// PUT: api/Session/5 public HttpResponseMessage PutLogout([FromBody] Session Session) { try { using (CompanyPosDBContext database = new CompanyPosDBContext()) { Session session = database.Sessions.ToList().LastOrDefault(x => x.TokenID.Trim().Equals(Session.TokenID.Trim())); if (session != null) { database.Sessions.Remove(session); //SAVE ACTIVITY database.UserActivities.Add(new UserActivity() { StoreID = session.StoreID , UserID = session.UserID , Activity = "LOGOUT", Date = DateTime.Now } ); database.SaveChanges(); if (!string.IsNullOrEmpty(session.UUID)) { Dispositives disp = database.Dispositives.Where(x => x.PinNumber.Equals((int)session.PinNumber) && x.Active.Equals(true) && x.UUID.Equals(session.UUID)) .FirstOrDefault(); User userEntity = database.Users.Find(session.UserID); removeDispositive(disp.UUID, userEntity.ID); } return(Request.CreateResponse(HttpStatusCode.OK, "Logout Succesfully")); } else { return(Request.CreateResponse(HttpStatusCode.NoContent, "Nothing to Delete")); } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex)); } }
public HttpResponseMessage PostLogin([FromBody] User user) { try { using (CompanyPosDBContext database = new CompanyPosDBContext()) { if (database.Users.ToList().Any(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Active == true)) { if (!string.IsNullOrEmpty(user.UUID) && user.PinNumber != null) { Dispositives dispositive = (from disp in database.Dispositives where disp.UUID.Equals(user.UUID) && disp.PinNumber.Equals((int)user.PinNumber) && disp.Active.Equals(true) select disp ).FirstOrDefault(); if (dispositive != null) { User userEntity = database.Users.Find(dispositive.UserID); if (userEntity.Username.Trim().Equals(user.Username.Trim())) { Session session = saveSession(userEntity); session.PinNumber = dispositive.PinNumber; //SAVE ACTIVITY database.UserActivities.Add(new UserActivity() { StoreID = session.StoreID , UserID = session.UserID , Activity = "LOGIN PINNUMBER" , Date = DateTime.Now } ); database.SaveChanges(); var message = Request.CreateResponse(HttpStatusCode.Created, session); message.Headers.Location = new Uri(Request.RequestUri + "/" + session.ID.ToString()); return(message); } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "Session info invalid")); } } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "Session info invalid")); } } else if (database.Users.ToList().Any(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Password.Trim().Equals(user.Password.Trim()))) { //Get user's data User userEntity = database.Users.ToList().FirstOrDefault(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Password.Trim().Equals(user.Password.Trim())); //SAVE SESSION Session session = saveSession(userEntity); //SAVE DISPOSITIVE if (!string.IsNullOrEmpty(user.UUID)) { int pinNumber = Util.GetPinNumber(user.UUID, userEntity.ID); removeDispositive(user.UUID, userEntity.ID); Dispositives dispositive = new Dispositives { UserID = userEntity.ID, PinNumber = pinNumber, UUID = user.UUID, Active = true }; database.Dispositives.Add(dispositive); database.SaveChanges(); session.PinNumber = dispositive.PinNumber; } //SAVE ACTIVITY database.UserActivities.Add(new UserActivity() { StoreID = session.StoreID , UserID = session.UserID , Activity = "LOGIN" , Date = DateTime.Now } ); database.SaveChanges(); var message = Request.CreateResponse(HttpStatusCode.Created, session); message.Headers.Location = new Uri(Request.RequestUri + "/" + session.ID.ToString()); return(message); } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "User or password invalid")); } } else { var message = Request.CreateResponse(HttpStatusCode.NotFound, "User invalid or Inactive"); return(message); } } } catch (Exception ex) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex)); } }