Esempio n. 1
0
        public HttpResponseMessage Ingreso(List <clsModelLogin> pdatos)
        {
            HttpResponseMessage respuesta = new HttpResponseMessage();

            try
            {
                // ===============================================================================
                //                      Para leer el TokenKey
                // ===============================================================================
                // https://www.guidgenerator.com/online-guid-generator.aspx

                clsTokenKey TokenKeyUtil = new clsTokenKey();
                var         headers      = Request.Headers;

                string TokenKey = "";
                if (headers.Contains("TokenKey"))
                {
                    TokenKey = headers.GetValues("TokenKey").First();
                }
                if (TokenKey.Length == 0)
                {
                    return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Token Key Missing"));
                }

                if (!TokenKeyUtil.fnGetTokenKeyValido(TokenKey))
                {
                    return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Token Key Invalid or Inactive"));
                }
                // ===============================================================================

                string Usuario  = pdatos[0].Usuario;
                string ClaveEnc = pdatos[0].EncPass;
                string Clave    = "";

                List <clsModelLogin> lResult = fnGetUsuarioParaValidar(Usuario);

                //Con los datos de usuario se valida clave
                //using System.Configuration;
                string EncKeyBase = "";
                EncKeyBase = ConfigurationManager.AppSettings["enc_key_base"].ToString();
                clsEncryption enc = new clsEncryption(EncKeyBase);
                Clave = enc.fnGetDecrypt(ClaveEnc);

                if (ClaveEnc == "")
                {
                    respuesta = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Clave en blanco no ingresada");
                }
                else
                {
                    if (Clave == "")
                    {
                        respuesta = Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Clave con encripcion incorrecta");
                    }
                    else
                    {
                        if (lResult.Count == 0)
                        {
                            //usuario no existe
                            respuesta = Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuario No Existe");
                        }
                        else
                        {
                            // Se valida que la clave sea la correcta
                            if (Clave == lResult[0].EncPass)
                            {
                                if (lResult[0].Estado == "AC")
                                {
                                    //en esta variabe se recibe el password desde la base de datos sin encripcion
                                    //se devuelve al cliente encriptada
                                    lResult[0].EncPass = enc.fnGetEncrypt(lResult[0].EncPass);
                                    //calcula token por usuario
                                    lResult[0].Token = enc.fnGetTokenByUser(lResult[0].Usuario);
                                    respuesta        = Request.CreateResponse(HttpStatusCode.OK, lResult);
                                }
                                else
                                {
                                    respuesta = Request.CreateResponse(HttpStatusCode.Unauthorized, "Usuario Bloqueado");
                                }
                            }
                            else
                            {
                                respuesta = Request.CreateResponse(HttpStatusCode.Unauthorized, "Clave incorrecta");
                            }
                        }
                    }
                }
            }

            catch (Exception ex)
            {
                respuesta = Request.CreateErrorResponse(HttpStatusCode.Conflict, ex.Message.ToString() + ' ' + ex.InnerException.Message.ToString());
            }

            return(respuesta);
        }