public void CloseSession(SessionInfo sessionParams) { string spName = "[SP_Close_Session]"; SqlConnection conn = OpenConnection("ConnectionStringAccounts"); GetUserAccountInfoResult result = new GetUserAccountInfoResult(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = schema + "." + spName; cmd.CommandType = System.Data.CommandType.StoredProcedure; cmd.Connection = conn; // Session id SqlParameter paramSessionId = new SqlParameter("@SessionToken", SqlDbType.NVarChar, 255, ParameterDirection.Input, false, 0, 0, "", DataRowVersion.Current, sessionParams.SessionId); // Session id SqlParameter paramSessionStart = new SqlParameter("@SessionEnd", SqlDbType.DateTime, 0, ParameterDirection.Input, false, 0, 0, "", DataRowVersion.Current, sessionParams.SessionEnd); cmd.Parameters.Add(paramSessionId); cmd.Parameters.Add(paramSessionStart); cmd.ExecuteNonQuery(); conn.Close(); }
public ResponseBase Any(InitSession request) { _logger.Log(EErrorType.Info, " ****** Call start: InitSession"); InitSessionResponse response = new InitSessionResponse(); try { // checking account key validity GetUserAccountInfoParams accParams = new GetUserAccountInfoParams(); accParams.AccountKey = request.AccountKey; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accParams); if (accResult != null) { string sessionId = Guid.NewGuid().ToString(); Interfaces.DAL.SessionInfo sinfo = new Interfaces.DAL.SessionInfo(); sinfo.AccountKey = request.AccountKey; sinfo.SessionStart = DateTime.UtcNow; sinfo.SessionExpires = DateTime.UtcNow + TimeSpan.FromMinutes(ConfigurationManager.AppSettings["SessionExpiresMins"] != null ? Int32.Parse(ConfigurationManager.AppSettings["SessionExpiresMins"]) : 60); sinfo.SessionId = sessionId; // if current session exists - we are just using current session token Interfaces.DAL.SessionInfo existSession = _dal.GetSessionInfo(sinfo, true); if (existSession == null) { _dal.InitSession(sinfo); response.SessionToken = sessionId; } response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "Invalid account key provided" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } _logger.Log(EErrorType.Info, " ****** Call end: InitSession"); return(response); }
public ResponseBase Any(CreateAccount request) { _logger.Log(EErrorType.Info, " ****** Call start: CreateAccount"); CreateAccountResponse response = new CreateAccountResponse(); try { GetUserAccountInfoParams accParams = new GetUserAccountInfoParams(); accParams.Email = request.Email; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accParams); if (accResult == null) { // creating account CreateUpdateUserAccountParams createParams = new CreateUpdateUserAccountParams(); createParams.Name = request.Name; createParams.Email = request.Email; createParams.AccountKey = EncodeUtils.CreateAccountKey(); createParams.PwdHash = EncodeUtils.GetPasswordHash(request.Pwd); createParams.ActivationCode = EncodeUtils.CreateActivationCode(); createParams.State = "Pending"; // TODO; change to consts _dal.CreateUserAccount(createParams); SendMailResponse mailerResponse = SendAccountConfirmEmail(createParams.Email, createParams.AccountKey, createParams.Name); response.Payload.AccountKey = createParams.AccountKey; response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountExists, Type = EErrorType.Error, Message = "User with specified data already exists" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } _logger.Log(EErrorType.Info, " ****** Call end: CreateAccount"); return(response); }
