public IHttpActionResult Register(User user)
{
var userDetails = unitOfWork.UserRepository.Get(filter: q => q.Email == user.Email);
if (!(userDetails.Count() > 0))
{
user.Password = DataEntities.Common.ManagePassword.ComputeHash(user.Password, "SHA512", null);
user.RoleId = 2;
user.Status = false;
unitOfWork.UserRepository.Insert(user);
unitOfWork.Save();
var generatedToken = ManageToken.GenerateToken(user.Email, 10);
string baseURL = string.Empty;
var strUrl = HttpContext.Current.Request.Url;
var host = "http://" + strUrl.Host;
var port = strUrl.Port;
if (host == "http://localhost")
{
baseURL = host + ":" + port;// + "/api/Confirmation?authenticationToken=";
}
else
{
baseURL = host;// + "/api/Confirmation?authenticationToken=";
}
var emailBody = Common.SendEmail.CreateEmailBody(user.FirstName, "/confimration/" + generatedToken, baseURL);
Common.SendEmail.Send(user.Email, "", "", "Registration Email", emailBody);
return(Ok());
}
else
{
return(new HttpActionResult(HttpStatusCode.BadRequest, "User already Exist."));
}
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
if (actionContext.Request.Headers.GetValues("authenticationToken") != null)
{
// get value from header
string authenticationToken = Convert.ToString(
actionContext.Request.Headers.GetValues("authenticationToken").FirstOrDefault());
//authenticationTokenPersistant
// it is saved in some data store
// i will compare the authenticationToken sent by client with
// authenticationToken persist in database against specific user, and act accordingly
string userName = string.Empty;
var result = ManageToken.ValidateToken(authenticationToken, out userName);
if (result != true)
{
HttpContext.Current.Response.AddHeader("authenticationToken", authenticationToken);
HttpContext.Current.Response.AddHeader("AuthenticationStatus", "NotAuthorized");
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(false);
}
HttpContext.Current.Response.AddHeader("authenticationToken", authenticationToken);
HttpContext.Current.Response.AddHeader("AuthenticationStatus", "Authorized");
return(true);
}
actionContext.Response =
actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
actionContext.Response.ReasonPhrase = "Please provide valid inputs";
return(false);
}
public IHttpActionResult PasswordUpdate(User user)
{
var re = Request;
var headers = re.Headers;
string email = string.Empty;
string token = string.Empty;
if (headers.Contains("authenticationToken"))
{
token = headers.GetValues("authenticationToken").First();
}
var result = ManageToken.ValidateToken(token, out email);
if (result)
{
var userDetails = unitOfWork.UserRepository.Get(filter: q => q.Email == email).FirstOrDefault();
userDetails.Password = DataEntities.Common.ManagePassword.ComputeHash(user.Password, "SHA512", null);
unitOfWork.UserRepository.Update(userDetails);
unitOfWork.Save();
return(Ok());
}
else
{
return(new HttpActionResult(HttpStatusCode.BadRequest, "Link has expired."));
}
}
public IHttpActionResult PasswordReset(User user)
{
var userDetails = unitOfWork.UserRepository.Get(filter: q => q.Email == user.Email);
if (userDetails.Count() > 0)
{
var generatedToken = ManageToken.GenerateToken(user.Email, 10);
string baseURL = string.Empty;
var strUrl = HttpContext.Current.Request.Url;
var host = "http://" + strUrl.Host;
var port = strUrl.Port;
if (host == "http://localhost")
{
baseURL = host + ":" + port;
}
else
{
baseURL = host;
}
var emailBody = Common.SendEmail.CreateEmailBody(user.FirstName, "/reset-password/" + generatedToken, baseURL);
Common.SendEmail.Send(user.Email, "", "", "Password Reset Email", emailBody);
return(Ok());
}
else
{
return(new HttpActionResult(HttpStatusCode.BadRequest, "User already Exist."));
}
}
private dynamic SetValues(ActionExecutingContext filterContext, dynamic model)
{
try
{
model.CreatorUserId = ManageToken.GetToken(filterContext.HttpContext.Request);
}
catch { }
try
{
model.CreationDate = DateTime.Now;
}
catch { }
return(model);
}
private dynamic SetPut(ActionExecutingContext filterContext, dynamic model)
{
try
{
model.LastUpdatedUserId = ManageToken.GetToken(filterContext.HttpContext.Request);
}
catch { }
try
{
model.LastUpdateDate = DateTime.Now;
}
catch { }
return(model);
}
public IHttpActionResult Confirmation(string authenticationToken)
{
string email = string.Empty;
var result = ManageToken.ValidateToken(authenticationToken, out email);
if (result)
{
var userDetails = unitOfWork.UserRepository.Get(filter: q => q.Email == email).FirstOrDefault();
userDetails.Status = true;
unitOfWork.UserRepository.Update(userDetails);
unitOfWork.Save();
return(Ok(result));
}
else
{
return(new HttpActionResult(HttpStatusCode.BadRequest, "Link has Expired."));
}
}
private dynamic SetPost(ActionExecutingContext filterContext, dynamic model)
{
var path = filterContext.HttpContext.Request.Path.Value;
var split = path.Split('/').Where(x => !string.IsNullOrWhiteSpace(x)).ToList();
if (split.LastOrDefault().Contains("add"))
{
try
{
model.CreatorUserId = ManageToken.GetToken(filterContext.HttpContext.Request);
}
catch { }
try
{
model.CreationDate = DateTime.Now;
}
catch { }
}
return(model);
}
public object Login(
[FromBody] LoginViewModel loginViewModel,
[FromServices] SigningConfigurations signingConfigurations,
[FromServices] TokenConfigurations tokenConfigurations)
{
var user = _userAppService.GetByEmail(loginViewModel.Email);
if (user == null)
{
return new { authenticated = false, message = "Usuário não encontrado" }
}
;
if (!user.IsVerified)
{
return new { authenticated = false, message = "Confirme seu e-mail" }
}
;
else if (user.Password != Utils.EncryptPassword(loginViewModel.Password))
{
return new { authenticated = false, message = "Usuário ou senha incorretos!" }
}
;
else
{
var login = new ManageToken().GetLoginObject(tokenConfigurations, signingConfigurations, user);
if (login == null)
{
return new { authenticated = false, message = "Ocorreu algum erro, tente novamente." }
}
;
return(login);
}
}
}
}