public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
else
{
// Gets header parameters
string authenticationString = actionContext.Request.Headers.Authorization.Parameter;
string originalString = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationString));
// Gets username and password
string usrename = SecurityEncryptDecrypt.Decrypt(originalString.Split(':')[0]);
string password = SecurityEncryptDecrypt.Decrypt(originalString.Split(':')[1]);
// Validate username and password
if (!WebAPISecurity.APISecurity.IsValid(usrename, password))
{
// returns unauthorized error
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
}
base.OnAuthorization(actionContext);
}
/// <summary>
/// This is login method and it will connect to DB and check if user is exists or not. If user exists then it will display the user detail
/// </summary>
/// <param name="userLogin"></param>
/// <returns></returns>
public MDTTransactionInfo Login(UserLogin userLogin)
{
MDTTransactionInfo mdt = null;
UserLoginDetails loginDetails = null;
List <SqlParameter> prm = new List <SqlParameter>();
SqlParameter email = new SqlParameter("@email", userLogin.UserName);
prm.Add(email);
SqlParameter pwd = new SqlParameter("@pwd", userLogin.Password);
prm.Add(pwd);
SqlParameter status = new SqlParameter("@Status", 0);
status.Direction = ParameterDirection.Output;
prm.Add(status);
int StatusValue = 0;
DataSet ds = DatabaseSettings.GetDataSet(APIHelper.getLoginDetails, out StatusValue, prm);
DataTable dt;
if (StatusValue == 1)
{
dt = ds.Tables[0];
mdt = new MDTTransactionInfo();
if (dt.Rows.Count > 0)
{
loginDetails = new UserLoginDetails();
loginDetails.USER_ID = Convert.ToInt32(dt.Rows[0]["USER_ID"]);
loginDetails.FIRST_NAME = dt.Rows[0]["FIRST_NAME"].ToString();
loginDetails.LAST_NAME = dt.Rows[0]["LAST_NAME"].ToString();
loginDetails.EMAIL_ADDRESS = dt.Rows[0]["EMAIL_ADDRESS"].ToString();
loginDetails.FORCE_PWD_CHNG = Convert.ToBoolean(dt.Rows[0]["FORCE_PWD_CHNG"]);
loginDetails.PHOTO = dt.Rows[0]["PHOTO"].ToString();
loginDetails.ROLE_NAME = dt.Rows[0]["ROLE_NAME"].ToString();
loginDetails.ROLE_ID = Convert.ToInt32(dt.Rows[0]["ROLE_ID"]);
loginDetails.UserKey = SecurityEncryptDecrypt.Encrypt(dt.Rows[0]["EMAIL_ADDRESS"].ToString());
loginDetails.UserValue = SecurityEncryptDecrypt.Encrypt(dt.Rows[0]["PASSWORD"].ToString());
}
mdt.status = HttpStatusCode.OK;
mdt.transactionObject = loginDetails;
mdt.msgCode = MessageCode.Success;
mdt.message = "Login Successfully";
}
else if (StatusValue == 5 || StatusValue == 6)
{
mdt = DatabaseSettings.GetTransObject(null, StatusValue, "", ds);
//ErrorInfoFromSQL eInfo = null;
//if (dt.Rows.Count > 0)
//{
// eInfo = new ErrorInfoFromSQL();
// eInfo = DatabaseSettings.GetError(dt);
// mdt.status = HttpStatusCode.BadRequest;
// mdt.transactionObject = eInfo;
// mdt.msgCode = (eInfo.Status == 1) ? MessageCode.Success : (eInfo.Status == 6) ? MessageCode.TechnicalError : MessageCode.Failed;
// mdt.message = eInfo.ErrorMessage;
// mdt.LineNumber = eInfo.ErrorLineNo;
// mdt.ProcedureName = eInfo.Procedure;
//}
}
return(mdt);
}
/// <summary>
/// This is login method and it will connect to DB and check if user is exists or not. If user exists then it will display the user detail
/// </summary>
/// <param name="userLogin"></param>
/// <returns></returns>
public MDTTransactionInfo Login(UserLogin userLogin)
{
MDTTransactionInfo mdt = null;
try
{
UserLoginDetails loginDetails = null;
List <SqlParameter> prm = new List <SqlParameter>();
//SqlParameter email = new SqlParameter("@email", userLogin.UserName);
//prm.Add(email);
//SqlParameter pwd = new SqlParameter("@pwd", userLogin.Password);
//prm.Add(pwd);
//SqlParameter status = new SqlParameter("@Status", 0);
//status.Direction = ParameterDirection.Output;
//prm.Add(status);
prm = DatabaseSettings.BindParamers(APIHelper.getLoginDetailsParameters, userLogin.UserName + "~||~" + userLogin.Password);
int StatusValue = 0;
DataSet ds = DatabaseSettings.GetDataSet(APIHelper.getLoginDetails, out StatusValue, prm);
