public IActionResult Login(MLTLoginViewModel indexViewModel) { ViewBag.DoctorName = HttpContext.Session.GetString(Globals.currentUserName); if (!ModelState.IsValid) { return(View(indexViewModel)); } string signPrivateKey = null, agreePrivateKey = null; Assets <UserCredAssetData> userAsset = _bigChainDbService.GetUserAssetFromTypeID(AssetType.MLT, indexViewModel.CSMLSID); if (userAsset == null) { ModelState.AddModelError("", "We could not find a matching user"); return(View(indexViewModel)); } var hashedKeys = userAsset.data.Data.PrivateKeys; try { EncryptionService.getPrivateKeyFromIDKeyword(indexViewModel.CSMLSID, indexViewModel.MLTKeyword, hashedKeys, out signPrivateKey, out agreePrivateKey); } catch { ModelState.AddModelError("", "Keyword may be incorrect"); return(View(indexViewModel)); } UserCredMetadata userMetadata = _bigChainDbService.GetMetadataFromAssetPublicKey <UserCredMetadata>(userAsset.id, EncryptionService.getSignPublicKeyStringFromPrivate(signPrivateKey)); var password = indexViewModel.password; if (EncryptionService.verifyPassword(password, userMetadata.hashedPassword)) { HttpContext.Session.SetString(Globals.currentDSPriK, signPrivateKey); HttpContext.Session.SetString(Globals.currentDAPriK, agreePrivateKey); HttpContext.Session.SetString(Globals.currentUserName, $"{userAsset.data.Data.FirstName} {userAsset.data.Data.LastName}"); HttpContext.Session.SetString(Globals.currentUserID, userAsset.data.Data.ID); return(RedirectToAction("PatientLookUp")); } else { ModelState.AddModelError("", "Password or Keyword incorrect."); return(View(indexViewModel)); } }
public JsonResult GrantAccessToUser(EditAccessViewModel editAccessViewModel) { if (editAccessViewModel.UserType == null || editAccessViewModel.UserType == "") { return(Json(new { message = "Please select a user type." })); } // Searches for a patient with the specified PHN AssetType type = editAccessViewModel.UserType == "Doctor" ? AssetType.Doctor : editAccessViewModel.UserType == "Pharmacist" ? AssetType.Pharmacist : AssetType.MLT; Assets <UserCredAssetData> userAsset = _bigChainDbService.GetUserAssetFromTypeID(type, editAccessViewModel.UserID); if (userAsset == null) { return(Json(new { message = ("We could not find a " + editAccessViewModel.UserType + " with ID: " + editAccessViewModel.UserID) })); } string patientSignPublicKey = HttpContext.Session.GetString(Globals.currentPSPubK); string patientSignPrivateKey = HttpContext.Session.GetString(Globals.currentPSPriK); string patientAgreePrivateKey = HttpContext.Session.GetString(Globals.currentPAPriK); string doctorSignPublicKey = userAsset.data.Data.SignPublicKey; string doctorAgreePublicKey = userAsset.data.Data.AgreePublicKey; string userName = userAsset.data.Data.FirstName + " " + userAsset.data.Data.LastName; if (editAccessViewModel.TransID != null && editAccessViewModel.TransID != "") { var result = _bigChainDbService.GetMetaDataAndAssetFromTransactionId <string, object>(editAccessViewModel.TransID); MetaDataSaved <object> metadata = result.metadata; if (!metadata.AccessList.Keys.Contains(doctorSignPublicKey)) { var hashedKey = metadata.AccessList[patientSignPublicKey]; var dataDecryptionKey = EncryptionService.getDecryptedEncryptionKey(hashedKey, patientAgreePrivateKey); var newHash = EncryptionService.getEncryptedEncryptionKey(dataDecryptionKey, patientAgreePrivateKey, doctorAgreePublicKey); metadata.AccessList[doctorSignPublicKey] = newHash; var newTransID = _bigChainDbService.SendTransferTransactionToDataBase(result.id, metadata, patientSignPrivateKey, patientSignPublicKey, result.transID); return(Json(new { message = (userName + " (" + editAccessViewModel.UserID + ") was added to the record."), newtransid = newTransID })); } else { return(Json(new { message = (userName + " (" + editAccessViewModel.UserID + ") is already added to the record.") })); } } // Choose the types of records we want to get List <AssetType> typeList = new List <AssetType>(); if (type == AssetType.Doctor) { typeList.AddRange(new List <AssetType> { AssetType.DoctorNote, AssetType.Prescription, AssetType.TestRequisition }); } else if (type == AssetType.Pharmacist) { typeList.AddRange(new List <AssetType> { AssetType.Prescription }); } else { typeList.AddRange(new List <AssetType> { AssetType.TestRequisition }); } var recordList = _bigChainDbService.GetAllTypeRecordsFromPPublicKey <string> (typeList.ToArray(), patientSignPublicKey); int counter = 0; foreach (var record in recordList) { MetaDataSaved <object> metadata = record.metadata; if (!metadata.AccessList.Keys.Contains(doctorSignPublicKey)) { var hashedKey = metadata.AccessList[patientSignPublicKey]; var dataDecryptionKey = EncryptionService.getDecryptedEncryptionKey(hashedKey, patientAgreePrivateKey); var newHash = EncryptionService.getEncryptedEncryptionKey(dataDecryptionKey, patientAgreePrivateKey, doctorAgreePublicKey); metadata.AccessList[doctorSignPublicKey] = newHash; _bigChainDbService.SendTransferTransactionToDataBase(record.id, metadata, patientSignPrivateKey, patientSignPublicKey, record.transID); counter++; } } return(Json(new { message = (userName + " (" + editAccessViewModel.UserID + ") was added to " + counter.ToString() + " records.") })); }