// PUT: api/Session/5
public HttpResponseMessage PutLogout([FromBody] Session Session)
{
try
{
using (CompanyPosDBContext database = new CompanyPosDBContext())
{
Session session = database.Sessions.ToList().LastOrDefault(x => x.TokenID.Trim().Equals(Session.TokenID.Trim()));
if (session != null)
{
database.Sessions.Remove(session);
//SAVE ACTIVITY
database.UserActivities.Add(new UserActivity()
{
StoreID = session.StoreID
,
UserID = session.UserID
,
Activity = "LOGOUT",
Date = DateTime.Now
}
);
database.SaveChanges();
if (!string.IsNullOrEmpty(session.UUID))
{
Dispositives disp = database.Dispositives.Where(x => x.PinNumber.Equals((int)session.PinNumber) &&
x.Active.Equals(true) &&
x.UUID.Equals(session.UUID))
.FirstOrDefault();
User userEntity = database.Users.Find(session.UserID);
removeDispositive(disp.UUID, userEntity.ID);
}
return(Request.CreateResponse(HttpStatusCode.OK, "Logout Succesfully"));
}
else
{
return(Request.CreateResponse(HttpStatusCode.NoContent, "Nothing to Delete"));
}
}
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
public HttpResponseMessage PostLogin([FromBody] User user)
{
try
{
using (CompanyPosDBContext database = new CompanyPosDBContext())
{
if (database.Users.ToList().Any(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Active == true))
{
if (!string.IsNullOrEmpty(user.UUID) && user.PinNumber != null)
{
Dispositives dispositive = (from disp in database.Dispositives
where disp.UUID.Equals(user.UUID) && disp.PinNumber.Equals((int)user.PinNumber) &&
disp.Active.Equals(true)
select disp
).FirstOrDefault();
if (dispositive != null)
{
User userEntity = database.Users.Find(dispositive.UserID);
if (userEntity.Username.Trim().Equals(user.Username.Trim()))
{
Session session = saveSession(userEntity);
session.PinNumber = dispositive.PinNumber;
//SAVE ACTIVITY
database.UserActivities.Add(new UserActivity()
{
StoreID = session.StoreID
,
UserID = session.UserID
,
Activity = "LOGIN PINNUMBER"
,
Date = DateTime.Now
}
);
database.SaveChanges();
var message = Request.CreateResponse(HttpStatusCode.Created, session);
message.Headers.Location = new Uri(Request.RequestUri + "/" + session.ID.ToString());
return(message);
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "Session info invalid"));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "Session info invalid"));
}
}
else if (database.Users.ToList().Any(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Password.Trim().Equals(user.Password.Trim())))
{
//Get user's data
User userEntity = database.Users.ToList().FirstOrDefault(x => x.Username.Trim().Equals(user.Username.Trim()) && x.Password.Trim().Equals(user.Password.Trim()));
//SAVE SESSION
Session session = saveSession(userEntity);
//SAVE DISPOSITIVE
if (!string.IsNullOrEmpty(user.UUID))
{
int pinNumber = Util.GetPinNumber(user.UUID, userEntity.ID);
removeDispositive(user.UUID, userEntity.ID);
Dispositives dispositive = new Dispositives {
UserID = userEntity.ID, PinNumber = pinNumber, UUID = user.UUID, Active = true
};
database.Dispositives.Add(dispositive);
database.SaveChanges();
session.PinNumber = dispositive.PinNumber;
}
//SAVE ACTIVITY
database.UserActivities.Add(new UserActivity()
{
StoreID = session.StoreID
, UserID = session.UserID
, Activity = "LOGIN"
, Date = DateTime.Now
}
);
database.SaveChanges();
var message = Request.CreateResponse(HttpStatusCode.Created, session);
message.Headers.Location = new Uri(Request.RequestUri + "/" + session.ID.ToString());
return(message);
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "User or password invalid"));
}
}
else
{
var message = Request.CreateResponse(HttpStatusCode.NotFound, "User invalid or Inactive");
return(message);
}
}
}
catch (Exception ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
}
}
