public IHttpActionResult UpdatePreferredRole(PreferredRoleRequest req) { try { User user = GetLoggedInUser(); string token = HttpUtilities.GetRequestToken(this.Request); if (user == null) { return(BadRequest(ErrorCodes.USER_DOES_NOT_EXISTS.ToString())); } Role role = _context.Roles.FirstOrDefault(i => i.Id == req.RoleId); if (role == null) { return(BadRequest(ErrorCodes.ROLE_DOES_NOT_EXISTS.ToString())); } UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == req.RoleId && i.UserId == user.Id); if (userRoleMap == null) { return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString())); } else { userRoleMap.IsPreferredRole = true; //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id); //if (existingRoles != null) //{ // existingRoles.IsPreferredRole = false; //} //remove existing preference. _context.SaveChanges(); DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request, req.RoleId, token); return(Ok()); } } catch (Exception ex) { LGSELogger.Error(ex); return(InternalServerError(ex)); } }
public IHttpActionResult Logout() { try { string userRole = HttpUtilities.GetUserRoleAccessApi(this.Request); string token = HttpUtilities.GetRequestToken(this.Request); var user = GetLoggedInUser(); UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == userRole && i.UserId == user.Id); if (userRoleMap == null) { return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString())); } else { userRoleMap.IsPreferredRole = false; //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id); //if (existingRoles != null) //{ // existingRoles.IsPreferredRole = false; //} //remove existing preference. _context.SaveChanges(); //return Ok(); } UserRoleMap userRoleMapIsAvailable = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.IsPreferredRole == true); if (userRoleMapIsAvailable == null) { user.IsLoggedIn = false; // user.UpdatedAt = DateTimeOffset.UtcNow; _context.SaveChanges(); } DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGOUT, this.Request, userRole, token); return(Ok()); } catch (Exception ex) { LGSELogger.Error(ex); return(InternalServerError()); } }
public IHttpActionResult Login(LoginRequest request) { try { User account = _context.Users.Where(a => a.Email == request.Email).SingleOrDefault(); ValidationUtilities.ValidateUserForLogin(request, account); if (account != null) { if (account.IsActiveUser == false) { return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString())); //var response = HttpUtilities.FrameHTTPResp(System.Net.HttpStatusCode.BadRequest, ErrorCodes.USER_DEACTIVATED_BY_ADMIN); // throw new HttpResponseException(response); } if (account.IsActivated == false) { return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString())); } if (!account.IsLocked) { byte[] incoming = AuthorizationUtilities.hash(request.Password, account.Salt); if (Utilities.Utilities.slowEquals(incoming, account.Password)) { if (account.IsActivated) { //Audit Trial Entry. //DbUtilities.AuditTrialEntry(account, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request); //Creating a Token ClaimsIdentity claimsIdentity = new ClaimsIdentity(); claimsIdentity.AddClaim(new Claim(Constants.STR_FIRSTNAME, account.FirstName)); claimsIdentity.AddClaim(new Claim(Constants.STR_LASTNAME, account.LastName)); claimsIdentity.AddClaim(new Claim(ClaimTypes.Email, request.Email)); claimsIdentity.AddClaim(new Claim(JwtRegisteredClaimNames.Sub, request.Email)); claimsIdentity.AddClaim(new Claim("UserId", account.Id)); List <Role> roles = (from userMaps in _context.UserRoleMaps.ToList() join rol in _context.Roles.ToList() on userMaps.RoleId equals rol.Id where userMaps.UserId == account.Id && userMaps.Deleted == false select rol).ToList(); if (roles != null && roles.Count > 0) { foreach (var item in roles) { claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName)); //claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName + "|" + item.Id)); } } // Update user details: UpdateUserDetailsInLogin(account); JwtSecurityToken token = AuthorizationUtilities.GetAuthenticationTokenForUser(request.Email, claimsIdentity.Claims.ToArray()); return(Ok(new { Token = token.RawData, Username = request.Email, UserId = account.Id })); } else { return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString())); } } else { //Audit Trial Entry. DbUtilities.AuditTrialEntry(account, AuditTrialStatus.FAILURE, AuditTrialOpType.LOGIN, this.Request); // return Unauthorized(); return(BadRequest(ErrorCodes.PASSWORD_NOTMATCHED.ToString())); } } else { return(BadRequest(ErrorCodes.ACCOUNT_LOCKED.ToString())); } } return(Unauthorized()); } catch (HttpResponseException ex) { throw ex; } catch (Exception ex) { LGSELogger.Error(ex); return(InternalServerError(ex)); } }