private void SetSecurityLogging(ref Spartan_Security_Log oSecurityLog, short Event_Type, int?User_Id, int?User_Role_Id, short Result_Id)
{
oSecurityLog.Event_Type = Event_Type;
oSecurityLog.Result_Id = Result_Id;
oSecurityLog.Log_Date = DateTime.Now;
oSecurityLog.User_Role_Id = User_Role_Id;
oSecurityLog.User_Id = User_Id;
oSecurityLog.IP_Address_Source = Helper.IPAddress();
oSecurityLog.IP_Address_Target = Helper.IPAddress();
oSecurityLog.Computer_Name = System.Environment.MachineName;
oSecurityLog.Language_Id = 1;
oSecurityLog.Security_Log_Id = 0;
oSecurityLog.URL = HttpContext.Request.Url.ToString();
}
public ApiResponse <int> Insert(Spartan_Security_Log entity)
{
try
{
var result = RestApiHelper.InvokeApi <int>(baseApi, ApiControllerUrl + "/Post",
Method.POST, ApiHeader, entity);
return(new ApiResponse <int>(true, result));
}
catch (Exception)
{
return(new ApiResponse <int>(false, -1));
}
}
public HttpResponseMessage Delete(int id)
{
Spartan_Security_Log varSpartan_Security_Log = this.service.GetByKey(id, false);
bool result = false;
if (varSpartan_Security_Log == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
try
{
result = this.service.Delete(id);//, globalData, dataReference);
}
catch (ServiceException ex)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message));
}
return(Request.CreateResponse(HttpStatusCode.OK, result));
}
public HttpResponseMessage Put(int id, Spartan_Security_Log varSpartan_Security_Log)
{
if (ModelState.IsValid && id == varSpartan_Security_Log.Security_Log_Id)
{
var data = -1;
try
{
data = this.service.Update(varSpartan_Security_Log);//, globalData, dataReference);
}
catch (ServiceException ex)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message));
}
return(Request.CreateResponse(HttpStatusCode.OK, data, Configuration.Formatters.JsonFormatter));
}
else
{
var errors = ModelState.Values.SelectMany(v => v.Errors).Select(error => error.ErrorMessage);
return(Request.CreateResponse(HttpStatusCode.BadRequest, errors));
}
}
public ActionResult Login(LoginViewModel model, string returnUrl = "")
{
Session["BlockUser"] = null;
if (ModelState.ContainsKey("LanguageList"))
{
ModelState["LanguageList"].Errors.Clear();
}
if (ModelState.IsValid)
{
string passwordEncripted = EncryptHelper.CalculateMD5Hash(model.Password);
if (!_tokenManager.GenerateToken(model.UserName, passwordEncripted))
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.InvalidUserPassword));
}
}
_ISpartan_SettingsApiConsumer.SetAuthHeader(_tokenManager.Token);
var FailedAttemptDB = _ISpartan_SettingsApiConsumer.GetByKey("FailedAttempts", false).Resource;
int FailedAttempts = Convert.ToInt32(FailedAttemptDB.Valor);
model.MaxFailedAttempts = FailedAttempts;
if (Session["UserName"] != null && Session["UserName"].ToString() != model.UserName)
{
model.FailedAttempts = 1;
}
Session["UserName"] = model.UserName;
_IUseroApiConsumer.SetAuthHeader(_tokenManager.Token);
Spartan_Security_Log oSecurityLog = new Spartan_Security_Log();
var UsersByName = _IUseroApiConsumer.ListaSelAll(0, 10, "Spartan_User.Username = '******'", "").Resource;
if (UsersByName.RowCount == 0)
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
model.LanguageList = GetLanguage();
SessionHelper.Relogin = false;
return(View(model));
}
// Call Validate User API for user Exists in application
Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count() > 0)
{
if (UserDetails.Spartan_Users[0].Status == 1)
{
var spartan_user = new Core.Domain.Spartan_User.Spartan_User
{
Id_User = UserDetails.Spartan_Users[0].Id_User,
Name = UserDetails.Spartan_Users[0].Name,
