSuccessful = true;
}
return(isSuccessful);
}
public bool LogIn(string email, string password)
{
bool isSuccessful = false;
IUserAuthData response = Get(email, password);
if (response != null)
{
_authenticationService.LogIn(response);
isSuccessful = true;
}
return(isSuccessful);
}
public IUserAuthData validatePassword(string email, string password)
{
string salt = GetSalt(email);
if (!String.IsNullOrEmpty(salt))
{
string passwordHash = _cryptographyService.Hash(password, salt, HASH_ITERATION_COUNT);
IUserAuthData response = Get(email, passwordHash);
if (response != null && response.Name != null && response.Id != 0)
{
return(response);
}
}
return(null);
}
public void Login_Test_Password_False()
{
// Arrange
LoginRequest model = new LoginRequest
{
Email = "*****@*****.**",
Password = "******",
};
// Act
IUserAuthData result = _userService1.LogIn(model.Email, model.Password);
// Assert
Assert.IsInstanceOfType(result, typeof(IUserAuthData), "response has to be bool");
}
public HttpResponseMessage Create(DigAddRequest model)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
ItemResponse <int> response = new ItemResponse <int>();
IUserAuthData user = _auth.GetCurrentUser();
int userId = user.Id;
model.CreatedBy = userId;
response.Item = _service.Insert(model);
return(Request.CreateResponse(HttpStatusCode.OK, response));
}
public ActionResult <ItemResponse <IUserAuthData> > GetCurrent()
{
IUserAuthData user = _authService.GetCurrentUser();
ItemResponse <IUserAuthData> response = new ItemResponse <IUserAuthData>();
response.Item = user;
if (response.Item == null)
{
return(NotFound404(new ErrorResponse("Not Logged In")));
}
else
{
return(Ok200(response));
}
}
public HttpResponseMessage Login(LoginRequest model)
{
try
{
if (ModelState.IsValid)
{
var webClient = new WebClient();
string verification = webClient.DownloadString(string.Format("https://www.google.com/recaptcha/api/siteverify?secret={0}&response={1}", _configService.ConvertConfigValue_String("Google_Recaptcha"), model.recaptchaResponse));
var recaptchaResponse = (JObject.Parse(verification)["success"].Value <bool>());
// checking for third party login
ThirdPartyUserLogin check = _thirdPartyUserService.GetByEmail(model.Email);
if (check.ThirdPartyTypeId > 0)
{
ErrorResponse resp = new ErrorResponse("Uncessful Login Attempt, user is registered with third party service");
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
else
{
IUserAuthData success = _userService.LogIn(model.Email, model.Password);
if (success != null)
{
List <int> pID = _userService.GetPerson(success.Id);
LoginResponse <IUserAuthData> resp = new LoginResponse <IUserAuthData>();
resp.Item = success;
resp.PersonID = pID;
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
else
{
ErrorResponse resp = new ErrorResponse("Uncessful Login Attempt");
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState));
}
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
public ActionResult <ItemResponse <Paged <ProviderReport> > > ReportSelectPaged(int pageIndex, int pageSize, ProviderDetailCategories categories)
{
int code = 200;
BaseResponse response = null;
try
{
IUserAuthData user = _auth.GetCurrentUser();
if (user.Roles.Contains("SysAdmin") || user.Roles.Contains("Office Manager"))
{
Paged <ProviderReport> pagedItems = null;
if (user.Roles.Contains("SysAdmin"))
{
pagedItems = _service.ReportSelectAllPaged(pageIndex, pageSize, categories);
}
else
{
pagedItems = _service.ReportSelectPaged(pageIndex, pageSize, user.Id, categories);
}
if (pagedItems == null)
{
code = 404;
response = new ErrorResponse("App resource not found.");
}
else
{
response = new ItemResponse <Paged <ProviderReport> > {
Item = pagedItems
};
}
}
else
{
code = 500;
response = new ErrorResponse("You do not meet the requirements to access this resource.");
}
}
catch (Exception ex)
{
base.Logger.LogError(ex.ToString());
code = 500;
response = new ErrorResponse(ex.Message);
}
return(StatusCode(code, response));
}
public HttpResponseMessage UploadFile()
{
var httpPostedFile = HttpContext.Current.Request.Files[0];
string fileName = Path.GetFileNameWithoutExtension(httpPostedFile.FileName);
string extension = Path.GetExtension(httpPostedFile.FileName);
var newGuid = Guid.NewGuid().ToString("");
var newFileName = fileName + "_" + newGuid + extension;
Stream st = httpPostedFile.InputStream;
try
{
if (httpPostedFile != null)
{
TransferUtility utility = new TransferUtility(awsS3Client);
TransferUtilityUploadRequest request = new TransferUtilityUploadRequest();
request.BucketName = bucketname;
request.Key = newFileName;
