// POST api/userdata public IHttpActionResult Post(TokenViewModel obj) { ILogger _logger = new Logger(); _logger.Log("Post api/userdata. Object TokenViewModel initial: " + obj.TokenString, "api", 3); obj = Encryptor.EncryptToken(obj); Token token = _tokenRepo.Get(t => t.GuId == obj.GuId && t.Status == 1).FirstOrDefault(); if (token != null) { var profile = AutoMapper.Mapper.Map<ProfileViewModel>(token.Profile); profile = Encryptor.DecryptProfile(profile); var currentTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; profile.Employments = profile.Employments.AsQueryable().Where(x => x.StartDateTimestamp < currentTimestamp && (x.EndDateTimestamp > currentTimestamp || x.EndDateTimestamp == 0)).ToList(); UserInfoViewModel ui = new UserInfoViewModel(); ui.profile = profile; ui.rates = AutoMapper.Mapper.Map <List<RateViewModel>> (_rateRepo.Get().Where(x=> x.isActive).ToList()); _logger.Log("Post api/userdata. Before ok: ", "api", 3); return Ok(ui); } else { _logger.Log("Post api/userdata. Error: Token not found ", "api", 3); return new CustomErrorActionResult(Request, "Token not found", ErrorCodes.InvalidAuthorization, HttpStatusCode.Unauthorized); } }
// POST new token from main server public IHttpActionResult Post(tmpCreateToken obj) { ILogger _logger = new Logger(); _logger.Log("Post TokenController. Object tmpCreateToken initial: " + obj.Token, "api", 3); if (obj.Password == PasswordString) { Core.DomainModel.Profile profile = _profileRepo.Get(x => x.Id == obj.ProfileId).FirstOrDefault(); if (profile != null) { //Create viewmodel and encrypt it TokenViewModel token = new TokenViewModel(); token.Status = 2; token.GuId = obj.GuId; token.TokenString = obj.Token; token = Encryptor.EncryptToken(token); bool anyToken = _tokenRepo.Get(x => x.GuId == token.GuId).Any(); if (!anyToken) { //Map to datamodel, and add profileid Token mToken = AutoMapper.Mapper.Map<Token>(token); mToken.ProfileId = obj.ProfileId; try { _tokenRepo.Insert(mToken); _uow.Save(); _logger.Log("Post TokenController. Before OK: ", "api", 3); return Ok(); } catch (Exception ex) { _logger.Log("Post TokenController. Save error. Exception: " + ex.Message, "api", 3); return new CustomErrorActionResult(Request, "Save Error", ErrorCodes.SaveError,HttpStatusCode.BadRequest); } } else { _logger.Log("Post TokenController. Error: Token already exists ", "api", 3); return new CustomErrorActionResult(Request, "Token allready exists", ErrorCodes.TokenAllreadyExists, HttpStatusCode.BadRequest); } } else { _logger.Log("Post TokenController. Error: User not found", "api", 3); return new CustomErrorActionResult(Request, "User not found", ErrorCodes.UserNotFound, HttpStatusCode.BadRequest); } } else { _logger.Log("Post TokenController. Error: Wrong password. Password: "******"api", 3); return new CustomErrorActionResult(Request, "Wrong Password", ErrorCodes.BadPassword, HttpStatusCode.Unauthorized); } }
//api/appinfo public object Get() { ILogger _logger = new Logger(); _logger.Log("api/appinfo initial", "api", 3); var allText = System.IO.File.ReadAllText( System.Web.Hosting.HostingEnvironment.ApplicationPhysicalPath + "appInfo.json"); var jsonObject = JsonConvert.DeserializeObject(allText); _logger.Log("api/appinfo before", "api", 3); return jsonObject; }
// POST api/auth public IHttpActionResult Post(AuthRequestViewModel obj) { ILogger _logger = new Logger(); try { _logger.Log("Post api/auth. Object AuthRequestViewModel initial: pw" + obj.Password + "user" + obj.UserName, "api", 3); var auth = Encryptor.EncryptAuthRequest(obj); var user = AuthRepo.Get(x => x.UserName == auth.UserName).FirstOrDefault(); if (user == null || user.Password != GetHash(user.Salt, obj.Password) || user.Profile.IsActive == false) { _logger.Log("Post api/auth. Username or password is incorrect: User: "******"api", 3); return new CustomErrorActionResult(Request, "Username or password is incorrect", ErrorCodes.IncorrectUserNameOrPassword, HttpStatusCode.Unauthorized); } var profile = AutoMapper.Mapper.Map<ProfileViewModel>(user.Profile); profile = Encryptor.DecryptProfile(profile); var currentTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; profile.Employments = profile.Employments.AsQueryable().Where(x => x.StartDateTimestamp < currentTimestamp && (x.EndDateTimestamp > currentTimestamp || x.EndDateTimestamp == 0)).ToList(); var authModel = new AuthorizationViewModel { GuId = user.GuId }; profile.Authorization = Encryptor.DecryptAuthorization(authModel); var currentYear = DateTime.Now.Year; var ui = new UserInfoViewModel { profile = profile, rates = AutoMapper.Mapper.Map<List<RateViewModel>>(RateRepo.Get().Where(x => x.Year == currentYear.ToString() && x.isActive).ToList()) }; _logger.Log("Post api/auth. Before Ok. profile: " + ui.profile + " rates: " + ui.rates, "api", 3); return Ok(ui); } catch (Exception e) { _logger.Log("Post api/auth. Exception message: " + e.Message, "api", 3); _logger.Log("Post api/auth. Exception stack trace: " + e.StackTrace, "api", 3); _logger.Log("Post api/auth. InnerException stack trace: " + e.InnerException.Message, "api", 3); _logger.Log("Post api/auth. InnerException stack trace: " + e.InnerException.StackTrace, "api", 3); throw; } }
public IHttpActionResult Post(DriveObject driveObject) { ILogger _logger = new Logger(); _logger.Log("Post /submitDriveController. Object DriveObject token initial: " + driveObject.Token, "api", 3); driveObject.Token = Encryptor.EncryptToken(driveObject.Token); Token token = _tokenRepo.Get(x => x.GuId == driveObject.Token.GuId && x.Status == 1).FirstOrDefault(); if (token != null) { try { //Add drivereport driveObject.DriveReport = Encryptor.EncryptDriveReport(driveObject.DriveReport); var model = AutoMapper.Mapper.Map<DriveReport>(driveObject.DriveReport); _driveReportRepo.Insert(model); _uow.Save(); //Return user info (optional) var profile = AutoMapper.Mapper.Map<ProfileViewModel>(token.Profile); profile = Encryptor.DecryptProfile(profile); UserInfoViewModel ui = new UserInfoViewModel(); ui.profile = profile; ui.rates = AutoMapper.Mapper.Map<List<RateViewModel>>(_rateRepo.Get().Where(x=> x.isActive).ToList()); _logger.Log("Post /submitDriveController. Before OK: ", "api", 3); return Ok(ui); } catch (Exception ex) { _logger.Log("Post /submitDriveController. Exception: Could not save: " + ex.Message, "api", 3); return new CustomErrorActionResult(Request, "Could not save", ErrorCodes.SaveError, HttpStatusCode.BadRequest); } } else { _logger.Log("Post /submitDriveController. Error: Token not found ", "api", 3); return new CustomErrorActionResult(Request, "Token not found", ErrorCodes.InvalidAuthorization, HttpStatusCode.Unauthorized); } }
// POST api/userdata public IHttpActionResult Post(TokenViewModel obj) { ILogger _logger = new Logger(); _logger.Log("Post api/userdata. Object Token initial: " + obj.TokenString, "api", 3); obj = Encryptor.EncryptToken(obj); //Confirm link with token var tokens = _tokenRepo.Get(t => t.TokenString == obj.TokenString); if (tokens.Any()) { //There could be multiple, loop if that is the case foreach (var token in tokens) { if (token.Status == 2) { token.Status = 1; _uow.Save(); //Return user info (optional) var profile = AutoMapper.Mapper.Map<ProfileViewModel>(token.Profile); profile = Encryptor.DecryptProfile(profile); UserInfoViewModel ui = new UserInfoViewModel(); ui.profile = profile; ui.rates = AutoMapper.Mapper.Map<List<RateViewModel>>(_rateRepo.Get().ToList()); _logger.Log("Post api/userdata before OK. Token: " + token, "api", 3); return Ok(ui); } } _logger.Log("Post api/userdata. Error: Token already used ", "api", 3); return new CustomErrorActionResult(Request, "Token allready used", ErrorCodes.TokenAllreadyActivated, HttpStatusCode.BadRequest); } else { _logger.Log("Post api/userdata. Error: Token not found", "api", 3); return new CustomErrorActionResult(Request,"Token not found", ErrorCodes.InvalidAuthorization, HttpStatusCode.Unauthorized); } }