Password = UserDetails.Spartan_Users[0].Password
};
TTUsuario user = new TTUsuario
{
IdUsuario = Convert.ToInt16(UserDetails.Spartan_Users[0].Id_User),
Nombre = Convert.ToString(UserDetails.Spartan_Users[0].Name),
Clave_de_Acceso = UserDetails.Spartan_Users[0].Username,
//Activo = UserDetails.Spartan_Users[0].Status
};
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, UserDetails.Spartan_Users[0].Id_User, UserDetails.Spartan_Users[0].Role, (short)Result_Type.Granted);
int SecurityLogId = _ISpartanSecurityApiConsumer.Insert(oSecurityLog).Resource;
SetAuthentication(UserDetails);
//_authenticationService.SignIn(user, model.RememberMe);
//Adding user Core entity Data
SessionHelper.UserEntity = UserDetails.Spartan_Users[0];
//Getting User Image
_ISpartane_FileApiConsumer.SetAuthHeader(_tokenManager.Token);
var userImage =
_ISpartane_FileApiConsumer.GetByKey(Convert.ToInt32(UserDetails.Spartan_Users[0].Image))
.Resource;
if (userImage != null && userImage.File != null)
{
SessionHelper.UserImage = userImage.File;
}
Response.Cookies["UserSettings"]["SecurityLogId"] = SecurityLogId.ToString();
Spartan_Session_Log oSessionLog = new Spartan_Session_Log();
SetSessionLogging(ref oSessionLog, (short)Event_Type.Login, (short)Event_Type.Login, SecurityLogId, UserDetails.Spartan_Users[0].Id_User, UserDetails.Spartan_Users[0].Role, (short)Result_Type.Granted);
_ISpartanSessionApiConsumer.Insert(oSessionLog);
//Saving Credentials
SessionHelper.UserCredential = new Spartane_Credential
{
Password = EncryptHelper.CalculateMD5Hash(model.Password),
UserName = model.UserName,
};
// save role id in session
SessionHelper.Role = UserDetails.Spartan_Users[0].Role;
// save role object in session
SessionHelper.Sprtan_Role = new RoleSpartanUserRole
{
Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Id,
Description = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Description,
Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status,
Status_Spartan_User_Role_Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status_Spartan_User_Role_Status,
User_Role_Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id,
};
Session["USERID"] = user.IdUsuario;
Session["USERROLEID"] = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id;
Session.Timeout = Convert.ToInt32(ConfigurationManager.AppSettings["SessionTimeOut"]);
Session["LANGUAGEID"] = (model.SelectedLanguage.HasValue) ? model.SelectedLanguage.Value : 1;
SessionHelper.Relogin = false;
return(RedirectToLocal("~/Frontal/Home/Index"));
}
else
{
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, null, null, (short)Result_Type.Denied);
_ISpartanSecurityApiConsumer.Insert(oSecurityLog);
ModelState.AddModelError("", Resources.LoginResources.DeactivateAccount);
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.DeactivateAccount));
}
}
}
else
{
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, null, null, (short)Result_Type.Denied);
_ISpartanSecurityApiConsumer.Insert(oSecurityLog);
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
if (model.FailedAttempts < model.MaxFailedAttempts)
{
model.FailedAttempts = model.FailedAttempts + 1;
}
else
{
if (UsersByName.RowCount == 1)
{
var UserByName = UsersByName.Spartan_Users.First();
UserByName.Status = 2;
int status = _IUseroApiConsumer.Update(UserByName, null, null).Resource;
model.FailedAttempts = 1;
}
Session["BlockUser"] = true;
}
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.InvalidUserPassword));
}
}
}
model.LanguageList = GetLanguage();
// If we got this far, something failed, redisplay form
return(View(model));
}