public OperationResult <PaginatedList <SYS_MSGUSER> > GetMsg(string api_account, long timeStamp, string sign, string token, int onlyUnread, int pi, int ps) { if (string.IsNullOrWhiteSpace(token)) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_Param_Empty)); } if (!_parameterValidateService.CheckTimestamp(timeStamp)) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_TimeStamp)); } if (!TokenHelper.CheckToken(token)) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_TokenExpiration)); } var apiAccount = _apiRepository.GetSingleByAccount(api_account); if (apiAccount == null) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_ApiAccountNotExist)); } if (!CheckSignForGetMsg(api_account, timeStamp, sign, token, onlyUnread, pi, ps, apiAccount.Api_SecretKey)) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_Sign)); } var theToken = TokenHelper.GetToken(token); var theCompanyId = new Guid(apiAccount.CompanyId); var user = _userRepository.GetSingleByKey(theToken.UserId); if (user == null) { return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Error_UserNotExist)); } List <SYS_MSGUSER> data = null; int t = 0; if (onlyUnread == 1) { data = GetUnreadMsgs(user.Key.ToString(), pi, ps, out t); } else { data = QueryMsg(user.Key.ToString(), null, pi, ps, out t); } PaginatedList <SYS_MSGUSER> result = new PaginatedList <SYS_MSGUSER>(pi, ps, t, data); return(new OperationResult <PaginatedList <SYS_MSGUSER> >(OperationCode.Success, result)); }
public void DownloadFile(int owner, string fileName, string token) { try { var tokenValue = token.Replace("**", ","); TokenModel tokenModel = Newtonsoft.Json.JsonConvert.DeserializeObject <TokenModel>(tokenValue); //用户验证逻辑 if (TokenHelper.CheckToken(tokenModel) != TokenValidateResult.PASS) { return; } fileName = HttpContext.Current.Server.UrlDecode(fileName); string fileUploadPath = ConfigurationManager.AppSettings["FileUpload"]; string fullName = System.IO.Path.Combine(fileUploadPath, owner.ToString(), fileName); FileInfo fileInfo = new FileInfo(fullName); HttpContext.Current.Response.Clear(); HttpContext.Current.Response.ClearContent(); HttpContext.Current.Response.ClearHeaders(); HttpContext.Current.Response.AddHeader("Content-Disposition", "attachment;filename=" + fileName); HttpContext.Current.Response.AddHeader("Content-Length", fileInfo.Length.ToString()); HttpContext.Current.Response.AddHeader("Content-Transfer-Encoding", "binary"); HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*"); HttpContext.Current.Response.ContentType = "application/octet-stream"; HttpContext.Current.Response.ContentEncoding = System.Text.Encoding.GetEncoding("gb2312"); HttpContext.Current.Response.WriteFile(fileInfo.FullName); HttpContext.Current.Response.Flush(); HttpContext.Current.Response.End(); } catch { return; } }
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization != null) { string token = actionContext.Request.Headers.Authorization.Parameter; token = token.Replace("$#@!", ","); TokenModel tokenModel = Newtonsoft.Json.JsonConvert.DeserializeObject <TokenModel>(token); //用户验证逻辑 if (TokenHelper.CheckToken(tokenModel) == TokenValidateResult.PASS) { IsAuthorized(actionContext); } else { HandleUnauthorizedRequest(actionContext); } } else { HandleUnauthorizedRequest(actionContext); } }