public GetUserAccountInfoResult GetUserAccountInfo(GetUserAccountInfoParams accParams) { string spName = "[SP_Get_User_Account_Info]"; SqlConnection conn = OpenConnection("ConnectionStringAccounts"); GetUserAccountInfoResult result = new GetUserAccountInfoResult(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = schema + "." + spName; cmd.CommandType = System.Data.CommandType.StoredProcedure; cmd.Connection = conn; // User email SqlParameter paramEmail = new SqlParameter("@Email", SqlDbType.NVarChar, 255, ParameterDirection.Input, false, 0, 0, "", DataRowVersion.Current, accParams.Email != null ? (object)accParams.Email : DBNull.Value); // User pwd hash SqlParameter paramAccountKey = new SqlParameter("@AccountKey", SqlDbType.NVarChar, 255, ParameterDirection.Input, false, 0, 0, "", DataRowVersion.Current, accParams.AccountKey != null ? (object)accParams.AccountKey : DBNull.Value); cmd.Parameters.Add(paramEmail); cmd.Parameters.Add(paramAccountKey); DataSet ds = new DataSet(); SqlDataAdapter da = new SqlDataAdapter(); da.SelectCommand = cmd; da.Fill(ds); if (ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0) { result.UserId = (Int64)ds.Tables[0].Rows[0]["User_Id"]; result.AccountKey = (string)ds.Tables[0].Rows[0]["Account_Key_Value"]; result.Name = (string)ds.Tables[0].Rows[0]["User_Name"]; result.Email = (string)ds.Tables[0].Rows[0]["Email"]; result.PwdHash = (string)ds.Tables[0].Rows[0]["Password_Hash"]; result.DateCreated = (DateTime)ds.Tables[0].Rows[0]["User_Creation_Dttm"]; result.DateExpires = (DateTime)ds.Tables[0].Rows[0]["Account_Key_Expiration_Dttm"]; } else { result = null; } conn.Close(); return(result); }
public ResponseBase Any(ResetPassword request) { _logger.Log(EErrorType.Info, " ****** Call start: ChangePassword"); UpdateAccountResponse response = new UpdateAccountResponse(); try { // getting account details GetUserAccountInfoParams accInfoParams = new GetUserAccountInfoParams(); accInfoParams.Email = request.Email; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accInfoParams); if (accResult != null && accResult.Success) { string newPassword = EncodeUtils.GenerateRandomPassword(); // getting account details CreateUpdateUserAccountParams updateParams = new CreateUpdateUserAccountParams(); updateParams.AccountKey = accResult.AccountKey; updateParams.Email = request.Email; updateParams.PwdHash = EncodeUtils.GetPasswordHash(newPassword); _dal.UpdateUserAccount(updateParams); SendMailResponse mailerResponse = SendPasswordResetNotificationEmail(updateParams.Email, accResult.Name, newPassword); if (!mailerResponse.Success) { response.Errors.Add(new Error() { Code = EErrorCodes.MailSendFailed, Message = "Mail services returned errors. Check other errors", Type = EErrorType.Warning }); response.Errors.AddRange(mailerResponse.Errors); } response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "No account found for the given email" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } _logger.Log(EErrorType.Info, " ****** Call end: ChangePassword"); return(response); }
public ResponseBase Any(ChangePassword request) { _logger.Log(EErrorType.Info, " ****** Call start: ChangePassword"); UpdateAccountResponse response = new UpdateAccountResponse(); try { SessionInfo sessionParams = new SessionInfo(); sessionParams.SessionId = request.SessionToken; SessionInfo sessionInfo = _dal.GetSessionInfo(sessionParams, true); if (sessionInfo != null) { // updating account details CreateUpdateUserAccountParams updateParams = new CreateUpdateUserAccountParams(); updateParams.AccountKey = sessionInfo.AccountKey; updateParams.Email = request.Email; updateParams.PwdHash = EncodeUtils.GetPasswordHash(request.Pwd); _dal.UpdateUserAccount(updateParams); // getting account details GetUserAccountInfoParams accInfoParams = new GetUserAccountInfoParams(); accInfoParams.AccountKey = sessionInfo.AccountKey; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accInfoParams); if (accResult != null) { SendMailResponse mailerResponse = SendPasswordChangedNotificationEmail(updateParams.Email, accResult.Name); if (!mailerResponse.Success) { response.Errors.Add(new Error() { Code = EErrorCodes.MailSendFailed, Message = "Mail services returned errors. Check other errors", Type = EErrorType.Warning }); response.Errors.AddRange(mailerResponse.Errors); } } response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.InvalidSession, Type = EErrorType.Error, Message = "Invalid session" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } _logger.Log(EErrorType.Info, " ****** Call end: ChangePassword"); return(response); }