// Post api/userinfo public IHttpActionResult Post(AuthorizationViewModel obj) { ILogger _logger = new Logger(); _logger.Log("Post api/userinfo. Object AuthorizationViewModel GUID initial: " + obj.GuId, "api", 3); var encryptedGuid = Encryptor.EncryptAuthorization(obj).GuId; var auth = AuthRepo.Get(t => t.GuId == encryptedGuid).FirstOrDefault(); if (auth == null) { _logger.Log("Post api/userinfo. Error: Invalid authorization ", "api", 3); return new CustomErrorActionResult(Request, "Invalid authorization", ErrorCodes.InvalidAuthorization, HttpStatusCode.Unauthorized); } var profile = AutoMapper.Mapper.Map<ProfileViewModel>(auth.Profile); profile = Encryptor.DecryptProfile(profile); var currentTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; profile.Employments = profile.Employments.AsQueryable().Where(x => x.StartDateTimestamp < currentTimestamp && (x.EndDateTimestamp > currentTimestamp || x.EndDateTimestamp == 0)).ToList(); var authModel = new AuthorizationViewModel { GuId = auth.GuId }; profile.Authorization = Encryptor.DecryptAuthorization(authModel); var currentYear = DateTime.Now.Year; var ui = new UserInfoViewModel { profile = profile, rates = AutoMapper.Mapper.Map<List<RateViewModel>>(RateRepo.Get().Where(x => x.Year == currentYear.ToString() && x.isActive).ToList()) }; _logger.Log("Post api/userinfo. Before OK: ", "api", 3); return Ok(ui); }
// POST /report public IHttpActionResult Post(DriveObject driveObject) { ILogger _logger = new Logger(); _logger.Log("Post /report. Object DriveObject.AuthorizationGuid initial: " + driveObject.Authorization.GuId, "api", 3); var encryptedGuId = Encryptor.EncryptAuthorization(driveObject.Authorization).GuId; var auth = AuthRepo.Get(t => t.GuId == encryptedGuId).FirstOrDefault(); var DuplicateReportCheck = DriveReportRepo.Get(t => t.Uuid == driveObject.DriveReport.Uuid).Any(); if (auth == null) { _logger.Log("Post /report. Invalid authorization", "api", 3); return new CustomErrorActionResult(Request, "Invalid authorization", ErrorCodes.InvalidAuthorization, HttpStatusCode.Unauthorized); } if(auth.ProfileId != driveObject.DriveReport.ProfileId) { _logger.Log("Post /report. User and drive report user do not match", "api", 3); return new CustomErrorActionResult(Request, "User and drive report user do not match", ErrorCodes.ReportAndUserDoNotMatch, HttpStatusCode.Unauthorized); } if (DuplicateReportCheck) { _logger.Log($"Post /report. Report rejected, duplicate found. Drivereport uuid: {driveObject.DriveReport.Uuid}", "api", 3); return new CustomErrorActionResult(Request, "Report rejected, duplicate found", ErrorCodes.DuplicateReportFound, HttpStatusCode.OK); } try { driveObject.DriveReport = Encryptor.EncryptDriveReport(driveObject.DriveReport); var model = AutoMapper.Mapper.Map<DriveReport>(driveObject.DriveReport); DriveReportRepo.Insert(model); Uow.Save(); _logger.Log("Post /report. Before ok", "api", 3); return Ok(); } catch (Exception ex) { _logger.Log($"Post /report. Exception Could not save drivereport (uuid: {driveObject.DriveReport.Uuid}): " + ex.Message, "api", 3); return new CustomErrorActionResult(Request, "Could not save drivereport", ErrorCodes.SaveError, HttpStatusCode.BadRequest); } }
// Delete token from main server public IHttpActionResult Delete(tmpDeleteToken obj) { ILogger _logger = new Logger(); _logger.Log("Delete TokenController. Object tmpDeleteToken initial: " + obj, "api", 3); if (obj.Password == PasswordString) { TokenViewModel tvm = new TokenViewModel(); tvm.GuId = obj.GuId; tvm = Encryptor.EncryptToken(tvm); Token token = _tokenRepo.Get(x => x.GuId == tvm.GuId && x.Status > 0).FirstOrDefault(); if (token != null) { token.Status = 0; try { _uow.Save(); _logger.Log("Delete TokenController. Before OK: ", "api", 3); return Ok(); } catch (Exception ex) { _logger.Log("Delete TokenController. Save error. Exception: " + ex.Message, "api", 3); return new CustomErrorActionResult(Request, "Save Error", ErrorCodes.SaveError, HttpStatusCode.BadRequest); } } else { _logger.Log("Delete TokenController. Error: Token not found ", "api", 3); return new CustomErrorActionResult(Request, "Token not found", ErrorCodes.InvalidAuthorization, HttpStatusCode.BadRequest); } } else { _logger.Log("Delete TokenController. Error: Wrong password. Password: "******"api", 3); return new CustomErrorActionResult(Request, "Wrong Password", ErrorCodes.BadPassword, HttpStatusCode.Unauthorized); } }