public ResultUserAuthenticationDto GetAuthentication(string userName, string password) { userName = Crypto.DecryptStringAes(userName); password = Crypto.DecryptStringAes(password); BasicAuthenticationDto dtoBasicAuthentication = this.GetBasicAuthentication(userName, password, null, null, "not apply"); ResultUserAuthenticationDto dtoResultUserAuthentication = new ResultUserAuthenticationDto(); dtoResultUserAuthentication.AuthenticationCod = dtoBasicAuthentication.AuthenticationCod; dtoResultUserAuthentication.MessageAuthentication = dtoBasicAuthentication.MessageAuthentication; if (dtoResultUserAuthentication.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success)) { dtoResultUserAuthentication.UserApplication = Mapper.Map <UserApplicationDto, ResultUserDto>(dtoBasicAuthentication.User); CompanyApplicationDto dtoApplication = new CompanyApplicationDto(); dtoApplication.IdCompany = dtoBasicAuthentication.User.IdCompany; dtoApplication.ReferenceTableApplication = true; //list aplication dtoResultUserAuthentication.ListApplication = CompanyApplicationRepository.GetCompanyApplication(dtoApplication).Select(data => Mapper.Map <ApplicationDto, ResultApplicationDto>(data.Application)).ToList(); dtoResultUserAuthentication.ListApplication.ForEach(data => { //set ticket by app data.Ticket = GetServiceToken(); }); } return(dtoResultUserAuthentication); }
public AllowResourcesDto GetAllowResources(string userName, string password, long idCompany, long idApplication, string token) { userName = Crypto.DecryptStringAes(userName); password = Crypto.DecryptStringAes(password); BasicAuthenticationDto dtoBasicAuthentication = this.GetBasicAuthentication(userName, password, idCompany, idApplication, token); AllowResourcesDto dtoAllowResources = new AllowResourcesDto(); dtoAllowResources.AuthenticationCod = dtoBasicAuthentication.AuthenticationCod; dtoAllowResources.MessageAuthentication = dtoBasicAuthentication.MessageAuthentication; if (dtoAllowResources.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success)) { dtoAllowResources = this.GetAppResources(userName, password, idApplication); } return(dtoAllowResources); }
public ResultDto AuthenticationChangePassword(ChangePasswordDto dtoChangePassword) { ResultDto dtoresult = new ResultDto(); dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.AccessDenied); dtoresult.Message = "AccessDenied"; try { dtoChangePassword.UserName = Crypto.DecryptStringAes(dtoChangePassword.UserName); dtoChangePassword.Password = Crypto.DecryptStringAes(dtoChangePassword.Password); dtoChangePassword.NewPassword = Crypto.DecryptStringAes(dtoChangePassword.NewPassword); BasicAuthenticationDto dtoBasicAuthentication = GetBasicAuthentication(dtoChangePassword.UserName, dtoChangePassword.Password, dtoChangePassword.IdCompany, dtoChangePassword.IdApplication, dtoChangePassword.Token); if (dtoBasicAuthentication.AuthenticationCod == Convert.ToInt16(AuthenticationCode.Success) && !string.IsNullOrEmpty(dtoChangePassword.NewPassword)) { UserApplicationDto dtoUserApplication = new UserApplicationDto(); dtoUserApplication.UserName = dtoChangePassword.UserName; dtoUserApplication.UserPassword = dtoChangePassword.Password; dtoUserApplication.State = true; dtoUserApplication = UserApplicationRepository.GetUserApplication(dtoUserApplication).First(); dtoUserApplication.UserPassword = dtoChangePassword.NewPassword.ToUpper(); UserApplicationRepository.SaveUserApplication(dtoUserApplication); dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.Success); dtoresult.Message = "Success"; } } catch (Exception) { dtoresult.ResultCod = Convert.ToInt16(AuthenticationCode.AccessDenied); dtoresult.Message = "AccessDenied"; } return(dtoresult); }
private BasicAuthenticationDto GetBasicAuthentication(string userName, string password, long?idCompany, long?idApplication, string token) { bool authenticationError = false; BasicAuthenticationDto dtoResultUserAuthentication = new BasicAuthenticationDto(); dtoResultUserAuthentication.AuthenticationCod = Convert.ToInt16(AuthenticationCode.AccessDenied); dtoResultUserAuthentication.MessageAuthentication = "AccessDenied"; if (token != "not apply") { if (this.GetServiceToken() != token) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied"; } } if (String.IsNullOrEmpty(userName) || String.IsNullOrEmpty(password)) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied"; } if (authenticationError == false) { UserApplicationDto dtoUserApplication = new UserApplicationDto(); dtoUserApplication.UserName = userName; dtoUserApplication.UserPassword = password; dtoUserApplication.IdCompany = idCompany; dtoUserApplication.State = true; dtoUserApplication = UserApplicationRepository.GetUserApplication(dtoUserApplication).FirstOrDefault(); if (dtoUserApplication == null) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied"; } else { dtoUserApplication.UserPassword = null; if (dtoUserApplication.EffectiveDate != null && dtoUserApplication.EffectiveDate >= DateTime.Now) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied - Limit Date"; } else { dtoResultUserAuthentication.User = dtoUserApplication; } if (idCompany != null && authenticationError == false) { if (dtoResultUserAuthentication.User.IdCompany != idCompany) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied"; } } if (idApplication != null && authenticationError == false) { CompanyApplicationDto dtoApplication = new CompanyApplicationDto(); dtoApplication.IdApplication = idApplication; dtoApplication.IdCompany = dtoResultUserAuthentication.User.IdCompany; List <CompanyApplicationDto> listApplicationDto = CompanyApplicationRepository.GetCompanyApplication(dtoApplication); if (listApplicationDto.Count != 1) { authenticationError = true; dtoResultUserAuthentication.MessageAuthentication = "AccessDenied";// - ApplicationNotFound"; } } } } if (authenticationError == false) { dtoResultUserAuthentication.AuthenticationCod = Convert.ToInt16(AuthenticationCode.Success); dtoResultUserAuthentication.MessageAuthentication = "Success"; } return(dtoResultUserAuthentication); }