public static string CmdParseClaimValue(string ParInput, int SaltLength)
{
try
{
string result = CmdAsymmetricDecrypt(ParInput);
return(result.Substring(0, result.Length - SaltLength));
}
catch (Exception ex)
{
bool b = TS.AddErrorLog("AllUsers", ex.Message, MethodBase.GetCurrentMethod()).Result;
return(string.Empty);
}
}
public async Task <ActionResult> Post([FromBody] TSUser tsUser)
{
string UserID = GlobalFunctions.CmdGetValueFromClaim(User.Claims, "UserID", 10);
await TS.AddActivityLog(UserID, "post user", MethodBase.GetCurrentMethod());
GlobalFunctions.CmdDecryptEntityAsymm(tsUser);
bool b = TS.DeleteExpiredEmaiedCodes().Result;
string MachineID = GlobalFunctions.CmdGetValueFromClaim(User.Claims, "MachineID", 10);
string IPAddress = HttpContext.Connection.RemoteIpAddress.ToString();
TSEmailedCodeEntity emailedCode = TS.FindEmaiedCode(tsUser.Email, IPAddress, MachineID).Result;
if (emailedCode != null)
{
if (emailedCode.Code.ToLower().Equals(tsUser.EmailedCode))
{
await TS.DeleteEmaiedCodes(tsUser.Email);
tsUser.UserID = await TS.GetNewID("AllUsers", "LastUserID", true);
tsUser.CreateDate = DateTime.Now;
b = await TS.AddUser(tsUser);
if (b)
{
await TS.UpdateSettingCounter("AllUsers", "UsersCount", true);
await GlobalFunctions.NotifyAdmin("New user");
return(Ok("OK"));
}
else
{
return(Ok("Error:Can't add new user!"));
}
}
else
{
return(Ok("Error:Emailed code is not correct!"));
}
}
else
{
await TS.AddErrorLog("AllUsers", "EmaiedCode expected but not found", MethodBase.GetCurrentMethod());
return(Ok("Error:Server can't find emailed code to compare!"));
}
}
private Task <ClaimsIdentity> GetIdentity(string Par_Username,
string Par_Password,
string Par_IPAddress,
string Par_MachineID,
WebApiUserTypesEnum ParWebApiUserType,
out string Par_Out_Result,
out string Par_Out_UserRole)
{
Par_Out_Result = string.Empty;
Par_Out_UserRole = string.Empty;
try
{
switch (ParWebApiUserType)
{
case WebApiUserTypesEnum.NotAuthorized:
Par_Out_UserRole = "NotAutorizedUser";
if (Par_Username.Equals(GlobalData.NotAuthorizedUserName) && Par_Password.Equals(GlobalData.NotAuthorizedUserPass))
{
Par_Out_Result = GlobalFunctions.CmdAsymmetricEncrypt("-745" + GlobalFunctions.GetRandomAlphaNumeric(10));
return(Task.FromResult(new ClaimsIdentity(new System.Security.Principal.GenericIdentity(Par_Username, "Token"), new Claim[] { })));
}
else
{
Par_Out_Result = "Invalid NotAutorizedUser UserName or Password";
}
break;
case WebApiUserTypesEnum.Authorized:
Par_Out_UserRole = "AutorizedUser";
TSUserEntity tsUserEntity = TS.FindUser(Par_Username, false, string.Empty).Result;
if (tsUserEntity != null)
{
if (GlobalFunctions.CompareHash(Par_Password, tsUserEntity))
{
Par_Out_Result = GlobalFunctions.CmdAsymmetricEncrypt(tsUserEntity.PartitionKey + GlobalFunctions.GetRandomAlphaNumeric(10));
return(Task.FromResult(new ClaimsIdentity(new System.Security.Principal.GenericIdentity(Par_Username, "Token"), new Claim[] { })));
}
else
{
Par_Out_Result = "Invalid AutorizedUser Password";
}
}
else
{
Par_Out_Result = "Invalid AutorizedUser Name";
}
break;
case WebApiUserTypesEnum.Admin:
Par_Out_UserRole = "Admin";
if (Par_IPAddress.Equals(GlobalData.AdminIPAddress))
{
if (Par_MachineID.Equals(GlobalData.AdminMachineID))
{
if (Par_Username.Equals(GlobalData.AdminUserName) && Par_Password.Equals(GlobalData.AdminUserPass))
{
Par_Out_Result = GlobalFunctions.CmdAsymmetricEncrypt("-1" + GlobalFunctions.GetRandomAlphaNumeric(10));
return(Task.FromResult(new ClaimsIdentity(new System.Security.Principal.GenericIdentity(Par_Username, "Token"), new Claim[] { })));
}
else
{
Par_Out_Result = "Invalid Admin UserName or Password";
}
}
else
{
Par_Out_Result = "Invalid Admin MachineID";
}
}
else
{
Par_Out_Result = "Invalid Admin IPAddress";
}
break;
default:
break;
}
}
catch (Exception ex)
{
bool b = TS.AddErrorLog("AllUsers", ex.Message, MethodBase.GetCurrentMethod()).Result;
}
// Credentials are invalid, or account doesn't exist
return(Task.FromResult <ClaimsIdentity>(null));
}