public ResponseBase Any(ActivateAccount request) { _logger.Log(EErrorType.Info, " ****** Call start: ActivateAccount"); ActivateAccountResponse response = new ActivateAccountResponse(); try { GetUserAccountInfoParams accParams = new GetUserAccountInfoParams(); accParams.Email = request.Email; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accParams); if (accResult != null) { if (accResult.ActivationCode == request.ActivationCode) { CreateUpdateUserAccountParams updateParams = new CreateUpdateUserAccountParams(); updateParams.AccountKey = accResult.AccountKey; updateParams.State = "active"; // TODO: need to change to consts _dal.UpdateUserAccount(updateParams); response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotValidated, Type = EErrorType.Error, Message = "Invalid activation code provided - account was not activated" } ); } } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "User account was not found." } ); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } _logger.Log(EErrorType.Info, " ****** Call end: ActivateAccount"); return(response); }
public ResponseBase Any(GetAccountInfo request) { GetAccountInfoResponse response = new GetAccountInfoResponse(); try { SessionInfo sessionParams = new SessionInfo(); sessionParams.SessionId = request.SessionToken; SessionInfo sessionInfo = _dal.GetSessionInfo(sessionParams, true); if (sessionInfo != null) { // getting account details GetUserAccountInfoParams accInfoParams = new GetUserAccountInfoParams(); accInfoParams.AccountKey = sessionInfo.AccountKey; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accInfoParams); if (accResult != null) { response.Payload.AccountKey = accInfoParams.AccountKey; response.Payload.Email = accResult.Email; response.Payload.Name = accResult.Name; response.Payload.DateExpires = accResult.DateExpires; response.Payload.DateCreated = accResult.DateCreated; response.Payload.DateExpiresStr = accResult.DateExpires.ToString(); response.Payload.DateCreatedStr = accResult.DateCreated.ToString(); response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "No user account found for the given session" }); } } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.InvalidSession, Type = EErrorType.Error, Message = "Invalid session" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } return(response); }
public ResponseBase Any(Login request) { LoginResponse response = new LoginResponse(); _logger.Log(EErrorType.Info, " ****** Call start: Login"); try { GetUserAccountInfoParams accParams = new GetUserAccountInfoParams(); accParams.AccountKey = null; accParams.Email = request.Email; GetUserAccountInfoResult accResult = _dal.GetUserAccountInfo(accParams); if (accResult != null) { string pwdHash = EncodeUtils.GetPasswordHash(request.Pwd); if (accResult.PwdHash == pwdHash) { string sessionId = Guid.NewGuid().ToString(); Interfaces.DAL.SessionInfo sinfo = new Interfaces.DAL.SessionInfo(); sinfo.AccountKey = accResult.AccountKey; sinfo.SessionStart = DateTime.UtcNow; sinfo.SessionExpires = DateTime.UtcNow + TimeSpan.FromMinutes(ConfigurationManager.AppSettings["SessionExpiresMins"] != null ? Int32.Parse(ConfigurationManager.AppSettings["SessionExpiresMins"]) : 60); sinfo.SessionId = sessionId; _dal.InitSession(sinfo); response.SessionToken = sessionId; response.Success = true; } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "Email / password combination not found" }); } } else { response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.UserAccountNotFound, Type = EErrorType.Error, Message = "Account not found" }); } } catch (Exception ex) { _logger.Log(ex); response.Success = false; response.Errors.Add(new Error() { Code = EErrorCodes.GeneralError, Type = EErrorType.Error, Message = string.Format("Unexpected error: {0}", ex.Message) }); } return(response); }