DataTable dt;
if (StatusValue == 1)
{
dt = ds.Tables[0];
mdt = new MDTTransactionInfo();
if (dt.Rows.Count > 0)
{
loginDetails = new UserLoginDetails();
loginDetails.USER_ID = Convert.ToInt32(dt.Rows[0]["USER_ID"]);
loginDetails.FIRST_NAME = dt.Rows[0]["FIRST_NAME"].ToString();
loginDetails.LAST_NAME = dt.Rows[0]["LAST_NAME"].ToString();
loginDetails.EMAIL_ADDRESS = dt.Rows[0]["EMAIL_ADDRESS"].ToString();
loginDetails.FORCE_PWD_CHNG = Convert.ToBoolean(dt.Rows[0]["FORCE_PWD_CHNG"]);
loginDetails.PHOTO = dt.Rows[0]["PHOTO"].ToString();
loginDetails.ROLE_NAME = dt.Rows[0]["ROLE_NAME"].ToString();
loginDetails.ROLE_ID = Convert.ToInt32(dt.Rows[0]["ROLE_ID"]);
loginDetails.UserKey = SecurityEncryptDecrypt.Encrypt(dt.Rows[0]["EMAIL_ADDRESS"].ToString());
loginDetails.UserValue = SecurityEncryptDecrypt.Encrypt(dt.Rows[0]["PASSWORD"].ToString());
mdt.status = HttpStatusCode.OK;
mdt.transactionObject = loginDetails;
mdt.msgCode = MessageCode.Success;
mdt.message = "Login Successfully";
}
else
{
mdt.msgCode = MessageCode.Failed;
mdt.status = HttpStatusCode.NoContent;
mdt.message = "No record found";
}
}
else if (StatusValue == 5 || StatusValue == 6)
{
mdt = DatabaseSettings.GetTransObject(null, StatusValue, "", ds);
}
}
catch (Exception ex)
{
mdt.status = HttpStatusCode.ExpectationFailed;
mdt.msgCode = MessageCode.TechnicalError;
mdt.message = "Technical Error in the system, please contact to administrator";
}
return(mdt);
}
/// <summary>
/// This method will send the email notification to recipient
/// </summary>
/// <param name="sendMailRequest"> Pass SendMailRequest type object to process the request</param>
/// <returns></returns>
public bool SendNotification(SendMailRequest sendMailRequest)
{
MailMessage mailMessage = new MailMessage();
try
{
// Setting To recipient
string[] emailAddress = sendMailRequest.recipient.Split(',');
foreach (var email in emailAddress)
{
mailMessage.To.Add(email);
}
// Separate the cc array , if not null
//if (sendMailRequest.cc != null)
//{
// string[] cc_emailAddress = sendMailRequest.cc.Split(',');
// foreach (var email in cc_emailAddress)
// {
// mailMessage.CC.Add(email);
// }
//}
//// Include the reply to if not null
//if (sendMailRequest.replyto != null)
//{
// mailMessage.ReplyToList.Add(new MailAddress(sendMailRequest.replyto));
//}
// Include the file attachment if the filename is not null
//if (sendMailRequest.filename != null)
//{
// // Declare a temp file path where we can assemble our file
// string tempPath = Properties.Settings.Default["TempFile"].ToString();
// string filePath = Path.Combine(tempPath, sendMailRequest.filename);
// using (System.IO.FileStream reader = System.IO.File.Create(filePath))
// {
// byte[] buffer = Convert.FromBase64String(sendMailRequest.filecontent);
// reader.Write(buffer, 0, buffer.Length);
// reader.Dispose();
// }
//msg.Attachments.Add(new Attachment(filePath));
//}
string sendFromEmail = ConfigurationManager.AppSettings["SendFromEmail"].ToString();
string sendFromName = ConfigurationManager.AppSettings["SendFromName"].ToString();
string sendFromPwd = SecurityEncryptDecrypt.Decrypt(ConfigurationManager.AppSettings["SendFromPwd"].ToString());
mailMessage.From = new MailAddress(sendFromEmail, sendFromName);
mailMessage.Subject = sendMailRequest.subject;
mailMessage.Body = sendMailRequest.body;
mailMessage.IsBodyHtml = true;
SmtpClient client = new SmtpClient(ConfigurationManager.AppSettings["SMTPName"].ToString());
client.Port = 25;
//client.EnableSsl = true;
client.UseDefaultCredentials = false;
System.Net.NetworkCredential nCred = new System.Net.NetworkCredential(sendFromEmail, sendFromPwd);
client.Credentials = nCred;
client.DeliveryMethod = SmtpDeliveryMethod.Network;
client.Send(mailMessage);
//return "Email sent successfully to " + sendMailRequest.recipient.ToString();
return(true);
}
catch (Exception ex)
{
throw new Exception("Password has been reset but unable to send an email due to some technical issue, please contact to administrator");
}
finally
{
mailMessage.Dispose();
}
}