request.InputStream = st;
log.Debug(newFileName + "uploading to AWS S3");
utility.Upload(request);
FileStorageAddRequest model = new FileStorageAddRequest();
IUserAuthData currentUser = _principal.Identity.GetCurrentUser();
model.UserFileName = fileName;
model.SystemFileName = newFileName;
model.Location = "URL" + newFileName;
model.CreatedBy = currentUser.Name;
int id = _fileStorageService.Insert(model);
ItemResponse <int> resp = new ItemResponse <int>();
resp.Item = id;
log.Debug("URL:" + " " + model.Location);
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
else
{
log.Error("Error trying to upload and store metadata");
return(Request.CreateResponse(HttpStatusCode.BadRequest, ModelState));
}
}
catch (Exception ex)
{
log.Error("Unable to upload files");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
public bool ExternalLogIn(ExtUserAddRequest data, UserStatus status = UserStatus.Active)
{
bool isSuccessful = false;
bool response = Create(data, status);
IUserAuthData authUser = null;
if (response)
{
authUser = Get(data.EmailAddress);
}
if (authUser != null)
{
_authenticationService.LogIn(authUser);
isSuccessful = true;
}
return(isSuccessful);
}
public ActionResult <ItemResponse <Paged <ProviderReport> > > SearchProviderReportList(int pageIndex, int pageSize, string query, ProviderDetailCategories categories)
{
int code = 200;
BaseResponse response;
try
{
IUserAuthData user = _auth.GetCurrentUser();
Paged <ProviderReport> pagedItems = null;
if (user.Roles.Contains("SysAdmin") || user.Roles.Contains("Office Manager"))
{
if (user.Roles.Contains("SysAdmin"))
{
pagedItems = _service.SearchReportSelectAllPaged(pageIndex, pageSize, categories, query);
}
else
{
pagedItems = _service.SearchReportSelectPaged(pageIndex, pageSize, categories, query, user.Id);
}
}
if (pagedItems == null)
{
code = 404;
response = new ErrorResponse("App resource not found.");
}
else
{
response = new ItemResponse <Paged <ProviderReport> >()
{
Item = pagedItems
};
}
}
catch (Exception ex)
{
code = 500;
response = new ErrorResponse(ex.Message);
}
return(StatusCode(code, response));
}
public ActionResult <ItemsResponse <List <ProviderReport> > > ReportSelectAllPdf(ProviderDetailCategories categories)
{
int code = 200;
BaseResponse response = null;
try
{
IUserAuthData user = _auth.GetCurrentUser();
List <ProviderReport> list = null;
if (user.Roles.Contains("Office Manager") || (user.Roles.Contains("SysAdmin")))
{
if (user.Roles.Contains("SysAdmin"))
{
list = _service.ReportSelectAllPdf(categories, 0);
}
else
{
list = _service.ReportSelectAllPdf(categories, user.Id);
}
if (list == null)
{
code = 404;
response = new ErrorResponse("App resource not found.");
}
else
{
response = new ItemsResponse <ProviderReport>()
{
Items = list
};
}
}
}
catch (Exception ex)
{
base.Logger.LogError(ex.ToString());
code = 500;
response = new ErrorResponse(ex.Message);
}
return(StatusCode(code, response));
}
public ActionResult <ItemResponse <Paged <ProviderNonCompliant> > > SelectAllNonCompliant(int pageIndex, int pageSize)
{
int code = 200;
BaseResponse response = null;
try
{
IUserAuthData user = _auth.GetCurrentUser();
Paged <ProviderNonCompliant> pagedItems = null;
if (user.Roles.Contains("SysAdmin") || user.Roles.Contains("Office Manager"))
{
if (user.Roles.Contains("SysAdmin"))
{
pagedItems = _service.SelectAllNonCompliant(pageIndex, pageSize);
}
else
{
pagedItems = _service.SelectNonCompliant(pageIndex, pageSize, user.Id);
}
}
if (pagedItems == null)
{
code = 404;
response = new ErrorResponse("App resource not found.");
}
else
{
response = new ItemResponse <Paged <ProviderNonCompliant> > {
Item = pagedItems
};
}
}
catch (Exception ex)
{
base.Logger.LogError(ex.ToString());
code = 500;
response = new ErrorResponse(ex.Message);
}
return(StatusCode(code, response));
}
public FileStreamResult ReportSelectAll(ProviderDetailCategories categories)
{
BaseResponse response;
try
{
IUserAuthData user = _auth.GetCurrentUser();
MemoryStream stream = null;
if (user.Roles.Contains("Office Manager") || (user.Roles.Contains("SysAdmin")))
{
if (user.Roles.Contains("SysAdmin"))
{
stream = _service.ReportSelectAll(categories, 0);
}
else
{
stream = _service.ReportSelectAll(categories, user.Id);
}
}
if (stream == null)
{
response = new ErrorResponse("App resource not found.");
}
else
{
stream.Position = 0;
var contentType = "application/octet-stream";
var fileName = "ProviderReport.xlsx";
return(File(stream, contentType, fileName));
}
}
catch (Exception ex)
{
base.Logger.LogError(ex.ToString());
response = new ErrorResponse(ex.Message);
}
return(null);
}
