/// <summary> /// Login /// </summary> /// <param name="user"></param> /// <param name="transaction"></param> /// <returns></returns> public async Task<User> Login(User user, TransactionInformation transaction) { try { _accountDataService.CreateSession(); user = _accountDataService.Login(user.UserName, user.Password); if (user != null) { _accountDataService.BeginTransaction(); _accountDataService.UpdateLastLogin(user); await _accountDataService.CommitTransaction(true); transaction.ReturnStatus = true; } else { transaction.ReturnStatus = false; transaction.ReturnMessage.Add("Invalid login or password."); } } catch (Exception ex) { transaction.AddExceptionMessage(ex); } finally { _accountDataService.CloseSession(); } return user; }
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { var request = actionContext.Request; var headers = request.Headers; if (!headers.Contains("X-Requested-With") || headers.GetValues("X-Requested-With").FirstOrDefault() != "XMLHttpRequest") { TransactionInformation transactionInformation = new TransactionInformation(); transactionInformation.ReturnMessage.Add("Access has been denied."); transactionInformation.ReturnStatus = false; actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation); } else { HttpContext ctx = default(HttpContext); ctx = HttpContext.Current; if (ctx.User.Identity.IsAuthenticated == false) { TransactionInformation transactionInformation = new TransactionInformation(); transactionInformation.ReturnMessage.Add("Your session has expired."); transactionInformation.ReturnStatus = false; actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation); } } }
/// <summary> /// Register User /// </summary> /// <param name="user"></param> /// <param name="confirmationPassword"></param> /// <param name="transaction"></param> /// <returns></returns> public async Task<User> RegisterUser(User user, string confirmationPassword, TransactionInformation transaction) { try { user.FirstName = Utilities.UppercaseFirstLetter(user.FirstName.Trim()); user.LastName = Utilities.UppercaseFirstLetter(user.LastName.Trim()); _accountDataService.CreateSession(); _businessRules.ValidateUser(user); _businessRules.ValidatePassword(user.Password, confirmationPassword); if (_businessRules.ValidationStatus == true) { _accountDataService.BeginTransaction(); _accountDataService.RegisterUser(user); await _accountDataService.CommitTransaction(true); transaction.ReturnStatus = true; transaction.ReturnMessage.Add("User registered successfully."); } else { transaction.ReturnStatus = _businessRules.ValidationStatus; transaction.ReturnMessage = _businessRules.ValidationMessage; transaction.ValidationErrors = _businessRules.ValidationErrors; } } catch (Exception ex) { transaction.AddExceptionMessage(ex); } finally { _accountDataService.CloseSession(); } return user; }