Exemplo n.º 1
0
        //WORKS
        internal LogonResponseModel AuthenticateUser(LogonUserModel user)
        {
            var responseModel = new LogonResponseModel();

            //1) Go to the db and get the userId
            using (var db = new SAMEntities())
            {
                var authenticatedAccessCard = db.AccessCards.FirstOrDefault(x => x.UserId == user.UserId);
                var authenticatedUser       = db.Users.FirstOrDefault(x => x.Id == authenticatedAccessCard.UserId);

                bool isAuthenticated = false;
                if (authenticatedAccessCard != null)
                {
                    //2) Go and check the challenge inputted == the stored challenge in the db
                    isAuthenticated = string.Equals(authenticatedUser.AuthenticationCode, user.ChallengeResponse);
                    responseModel.IsAuthenticated = isAuthenticated;
                }

                responseModel.SetAuthenticationUrl(isAuthenticated, authenticatedUser);
                responseModel.SetUserId(authenticatedUser);

                if (!isAuthenticated)
                {
                    responseModel.SetErrorMessage("Invalid username or password");
                    eventLogger.LogEvent(authenticatedUser.Id, CrossCuttingConcerns.EventLog.EventType.User_Authentication, CrossCuttingConcerns.EventLog.EventSeverity.Error);
                }
                else
                {
                    eventLogger.LogEvent(authenticatedUser.Id, CrossCuttingConcerns.EventLog.EventType.User_Authentication, CrossCuttingConcerns.EventLog.EventSeverity.Informational);
                }

                return(responseModel);
            }
        }
Exemplo n.º 2
0
        //WORKS
        internal LogonResponseModel AuthoriseAccessCard()
        {
            var responseModel = new LogonResponseModel();

            // Read Student UID from Card
            var cardId = GetCardId();

            using (var db = new SAMEntities())
            {
                var scannedCard = db.AccessCards.FirstOrDefault(x => x.CardId == cardId && x.CardType == (int)AccessCardTypes.Administrator);
                if (scannedCard != null)
                {
                    var authorisedUser = db.Users.FirstOrDefault(u => u.Id == scannedCard.UserId && u.IsAdmin);
                    // Authenticate User
                    if (authorisedUser == null)
                    {
                        responseModel.IsAuthorised = false;
                        responseModel.SetErrorMessage("Invalid combination of card and userId");
                        eventLogger.LogEvent(scannedCard.CardId, CrossCuttingConcerns.EventLog.EventType.User_Authentication, CrossCuttingConcerns.EventLog.EventSeverity.Error);
                    }
                    else
                    {
                        responseModel.IsAuthorised = true;
                        responseModel.SetUserId(authorisedUser);
                    }

                    responseModel.SetAuthorisationUrl(responseModel.IsAuthorised, authorisedUser);
                }
                else
                {
                    throw new UnauthorizedAccessException("SAM does not recognize your card!");
                }
            }

            return(responseModel);
        }
Exemplo n.º 3
0
        //Individual records/Details
        //internal UserModel StudentDetail()
        //{

        //    var modeluser = new UserModel();
        //    using (var db = new SAMEntities())
        //    {
        //        var users = db.Users;

        //        users.(user =>
        //        {

        //            modeluser.Add(new UserModel
        //            {
        //                Username = user.Username.ToString(),
        //                FirstName = user.FirstName,
        //                LastName = user.LastName,
        //                Email = user.Email,
        //                CellPhone = user.CellPhone,
        //            });
        //        });
        //    }
        //    return modeluser;
        //}
        internal LogonResponseModel LogOn(LogonUserModel userModel)
        {
            //Step 1 Generate hash for password
            var responseModel = new LogonResponseModel();
            var hash          = userModel.Password.GenerateHash();

            //Step2 : validate against dbHash
            using (var db = new SAMEntities())
            {
                var usr = db.Users.FirstOrDefault(u => u.Username == userModel.Username && u.PasswordHash == hash);
                responseModel.SetRedirectUrl(usr);
                if (usr == null)
                {
                    responseModel.SetErrorMessage("Invalid username or password");
                }
                else
                {
                    responseModel.IsAuthorised = true;
                    responseModel.SetUsername(usr.Username);
                }

                return(responseModel);
            }
        }