/// <summary>
/// Save Customer Token Info in cache with session Id
/// </summary>
/// <param name="customerTokenInfo"> Customer Token Operation Information</param>
public void SetCustomerTokenInfo(CustomerTokenInfo customerTokenInfo)
{
_cache.Set(customerTokenInfo.SessionId + "_token_info", customerTokenInfo, 15);
}
public IActionResult VerifyUserAndSendOtpSms([FromBody] VerifyUserAndSendOtpSmsRequest request)
{
if (ModelState.IsValid)
{
SingleResponse <string> response = new SingleResponse <string>()
{
ResultCode = ResultCodes.normal
};
XBSecurity.LoginInfo loginInfo = new XBSecurity.LoginInfo();
byte language = 1;
SourceType sourceType = SourceType.MobileBanking;
//Լեզու
if (!string.IsNullOrEmpty(Request.Headers["language"]))
{
byte.TryParse(Request.Headers["language"], out language);
}
//Տվյալների մուտքագրման աղբյուր
if (!string.IsNullOrEmpty(Request.Headers["SourceType"]))
{
Enum.TryParse(Request.Headers["SourceType"], out sourceType);
}
//Օգտագործող
if (!string.IsNullOrEmpty(request.UserName))
{
loginInfo.UserName = request.UserName;
}
else
{
response.ResultCode = ResultCodes.validationError;
response.Description = (Languages)language == Languages.hy ? "Մուտքագրեք ձեր օգտվողի անունը։" : "Please enter your username.";
}
//Գաղտնաբառ
if (!string.IsNullOrEmpty(request.Password))
{
loginInfo.Password = utils.GetSHA1Hash(request.Password);
}
else
{
response.ResultCode = ResultCodes.validationError;
response.Description = (Languages)language == Languages.hy ? "Մուտքագրեք ձեր գաղտնաբառը։" : "Please enter your password.";
}
if (response.ResultCode == ResultCodes.normal)
{
loginInfo.IpAddress = Request.HttpContext.Connection.RemoteIpAddress.ToString();
var AuthResponce = _xbSecurity.AuthorizeUserByUserPassword(loginInfo, language);
if (AuthResponce.AuthorizationResult.IsAuthorized)
{
HBUser hBUser = new HBUser();
_xBService.Use(client =>
{
hBUser = client.GetHBUserByUserNameAsync(request.UserName).Result;
});
// Get Customer Reg Phone
string regPhone = GetCustomerRegPhone(hBUser.CustomerNumber);
// Generate and Send Otp with sms
string otp = SendVerificationCode(regPhone, hBUser.ID, 5, CustomerRegistrationVerificationSMSTypes.NumbersAndLetters);
string guid = Guid.NewGuid().ToString();
CustomerTokenInfo customerTokenInfo = new CustomerTokenInfo()
{
CustomerNumber = hBUser.CustomerNumber,
SessionId = guid,
Otp = otp,
PhoneNumber = regPhone,
Email = hBUser?.Email?.email?.emailAddress,
UserId = hBUser.ID,
UserName = hBUser.UserName,
SourceType = sourceType,
Language = language,
Checked = false
};
// Save Customer Token Info in cache with guid
_cacheHelper.SetCustomerTokenInfo(customerTokenInfo);
response.Result = guid;
}
else
{
response.ResultCode = ResultCodes.notAuthorized;
response.Description = $"{(!string.IsNullOrEmpty(AuthResponce.AuthorizationResult.DescriptionAM) ? AuthResponce.AuthorizationResult.DescriptionAM + " " : "")}{AuthResponce.AuthorizationResult.Description}";
}
}
return(ResponseExtensions.ToHttpResponse(response));
}
else
{
return(ValidationError.GetValidationErrorResponse(ModelState));
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
var request = context.ActionArguments["request"] as dynamic;
Response response = new Response
{
ResultCode = ResultCodes.validationError,
Description = _localizer["Մուտքագրված տվյալները սխալ են կամ ոչ լիարժեք։"]
};
CustomerTokenInfo customerTokenInfo = _cacheHelper.GetCustomerTokenInfo();
if (!string.IsNullOrEmpty(context.HttpContext.Request.Headers["SessionId"]) && customerTokenInfo != null)
{
string sessionId = context.HttpContext.Request.Headers["SessionId"];
AuthorizedCustomer authorizedCustomer = new AuthorizedCustomer()
{
CustomerNumber = customerTokenInfo.CustomerNumber,
UserId = customerTokenInfo.UserId,
SessionID = sessionId,
UserName = customerTokenInfo.UserName,
};
if (customerTokenInfo.Checked == true && ((string)context.RouteData.Values["action"] == "SaveAndApproveTokenReplacementOrder" || (string)context.RouteData.Values["action"] == "SaveAndApproveTokenDeactivationOrder"))
{
_cache.Set(sessionId + "_authorizedCustomer", authorizedCustomer);
_cache.Set(sessionId + "_Language", customerTokenInfo.Language);
_cache.Set(sessionId + "_SourceType", customerTokenInfo.SourceType);
_cache.Set(sessionId + "_ClientIp", context.HttpContext.Connection.RemoteIpAddress.ToString());
}
else
{
if (!string.IsNullOrEmpty(request.Otp))
{
string otp = request.Otp;
if (!string.IsNullOrEmpty(sessionId) && !string.IsNullOrEmpty(otp))
{
if (customerTokenInfo == null || (customerTokenInfo != null && otp != customerTokenInfo?.Otp))
{
context.Result = ResponseExtensions.ToHttpResponse(response);
}
else
{
customerTokenInfo.Checked = true;
_cache.Set(sessionId + "_authorizedCustomer", authorizedCustomer);
_cache.Set(sessionId + "_Language", customerTokenInfo.Language);
_cache.Set(sessionId + "_SourceType", customerTokenInfo.SourceType);
_cache.Set(sessionId + "_ClientIp", context.HttpContext.Connection.RemoteIpAddress.ToString());
}
}
else
{
context.Result = ResponseExtensions.ToHttpResponse(response);
}
}
else
{
context.Result = ResponseExtensions.ToHttpResponse(response);
}
}
}
else
{
context.Result = ResponseExtensions.ToHttpResponse(response);
}
}
