/// <summary> /// Save Customer Token Info in cache with session Id /// </summary> /// <param name="customerTokenInfo"> Customer Token Operation Information</param> public void SetCustomerTokenInfo(CustomerTokenInfo customerTokenInfo) { _cache.Set(customerTokenInfo.SessionId + "_token_info", customerTokenInfo, 15); }
public IActionResult VerifyUserAndSendOtpSms([FromBody] VerifyUserAndSendOtpSmsRequest request) { if (ModelState.IsValid) { SingleResponse <string> response = new SingleResponse <string>() { ResultCode = ResultCodes.normal }; XBSecurity.LoginInfo loginInfo = new XBSecurity.LoginInfo(); byte language = 1; SourceType sourceType = SourceType.MobileBanking; //Լեզու if (!string.IsNullOrEmpty(Request.Headers["language"])) { byte.TryParse(Request.Headers["language"], out language); } //Տվյալների մուտքագրման աղբյուր if (!string.IsNullOrEmpty(Request.Headers["SourceType"])) { Enum.TryParse(Request.Headers["SourceType"], out sourceType); } //Օգտագործող if (!string.IsNullOrEmpty(request.UserName)) { loginInfo.UserName = request.UserName; } else { response.ResultCode = ResultCodes.validationError; response.Description = (Languages)language == Languages.hy ? "Մուտքագրեք ձեր օգտվողի անունը։" : "Please enter your username."; } //Գաղտնաբառ if (!string.IsNullOrEmpty(request.Password)) { loginInfo.Password = utils.GetSHA1Hash(request.Password); } else { response.ResultCode = ResultCodes.validationError; response.Description = (Languages)language == Languages.hy ? "Մուտքագրեք ձեր գաղտնաբառը։" : "Please enter your password."; } if (response.ResultCode == ResultCodes.normal) { loginInfo.IpAddress = Request.HttpContext.Connection.RemoteIpAddress.ToString(); var AuthResponce = _xbSecurity.AuthorizeUserByUserPassword(loginInfo, language); if (AuthResponce.AuthorizationResult.IsAuthorized) { HBUser hBUser = new HBUser(); _xBService.Use(client => { hBUser = client.GetHBUserByUserNameAsync(request.UserName).Result; }); // Get Customer Reg Phone string regPhone = GetCustomerRegPhone(hBUser.CustomerNumber); // Generate and Send Otp with sms string otp = SendVerificationCode(regPhone, hBUser.ID, 5, CustomerRegistrationVerificationSMSTypes.NumbersAndLetters); string guid = Guid.NewGuid().ToString(); CustomerTokenInfo customerTokenInfo = new CustomerTokenInfo() { CustomerNumber = hBUser.CustomerNumber, SessionId = guid, Otp = otp, PhoneNumber = regPhone, Email = hBUser?.Email?.email?.emailAddress, UserId = hBUser.ID, UserName = hBUser.UserName, SourceType = sourceType, Language = language, Checked = false }; // Save Customer Token Info in cache with guid _cacheHelper.SetCustomerTokenInfo(customerTokenInfo); response.Result = guid; } else { response.ResultCode = ResultCodes.notAuthorized; response.Description = $"{(!string.IsNullOrEmpty(AuthResponce.AuthorizationResult.DescriptionAM) ? AuthResponce.AuthorizationResult.DescriptionAM + " " : "")}{AuthResponce.AuthorizationResult.Description}"; } } return(ResponseExtensions.ToHttpResponse(response)); } else { return(ValidationError.GetValidationErrorResponse(ModelState)); } }
public override void OnActionExecuting(ActionExecutingContext context) { var request = context.ActionArguments["request"] as dynamic; Response response = new Response { ResultCode = ResultCodes.validationError, Description = _localizer["Մուտքագրված տվյալները սխալ են կամ ոչ լիարժեք։"] }; CustomerTokenInfo customerTokenInfo = _cacheHelper.GetCustomerTokenInfo(); if (!string.IsNullOrEmpty(context.HttpContext.Request.Headers["SessionId"]) && customerTokenInfo != null) { string sessionId = context.HttpContext.Request.Headers["SessionId"]; AuthorizedCustomer authorizedCustomer = new AuthorizedCustomer() { CustomerNumber = customerTokenInfo.CustomerNumber, UserId = customerTokenInfo.UserId, SessionID = sessionId, UserName = customerTokenInfo.UserName, }; if (customerTokenInfo.Checked == true && ((string)context.RouteData.Values["action"] == "SaveAndApproveTokenReplacementOrder" || (string)context.RouteData.Values["action"] == "SaveAndApproveTokenDeactivationOrder")) { _cache.Set(sessionId + "_authorizedCustomer", authorizedCustomer); _cache.Set(sessionId + "_Language", customerTokenInfo.Language); _cache.Set(sessionId + "_SourceType", customerTokenInfo.SourceType); _cache.Set(sessionId + "_ClientIp", context.HttpContext.Connection.RemoteIpAddress.ToString()); } else { if (!string.IsNullOrEmpty(request.Otp)) { string otp = request.Otp; if (!string.IsNullOrEmpty(sessionId) && !string.IsNullOrEmpty(otp)) { if (customerTokenInfo == null || (customerTokenInfo != null && otp != customerTokenInfo?.Otp)) { context.Result = ResponseExtensions.ToHttpResponse(response); } else { customerTokenInfo.Checked = true; _cache.Set(sessionId + "_authorizedCustomer", authorizedCustomer); _cache.Set(sessionId + "_Language", customerTokenInfo.Language); _cache.Set(sessionId + "_SourceType", customerTokenInfo.SourceType); _cache.Set(sessionId + "_ClientIp", context.HttpContext.Connection.RemoteIpAddress.ToString()); } } else { context.Result = ResponseExtensions.ToHttpResponse(response); } } else { context.Result = ResponseExtensions.ToHttpResponse(response); } } } else { context.Result = ResponseExtensions.ToHttpResponse(response); } }