/// <summary>
/// Protected overriden method for authorizing user
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="actionContext"></param>
/// <returns></returns>
protected override bool OnAuthorizeUser(string username, string password, HttpActionContext actionContext)
{
//var provider = actionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IUserServices)) as IUserServices;
var provider = new UserServices();
if (provider != null)
{
var userId = provider.Authenticate(username, password);
if (userId > 0)
{
var basicAuthenticationIdentity = Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
if (basicAuthenticationIdentity != null)
{
basicAuthenticationIdentity.UserId = userId;
//Below code to store the userInfo
var getUserInformation = new UserMethods().GetUserInformationBasedOnId(userId);
basicAuthenticationIdentity.AddClaims(new List<Claim>
{
new Claim("UserName",getUserInformation.UserName),
new Claim("Email",getUserInformation.Email),
new Claim("UserId",Convert.ToString(getUserInformation.UserId)),
new Claim("RoleId",Convert.ToString(Convert.ToInt32(getUserInformation.Role))),
});
}
return true;
}
}
return false;
}
public bool RemoveUser(int userId)
{
try
{
var loggedUserInfo = new UserInformation().GetCurrentUserInformation();
var userInformation = new UserMethods().GetUserInformationBasedOnId(userId);
if (Convert.ToInt32(userInformation.Role) > Convert.ToInt32(loggedUserInfo.Role))
throw new UnAuthorize();
return new UserMethods().RemoveUser(userId);
}
catch (UnAuthorize ex)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent(string.Format("You are not authorize.")),
ReasonPhrase = "UnAuthorize"
});
}
catch (Exception ex)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.ServiceUnavailable)
{
Content = new StringContent(string.Format("Service is currently unavailable.")),
ReasonPhrase = "Service Unavailable "
});
}
}
public bool ModifyUserInformationAdmin(UserModel userInfo)
{
try
{
var loggedUserInfo = new UserInformation().GetCurrentUserInformation();
var userInformation = new UserMethods().GetUserInformationBasedOnId(userInfo.UserId);
//Checking Role Privilege
if ((new Business.UserMethods().IsEmailExist(userInfo.Email) && userInformation.Email != userInfo.Email))
throw new HttpResponseException(HttpStatusCode.BadRequest);
return new Business.UserMethods().ModifyUserInformationAdmin(userInfo);
}
catch (HttpResponseException ex)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent(string.Format("Email ID already exist")),
ReasonPhrase = "Bad Request"
});
}
catch (Exception ex)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.ServiceUnavailable)
{
Content = new StringContent(string.Format("Service is currently unavailable.")),
ReasonPhrase = "Service Unavailable "
});
}
}
