public async Task <LoginResponseModel> Put() { LoginResponseModel model = new LoginResponseModel(); try { var username = GetUserNameFromRequest(Request); decimal[] usersAllowedToLogin = new decimal[] { 1, 4, 13, 27 }; var filteredRecords = Db.C_records.Where(r => usersAllowedToLogin.Contains(r.@class)); var record = filteredRecords.FirstOrDefault(r => r.username == username); if (record == null || record.status != 1) { model.ResponseError.Code = 403; model.ResponseError.Message = "User is not permitted to log in through the app."; return(model); } //If the user logs in and they already have an active session, update the session //expiry. Otherwise create a new session. var session = RecordSessionUtilities.ActiveSessionByUserId(Db, record.id); if (session == null) { session = new record_sessions { session_token = GenerateTokenForUser(), C_records = record, session_expiry = DateTime.UtcNow.Add(RecordSessionUtilities.SlidingSessionExpiryInDays), client_platform = String.Join(" ", Request.Headers.UserAgent), initial_logon = DateTime.UtcNow }; Db.record_sessions.Add(session); await Db.SaveChangesAsync(); } else { var newExpiry = session.session_expiry.Add(RecordSessionUtilities.SlidingSessionExpiryInDays); session.session_expiry = newExpiry; await Db.SaveChangesAsync(); } model.SessionToken = session.session_token; model.Profile = GetProfile(record.id); return(model); } catch (Exception e) { model.ResponseError.Code = 500; model.ResponseError.Message = $"Exception {e} was thrown."; return(model); } }
public LoginResponseModel PutV2() { LoginResponseModel model = new LoginResponseModel(); try { var username = GetUserNameFromRequest(Request); var record = Db.C_records.FirstOrDefault(r => r.username == username); if (record == null || record.status != 1 || !UserRights.V2LoginClasses.Contains(record.@class)) { model.SetError(403, "User is not permitted to log in through the app."); return(model); } //If the user logs in and they already have an active session, update the session //expiry. Otherwise create a new session. var session = RecordSessionUtilities.ActiveSessionByUserId(Db, record.id); if (session == null) { session = new record_sessions { session_token = GenerateTokenForUser(), C_records = record, session_expiry = DateTime.UtcNow.Add(RecordSessionUtilities.SlidingSessionExpiryInDays), client_platform = string.Join(" ", Request.Headers.UserAgent), initial_logon = DateTime.UtcNow }; Db.record_sessions.Add(session); Db.SaveChanges(); } else { var newExpiry = session.session_expiry.Add(RecordSessionUtilities.SlidingSessionExpiryInDays); session.session_expiry = newExpiry; Db.SaveChanges(); } model.SessionToken = session.session_token; model.Profile = GetProfile(record.id); } catch (Exception e) { model.SetError(500, $"Exception {e} was thrown."); } return(model); }