private async Task <bool> CheckUserIsLoggedInSession(string userKey, string username) { var db = new IBAEntities1(); var record = db.C_records.FirstOrDefault(r => r.username == username); var session = RecordSessionUtilities.ActiveSessionByUserId(db, record.id); if (session == null) { return(false); } else if (userKey != session.session_token.ToString()) { return(false); } else { TimeSpan timeDiff = session.session_expiry - DateTime.UtcNow; var timeToAdd = RecordSessionUtilities.SlidingSessionExpiryInDays - timeDiff; var newExpiry = session.session_expiry.Add(timeToAdd); session.session_expiry = newExpiry; db.SaveChanges(); } return(true); }
public async Task <LoginResponseModel> Put() { LoginResponseModel model = new LoginResponseModel(); try { var username = GetUserNameFromRequest(Request); decimal[] usersAllowedToLogin = new decimal[] { 1, 4, 13, 27 }; var filteredRecords = Db.C_records.Where(r => usersAllowedToLogin.Contains(r.@class)); var record = filteredRecords.FirstOrDefault(r => r.username == username); if (record == null || record.status != 1) { model.ResponseError.Code = 403; model.ResponseError.Message = "User is not permitted to log in through the app."; return(model); } //If the user logs in and they already have an active session, update the session //expiry. Otherwise create a new session. var session = RecordSessionUtilities.ActiveSessionByUserId(Db, record.id); if (session == null) { session = new record_sessions { session_token = GenerateTokenForUser(), C_records = record, session_expiry = DateTime.UtcNow.Add(RecordSessionUtilities.SlidingSessionExpiryInDays), client_platform = String.Join(" ", Request.Headers.UserAgent), initial_logon = DateTime.UtcNow }; Db.record_sessions.Add(session); await Db.SaveChangesAsync(); } else { var newExpiry = session.session_expiry.Add(RecordSessionUtilities.SlidingSessionExpiryInDays); session.session_expiry = newExpiry; await Db.SaveChangesAsync(); } model.SessionToken = session.session_token; model.Profile = GetProfile(record.id); return(model); } catch (Exception e) { model.ResponseError.Code = 500; model.ResponseError.Message = $"Exception {e} was thrown."; return(model); } }
public LoginResponseModel PutV2() { LoginResponseModel model = new LoginResponseModel(); try { var username = GetUserNameFromRequest(Request); var record = Db.C_records.FirstOrDefault(r => r.username == username); if (record == null || record.status != 1 || !UserRights.V2LoginClasses.Contains(record.@class)) { model.SetError(403, "User is not permitted to log in through the app."); return(model); } //If the user logs in and they already have an active session, update the session //expiry. Otherwise create a new session. var session = RecordSessionUtilities.ActiveSessionByUserId(Db, record.id); if (session == null) { session = new record_sessions { session_token = GenerateTokenForUser(), C_records = record, session_expiry = DateTime.UtcNow.Add(RecordSessionUtilities.SlidingSessionExpiryInDays), client_platform = string.Join(" ", Request.Headers.UserAgent), initial_logon = DateTime.UtcNow }; Db.record_sessions.Add(session); Db.SaveChanges(); } else { var newExpiry = session.session_expiry.Add(RecordSessionUtilities.SlidingSessionExpiryInDays); session.session_expiry = newExpiry; Db.SaveChanges(); } model.SessionToken = session.session_token; model.Profile = GetProfile(record.id); } catch (Exception e) { model.SetError(500, $"Exception {e} was thrown."); } return(model); }
public async Task <bool> Delete() { var username = GetUserNameFromRequest(Request); var record = Db.C_records.FirstOrDefault(r => r.username == username); if (record != null) { var session = RecordSessionUtilities.ActiveSessionByUserId(Db, record.id); if (session != null) { session.logout_time = DateTime.UtcNow; await Db.SaveChangesAsync(); } } return(true); }
private static bool CheckUserIsLoggedInSession(string userKey) { using (var db = new IBAEntities1()) { var session = RecordSessionUtilities.ActiveSessionByToken(db, userKey); if (session == null) { return(false); } TimeSpan timeDiff = session.session_expiry - DateTime.UtcNow; var timeToAdd = RecordSessionUtilities.SlidingSessionExpiryInDays - timeDiff; var newExpiry = session.session_expiry.Add(timeToAdd); session.session_expiry = newExpiry; db.SaveChanges(); } return(true); }
public static RightsResponseModel GetUserSession(IBAEntities1 db, HttpRequestMessage request) { var result = new RightsResponseModel { Session = RecordSessionUtilities.SessionByToken(db, request) }; if (result.Session == null) { // should never happen after xauth but just incase ! result.SetError(HttpStatusCode.Forbidden, "you do not have an active Session"); return(result); } if (result.Session.C_records.status != 1) { result.SetError(HttpStatusCode.Forbidden, "User is Disabled"); } return(result); }