public override void OnActionExecuting(HttpActionContext actionContext)
{
IDbContext dbContext = (IDbContext)GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IDbContext));
TimeSpan tokenLifespan = new TimeSpan(0, Int32.Parse(ConfigurationManager.AppSettings["tokenLifespan_minutes"]), 0);
if (actionContext.Request.Headers == null ||
!actionContext.Request.Headers.Contains("Authorization-Token") ||
string.IsNullOrEmpty(actionContext.Request.Headers.GetValues("Authorization-Token").FirstOrDefault()))
{
throw new HttpResponseException(actionContext.Request.CreateResponse(HttpStatusCode.BadRequest));
}
string token = actionContext.Request.Headers.GetValues("Authorization-Token").FirstOrDefault();
AuthenticationEntity authentication = dbContext.AuthenticationRepo.GetSingleOrDefault(token);
if (authentication == null || (authentication.LastSeen.Add(tokenLifespan) < DateTime.UtcNow))
{
throw new HttpResponseException(actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized));
}
authentication.LastSeen = DateTime.UtcNow;
dbContext.AuthenticationRepo.Update(authentication);
UserEntity user = dbContext.UsersRepo.GetSingleOrDefault(authentication.UserId);
if (user == null)
{
throw new HttpResponseException(actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized));
}
actionContext.RequestContext.Principal = new SimplePrincipal(user.UserName, user.Id, user.Role);
base.OnActionExecuting(actionContext);
}
public static GovTalkMessageEntity CreateBaseRequest(String serviceName, BaseMessageEntity message)
{
var auth = new AuthenticationEntity
{
Method = "clear",
Value = ConfigurationManager.AppSettings["GovTalkPassword"]
};
var idAuth = new IDAuthenticationEntity
{
SenderID = ConfigurationManager.AppSettings["GovTalkUserName"],
Authentication = auth,
};
var senderDetails = new SenderDetailsEntity
{
EmailAddress = "nomail",
IDAuthentication = idAuth,
};
var messageDetails = new MessageDetailsEntity
{
Class = serviceName,
Function = "submit",
Qualifier = "request",
CorrelationID = "cor",
};
var header = new HeaderEntity
{
SenderDetails = senderDetails,
MessageDetails = messageDetails,
};
var body = new BodyEntity
{
Entity = message,
};
var error = new ErrorEntity
{
EnvelopeVersion = "369.25",
Number = 2695,
RaisedBy = "me",
Text = "Exception",
Type = "TypedError"
};
var govTalkMessage = new GovTalkMessageEntity
{
EnvelopeVersion = 2.0M,
Header = header,
Body = body,
};
return(govTalkMessage);
}
public ResponseEntity login(AuthenticationEntity authenticationEntity)
{
try
{
ResponseEntity responseEntity = new ResponseEntity();
var command = dBContext.Connection.CreateCommand() as SqlCommand;
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "dbo.prcCheckUserLogin";
command.Parameters.Add(new SqlParameter
{
ParameterName = "@UID",
DbType = DbType.String,
Value = authenticationEntity.UserId,
});
command.Parameters.Add(new SqlParameter
{
ParameterName = "@PWD",
DbType = DbType.String,
Value = hashPassword(authenticationEntity.Pwd),
});
List <IDictionary <String, Object> > result = dBContext.GetDatabaseResultSet(command);
if (result != null)
{
var config = new MapperConfiguration(cfg =>
{
cfg.CreateMap <IDictionary <String, Object>, List <DBResultEnity> >();
}).CreateMapper();
List <DBResultEnity> dBResult = config.Map <List <DBResultEnity> >(result);
DBResultEnity dBResultEnity = dBResult.FirstOrDefault();
responseEntity.StatusCode = dBResultEnity.STATUSCODE;
responseEntity.StatusMessage = dBResultEnity.STATUSDESC;
if (dBResultEnity.STATUSCODE == 1)
{
responseEntity.ResponseResult = getJWTPacket(authenticationEntity.UserId);
}
return(responseEntity);
}
else
{
responseEntity.StatusCode = 0;
responseEntity.StatusMessage = "Failed";
return(responseEntity);
}
}
catch (Exception e)
{
throw e;
}
}
public async Task <string> Logout()
{
AuthenticationEntity authentication = await DbContext.AuthenticationRepo.GetSingleOrDefaultAsync(AuthenticationToken);
if (authentication == null)
{
ThrowHttpResponseException(System.Net.HttpStatusCode.Unauthorized, "Wrong authentication token.");
}
await DbContext.AuthenticationRepo.DeleteAsync(AuthenticationToken);
return(string.Format("Successful logout"));
}
public IHttpActionResult PostLogin([FromBody] AuthenticationEntity auth)
{
if (!ModelState.IsValid)
{
Log.Error("Model is in-valid for entry POST api/employee");
throw WebExceptionFactory.GetBadRequestError("Model is in valid check your payload");
}
if (!_employeeService.AuthenticateUser(auth.username, auth.password))
{
Log.Info($"{auth.username} is not authenticated");
throw WebExceptionFactory.GetBadRequestError("Model is in valid check your payload");
}
Log.Info($"{auth.username} has been authenticated");
return(Ok());
}
public IActionResult Register([FromBody] AuthenticationEntity authEntity)
{
if (!ModelState.IsValid)
{
return(new JsonResult(BadRequest(ModelState)));
}
else
{
try
{
Authentication auth = new Authentication();
return(new JsonResult(auth.register(authEntity)));
}
catch (Exception e)
{
return(new JsonResult(StatusCode(500, e.Message)));
}
}
}
