/// <summary> /// Consulta un usuario por nombre de usuario /// </summary> /// <param name="userName">nombre de usuario</param> /// <returns>UserApp</returns> public async Task <UserApp> UserFindByUser(string userName) { try { var user = await _userAppData.UserFindByUser(userName); if (user != null) { user.UserPw = string.Empty; } return(user); } catch (Exception) { throw; } }
/// <summary> /// Verifica si el usuario puede autencarse correctamente con usuario y contraseña /// </summary> /// <param name="login">login de usuario</param> /// <returns>modelo de autenticacion</returns> public async Task <SessionAuthentication> AsyncAutenticateUser(Login login) { try { UserApp userApp; PolicyView policy; string pwDecode = string.Empty; bool isAutenticate = false, valideNumberOfAttemps = false; int stateInactiveUser = 0, stateLockedUser = 0, numberOfAttemps = 0; var autenticate = new SessionAuthentication() { IsAuthenticate = false, TypeAutentication = TypeAutentication.Default }; userApp = await _userAppData.UserFindByUser(login.UserName); if (null == userApp) { autenticate.TypeAutentication = TypeAutentication.NotFound; return(autenticate); } policy = !userApp.PolicyId.HasValue ? await _policyGlobalAppData.PolicyGetGlobal() : await _policyGlobalAppData.PolicyFindById(userApp.PolicyId.Value); pwDecode = login.Password.Base64Decode(); isAutenticate = userApp.UserPw == pwDecode.SHA1(); stateInactiveUser = await _parametersData.ValueFindByKey <int>("StateInactiveUser"); stateLockedUser = await _parametersData.ValueFindByKey <int>("StateLockedUser"); if (0 != stateInactiveUser && userApp.UserStateId == stateInactiveUser) { autenticate.TypeAutentication = TypeAutentication.Inactive; return(autenticate); } if (0 != stateLockedUser && userApp.UserStateId == stateLockedUser) { autenticate.TypeAutentication = TypeAutentication.Locked; return(autenticate); } if (!isAutenticate) { numberOfAttemps = policy.NumberOfAttemps; valideNumberOfAttemps = 0 != numberOfAttemps; userApp.UserNumberOfAttemps++; userApp.UpdateDate = DateTime.Now; if (valideNumberOfAttemps) { if (userApp.UserNumberOfAttemps >= numberOfAttemps) { autenticate.TypeAutentication = TypeAutentication.Locked; userApp.UserStateId = stateLockedUser; } } await _userAppData.UpdateAsync(userApp); autenticate.TypeAutentication = TypeAutentication.NotFound; } else { if (policy.NumberOfDaysExpirePw > 0) { DateTime dateUserLastPasswordChange = userApp.UserLastPasswordChange.AddDays(policy.NumberOfDaysExpirePw.Value); if (dateUserLastPasswordChange.Date >= DateTime.Now.Date) { autenticate.TypeAutentication = TypeAutentication.ChangePw; } } if (autenticate.TypeAutentication == TypeAutentication.Default) { autenticate.TypeAutentication = TypeAutentication.Ok; } userApp.UserNumberOfAttemps = 0; userApp.UserLastDateEntry = DateTime.Now; userApp.PolicyId = !userApp.PolicyId.HasValue ? policy.PolicyId : userApp.PolicyId; var sessionId = Guid.NewGuid(); using (var tran = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled)) { await _userAppData.UpdateAsync(userApp); await _sessionData.InsertKeyAsync <Guid>(new CurrentSession() { Active = true, CreationDate = DateTime.Now, SessionId = sessionId, UserId = userApp.UserId }); tran.Complete(); } autenticate.SessionId = sessionId; autenticate.UserId = userApp.UserId; autenticate.PolicyId = policy.PolicyId; autenticate.IsAuthenticate = true; } return(autenticate); } catch (Exception) { throw; } }