Exemplo n.º 1
0
        public IHttpActionResult UpdatePreferredRole(PreferredRoleRequest req)
        {
            try
            {
                User   user  = GetLoggedInUser();
                string token = HttpUtilities.GetRequestToken(this.Request);
                if (user == null)
                {
                    return(BadRequest(ErrorCodes.USER_DOES_NOT_EXISTS.ToString()));
                }
                Role role = _context.Roles.FirstOrDefault(i => i.Id == req.RoleId);
                if (role == null)
                {
                    return(BadRequest(ErrorCodes.ROLE_DOES_NOT_EXISTS.ToString()));
                }
                UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == req.RoleId && i.UserId == user.Id);
                if (userRoleMap == null)
                {
                    return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
                }
                else
                {
                    userRoleMap.IsPreferredRole = true;
                    //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
                    //if (existingRoles != null)
                    //{
                    //    existingRoles.IsPreferredRole = false;
                    //}
                    //remove existing preference.
                    _context.SaveChanges();
                    DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request, req.RoleId, token);

                    return(Ok());
                }
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError(ex));
            }
        }
Exemplo n.º 2
0
        public IHttpActionResult Logout()
        {
            try
            {
                string userRole = HttpUtilities.GetUserRoleAccessApi(this.Request);
                string token    = HttpUtilities.GetRequestToken(this.Request);
                var    user     = GetLoggedInUser();

                UserRoleMap userRoleMap = _context.UserRoleMaps.FirstOrDefault(i => i.RoleId == userRole && i.UserId == user.Id);
                if (userRoleMap == null)
                {
                    return(BadRequest(ErrorCodes.USER_ROLE_MAP_DOES_NOT_EXISTS.ToString()));
                }
                else
                {
                    userRoleMap.IsPreferredRole = false;
                    //UserRoleMap existingRoles = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.Id != userRoleMap.Id);
                    //if (existingRoles != null)
                    //{
                    //    existingRoles.IsPreferredRole = false;
                    //}
                    //remove existing preference.
                    _context.SaveChanges();
                    //return Ok();
                }
                UserRoleMap userRoleMapIsAvailable = _context.UserRoleMaps.FirstOrDefault(i => i.UserId == user.Id && i.IsPreferredRole == true);
                if (userRoleMapIsAvailable == null)
                {
                    user.IsLoggedIn = false;
                    //   user.UpdatedAt = DateTimeOffset.UtcNow;
                    _context.SaveChanges();
                }
                DbUtilities.AuditTrialEntry(user, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGOUT, this.Request, userRole, token);
                return(Ok());
            }
            catch (Exception ex)
            {
                LGSELogger.Error(ex);
                return(InternalServerError());
            }
        }
Exemplo n.º 3
0
 public IHttpActionResult Login(LoginRequest request)
 {
     try
     {
         User account = _context.Users.Where(a => a.Email == request.Email).SingleOrDefault();
         ValidationUtilities.ValidateUserForLogin(request, account);
         if (account != null)
         {
             if (account.IsActiveUser == false)
             {
                 return(BadRequest(ErrorCodes.USER_DEACTIVATED_BY_ADMIN.ToString()));
                 //var response = HttpUtilities.FrameHTTPResp(System.Net.HttpStatusCode.BadRequest, ErrorCodes.USER_DEACTIVATED_BY_ADMIN);
                 // throw new HttpResponseException(response);
             }
             if (account.IsActivated == false)
             {
                 return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
             }
             if (!account.IsLocked)
             {
                 byte[] incoming = AuthorizationUtilities.hash(request.Password, account.Salt);
                 if (Utilities.Utilities.slowEquals(incoming, account.Password))
                 {
                     if (account.IsActivated)
                     {
                         //Audit Trial Entry.
                         //DbUtilities.AuditTrialEntry(account, AuditTrialStatus.SUCCESS, AuditTrialOpType.LOGIN, this.Request);
                         //Creating a Token
                         ClaimsIdentity claimsIdentity = new ClaimsIdentity();
                         claimsIdentity.AddClaim(new Claim(Constants.STR_FIRSTNAME, account.FirstName));
                         claimsIdentity.AddClaim(new Claim(Constants.STR_LASTNAME, account.LastName));
                         claimsIdentity.AddClaim(new Claim(ClaimTypes.Email, request.Email));
                         claimsIdentity.AddClaim(new Claim(JwtRegisteredClaimNames.Sub, request.Email));
                         claimsIdentity.AddClaim(new Claim("UserId", account.Id));
                         List <Role> roles = (from userMaps in _context.UserRoleMaps.ToList()
                                              join rol in _context.Roles.ToList() on userMaps.RoleId equals rol.Id
                                              where userMaps.UserId == account.Id && userMaps.Deleted == false
                                              select rol).ToList();
                         if (roles != null && roles.Count > 0)
                         {
                             foreach (var item in roles)
                             {
                                 claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName));
                                 //claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, item.RoleName + "|" + item.Id));
                             }
                         }
                         // Update user details:
                         UpdateUserDetailsInLogin(account);
                         JwtSecurityToken token = AuthorizationUtilities.GetAuthenticationTokenForUser(request.Email, claimsIdentity.Claims.ToArray());
                         return(Ok(new
                         {
                             Token = token.RawData,
                             Username = request.Email,
                             UserId = account.Id
                         }));
                     }
                     else
                     {
                         return(BadRequest(ErrorCodes.USER_NOT_ACVTD.ToString()));
                     }
                 }
                 else
                 {
                     //Audit Trial Entry.
                     DbUtilities.AuditTrialEntry(account, AuditTrialStatus.FAILURE, AuditTrialOpType.LOGIN, this.Request);
                     // return Unauthorized();
                     return(BadRequest(ErrorCodes.PASSWORD_NOTMATCHED.ToString()));
                 }
             }
             else
             {
                 return(BadRequest(ErrorCodes.ACCOUNT_LOCKED.ToString()));
             }
         }
         return(Unauthorized());
     }
     catch (HttpResponseException ex)
     {
         throw ex;
     }
     catch (Exception ex)
     {
         LGSELogger.Error(ex);
         return(InternalServerError(ex));
     }
 }