public void OnResourceExecuting(ResourceExecutingContext context) { if (GlobalFilterHelper.IsSkit(context)) { return; } string token = context.HttpContext.Request.Headers["Authorization"]; if (token.IsNullOrWhiteSpace()) { // 无Token,未登录 OkObjectResult res = new OkObjectResult(ResultCode.NotLogin.GetResult()); context.Result = res; } else { if (!TokenHelper.CheckToken(token)) { // Token无效,登陆超时 OkObjectResult res = new OkObjectResult(ResultCode.LoginTimeout.GetResult()); context.Result = res; } } }
public OperationResult UpdateMsgFlag(string api_account, long timeStamp, string sign, string token, int flag, string msgId) { if (string.IsNullOrWhiteSpace(token)) { return(new OperationResult(OperationCode.Error_Param_Empty)); } if (!_parameterValidateService.CheckTimestamp(timeStamp)) { return(new OperationResult(OperationCode.Error_TimeStamp)); } if (!TokenHelper.CheckToken(token)) { return(new OperationResult(OperationCode.Error_TokenExpiration)); } var apiAccount = _apiRepository.GetSingleByAccount(api_account); if (apiAccount == null) { return(new OperationResult(OperationCode.Error_ApiAccountNotExist)); } if (!CheckSignForUpdateMsgFlag(api_account, timeStamp, sign, token, flag, msgId, apiAccount.Api_SecretKey)) { return(new OperationResult(OperationCode.Error_Sign)); } var theToken = TokenHelper.GetToken(token); var theCompanyId = new Guid(apiAccount.CompanyId); var user = _userRepository.GetSingleByKey(theToken.UserId); if (user == null) { return(new OperationResult(OperationCode.Error_UserNotExist)); } var mu = _msguserRepository.GetAll().FirstOrDefault(x => x.USER_ID == user.Key && x.MSG_ID == new Guid(msgId) && x.DELETE_FLAG == 0); if (mu == null) { return(new OperationResult(OperationCode.Error_Unknown)); } if (flag == 1) { mu.USERREAD_FLAG = 1; } else if (flag == 2) { mu.DELETE_FLAG = 1; } mu.LASTUPDATE_DATETIME = DateTime.Now; mu.LASTUPDATE_ACCOUNT = user.USERNAME; _msguserRepository.Edit(mu); _msguserRepository.Save(); return(new OperationResult(OperationCode.Success)); }
public OperationResult EvaluateComplaints(string api_account, long timeStamp, string sign, string token, long cpid, int satsf, int satsf1, int satsf2, string content) { if (string.IsNullOrWhiteSpace(token)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_Param_Empty)); } if (!_parameterValidateService.CheckTimestamp(timeStamp)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_TimeStamp)); } if (!TokenHelper.CheckToken(token)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_TokenExpiration)); } var apiAccount = _apiRepository.GetSingleByAccount(api_account); if (apiAccount == null) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_ApiAccountNotExist)); } if (!checkSignForEvaluateComplaints(api_account, timeStamp, sign, token, cpid, satsf, satsf1, satsf2, content, apiAccount.Api_SecretKey)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_Sign)); } var theToken = TokenHelper.GetToken(token); var theCompanyId = new Guid(apiAccount.CompanyId); var user = _userRepository.GetSingleByKey(theToken.UserId); if (user == null) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_UserNotExist)); } try { var cp = GetComplaintsById(cpid, theToken, user); if (cp.Status != (int)ComplaintStatus.Completed) { return(new OperationResult(OperationCode.Error_ComplaintsEvaluated)); } var customerReview = new CustomerReviews { ComplaintId = cpid, CreateTime = DateTime.Now, Content = content, Satisfaction = satsf, Satisfaction1 = satsf1, Satisfaction2 = satsf2 }; var complaintsProcessing = new ComplaintsProcessing { ComplaintId = cpid, OriginalStatus = ((ComplaintStatus)cp.Status).ToString(), ProcessingTime = DateTime.Now, Processor = user.USERNAME }; cp.Status = (int)ComplaintStatus.Evaluated; complaintsProcessing.CurrentStatus = ComplaintStatus.Evaluated.ToString(); complaintsProcessing.ProcessFlowNumber = cp.ComplaintsProcessing != null && cp.ComplaintsProcessing.Any() ? cp.ComplaintsProcessing.Max(x => x.ProcessFlowNumber) + 1 : 1; if (cp.ComplaintsProcessing == null) { cp.ComplaintsProcessing = new List <ComplaintsProcessing>(); } cp.ComplaintsProcessing.Add(complaintsProcessing); if (cp.CustomerReviews == null) { cp.CustomerReviews = new List <CustomerReviews>(); } cp.CustomerReviews.Add(customerReview); _repository.Edit(cp); _repository.Save(); } catch (Exception) { return(new OperationResult(OperationCode.Error_Unknown)); } return(new OperationResult(OperationCode.Success)); }
public OperationResult <PaginatedList <Complaints> > GetComplaintsList(string api_account, long timeStamp, string sign, string token, int pi, int ps) { if (string.IsNullOrWhiteSpace(token)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_Param_Empty)); } if (!_parameterValidateService.CheckTimestamp(timeStamp)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_TimeStamp)); } if (!TokenHelper.CheckToken(token)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_TokenExpiration)); } var apiAccount = _apiRepository.GetSingleByAccount(api_account); if (apiAccount == null) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_ApiAccountNotExist)); } if (!checkSignForGetComplaintsList(api_account, timeStamp, sign, token, pi, ps, apiAccount.Api_SecretKey)) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_Sign)); } var theToken = TokenHelper.GetToken(token); var theCompanyId = new Guid(apiAccount.CompanyId); var user = _userRepository.GetSingleByKey(theToken.UserId); if (user == null) { return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Error_UserNotExist)); } IList <Complaints> complaints = null; int t = 0; if (theToken.UserTypes.Contains("customer")) { complaints = QueryForCreator(null, user.USERNAME, pi, ps, out t); } else if (theToken.UserTypes.Contains("installer")) { complaints = _repository.QueryComplaintsForInstaller(null, user.USERNAME, user.LICNO, pi, ps, out t); } if (t > 0) { foreach (var itm in complaints) { itm.StrStatus = GetComplaintsStatus(itm.Status); itm.StrComplaintsType = GetComplaintType(itm.ComplaintsType); } } PaginatedList <Complaints> result = new PaginatedList <Complaints>(pi, ps, t, complaints); return(new OperationResult <PaginatedList <Complaints> >(OperationCode.Success, result)); }
public OperationResult AddNewComplaints(string api_account, long timeStamp, string sign, string token, string title, string description, string complaintsTyps, string email, string contactNumber, string sn, string attachment1, string attachment2, string attachment3) { if (string.IsNullOrWhiteSpace(token)) { return(new OperationResult(OperationCode.Error_Param_Empty)); } if (!_parameterValidateService.CheckTimestamp(timeStamp)) { return(new OperationResult(OperationCode.Error_TimeStamp)); } if (!TokenHelper.CheckToken(token)) { return(new OperationResult(OperationCode.Error_TokenExpiration)); } var apiAccount = _apiRepository.GetSingleByAccount(api_account); if (apiAccount == null) { return(new OperationResult(OperationCode.Error_ApiAccountNotExist)); } if (!checkSignForAddNewComplaints(api_account, timeStamp, sign, token, title, description, complaintsTyps, email, contactNumber, sn, attachment1, attachment2, attachment3, apiAccount.Api_SecretKey)) { return(new OperationResult(OperationCode.Error_Sign)); } var theNewComplaint = new Complaints { Title = title, ComplaintsType = complaintsTyps, Email = email, ContactNumber = contactNumber, SysSn = sn, Attachment = HttpUtility.UrlDecode(attachment1), Attachment3 = HttpUtility.UrlDecode(attachment3), Attachment2 = HttpUtility.UrlDecode(attachment2) }; theNewComplaint.Description = !string.IsNullOrWhiteSpace(description) ? HttpUtility.UrlDecode(description).Replace("\n", HttpUtility.HtmlEncode("<br/>")) : string.Empty; var s = _systemRepository.GetSystemBySn(sn); if (s != null) { if (!string.IsNullOrWhiteSpace(s.CountryCode)) { theNewComplaint.Area = GetCountryCode(s.CountryCode); theNewComplaint.SystemLicense = s.LicNo; theNewComplaint.SystemMinv = s.Minv; theNewComplaint.SystemPostcode = s.PostCode; } } var tk = TokenHelper.GetToken(new Guid(token)); var u = _userRepository.GetSingleByKey(tk.UserId); if (tk.UserTypes.Contains("installer")) { theNewComplaint.SystemLicense = u.LICNO; } theNewComplaint.Creator = u.USERNAME; theNewComplaint.ComplaintsProcessing.Add(new ComplaintsProcessing { CurrentStatus = ComplaintStatus.Open.ToString(), ProcessFlowNumber = 0, ProcessingTime = DateTime.Now, Processor = u.USERNAME }); if (AddNewComplaint(theNewComplaint) == null) { return(new OperationResult(OperationCode.Error_AddNewComplaintsFailed)); } SYS_USER theCustomer = null; if (tk.UserTypes.Contains("customer")) { theCustomer = u; } else if (s != null && s.UserId.HasValue) { theCustomer = _userRepository.GetSingleByKey(s.UserId.Value); } if (theCustomer != null) { var customerInfo = new CustomerInfo { ComplaintId = theNewComplaint.Key, SysSn = theNewComplaint.SysSn, CustomerContactNumber = theCustomer.CELLPHONE, CustomerCountry = GetCountryCode(theCustomer.COUNTRYCODE), CustomerEmail = theCustomer.EMAIL, ContactName = theCustomer.LINKMAN, CustomerAddress = theCustomer.ADDRESS, CustomerPostcode = theCustomer.POSTCODE, CustomerName = theCustomer.USERNAME, CreateTime = DateTime.Now }; _customerInfoRepository.Add(customerInfo); _customerInfoRepository.Save(); } return(new OperationResult(OperationCode.Success)); }
public async Task <IActionResult> Mobile(string functionName) { var task = await Task.Run(async() => { dynamic d = null; string clientContentType; string clientAccept; string token = ""; int httpStatusCode = 404; int ResponseCode = -600; string ResponseMessage = "Truy vấn API thất bại"; string Data = ""; string taskReturn; d = GetConfig(); if (d == null) { ResponseCode = -99; ResponseMessage = "Lỗi file config API"; } else { if (d.Https.ToString() == "1" && !Request.IsHttps) { ResponseCode = -600; ResponseMessage = "Hệ thống yêu cầu SSL"; } else { if (Request.Method != "POST") { ResponseCode = -600; ResponseMessage = "Hệ thống yêu cầu phương thức POST"; } else { clientContentType = Request.Headers["Content-Type"]; clientAccept = Request.Headers["Accept"]; if (clientAccept.ToLower() != "application/json") { ResponseCode = -600; ResponseMessage = "Hệ thống yêu cầu Accept: application/json"; } else { if (clientContentType.ToLower() != "application/json") { ResponseCode = -600; ResponseMessage = "Hệ thống yêu cầu Content-Type: application/json"; } else { int i = 0; bool kt = false; while (i < d.config.Count && !kt) { if (d.config[i].clientId.ToString().ToUpper() == ClientID.ToUpper()) { kt = true; } i = i + 1; } if (kt) { i = i - 1; kt = false; string StoreName = ""; int j = 0; dynamic d1 = d.config[i].functionListName; while (j < d1.Count && !kt) { if (d1[j].FunctionName.ToString().ToUpper() == functionName.ToUpper()) { kt = true; } j = j + 1; } if (kt) { dynamic dRequest = null; StreamReader reader = new StreamReader(Request.Body); try { string content = await reader.ReadToEndAsync(); dRequest = JObject.Parse(content); } catch (Exception ex) { dRequest = null; } if (functionName.ToUpper() != "LOGIN") { token = Request.Headers["Authorization"]; if (token == null) { token = ""; } try { // Check token TokenDTO objToken; bool IsValid = TokenHelper.CheckToken(token, out objToken); // Thực hiện call nghiệp vụ với token nhận được if (!IsValid) { ResponseCode = -600; ResponseMessage = "Token không hợp lệ"; } else { // Điều hướng nghiệp vụ switch (functionName.ToLower()) { case "sendmail": string _SMTP = "smtp.gmail.com"; int _Port = 587; bool _IsSSL = true; string _AccountName = "Nguyen Van A"; string _EmailReceipt = "*****@*****.**"; string _AccountUser = "******"; string _AccountPassword = "******"; string[] _EmailTo = { "*****@*****.**" }; string[] _EmailCC = { "*****@*****.**", "*****@*****.**" }; string[] _EmailBCC = { }; string _Subject = "Test mail"; string _Content = "Test content"; string[] _FileList = { }; Send_Mail send_Mail = new Send_Mail(_SMTP, _Port, _IsSSL, _AccountName, _EmailReceipt, _AccountUser, _AccountPassword, _EmailTo, _EmailCC, _EmailBCC, _Subject, _Content, _FileList); bool IsSended = await send_Mail.EmailSendingAsync(); if (IsSended) { ResponseCode = 1; ResponseMessage = string.Format("Gửi email từ API thành công"); Data = ""; httpStatusCode = 200; } else { ResponseCode = -600; ResponseMessage = string.Format("Gửi email từ API thất bại"); Data = ""; } break; default: // Create param store proceduce List <string> arStoreName = new List <string>(); Dictionary <string, object> paramObj = new Dictionary <string, object>(); arStoreName.Add(functionName.ToLower()); arStoreName.Add(StoreName.ToLower()); dynamic d2 = d1[j].ParamIn; for (var l = 0; l < d2.Count; l++) { string a = ""; string b = ""; a = d2[l].LocalName.ToString(); if (dRequest != null) { if (dRequest[d2[l].ParamName.ToString()] != null) { b = dRequest[d2[l].ParamName.ToString()].ToString(); } } // IsHidden = 1 if (d2[l].IsHidden.ToString() == "1") { // Username if ((a.ToUpper() == "P_USERNAME") && (objToken != null)) { b = objToken.Username; } } paramObj.Add(a, b); } d2 = d1[j].ParamOut; for (var l = 0; l < d2.Count; l++) { string a = ""; string b = ""; a = d2[l].LocalName.ToString(); b = d2[l].LocalValue.ToString(); paramObj.Add(a, b); } // Call store with Param break; } ResponseCode = 1; ResponseMessage = string.Format("Truy vấn API thành công"); Data = ""; httpStatusCode = 200; } } catch (Exception ex) { ResponseCode = -600; ResponseMessage = string.Format("Token không hợp lệ: {0}", ex.ToString()); } } else { // Thực hiện call Login if (dRequest == null) { ResponseCode = -600; ResponseMessage = "Hệ thống không nhận được request Data"; } else { try { bool isValid; switch (int.Parse(dRequest.Provider.ToString())) { case 2: // Login Email string smtp = "mail.abc.com"; int port = 587; string Email = dRequest.UserName.ToString(); string UserPassword = dRequest.Password.ToString(); isValid = await Utils.EmailValidateAsync(smtp, port, Email, UserPassword); break; case 3: // Login LDAP Email = dRequest.UserName.ToString(); UserPassword = dRequest.Password.ToString(); string LdapURL = "LDAP://abc.com"; string LDAPDomain = "abc.com"; string LDAPBaseDN = "//ldap://abc.com/path"; LDAP m = new LDAP(LdapURL, LDAPDomain, LDAPBaseDN, 0, Email, UserPassword); // 0 - ContextType.Machine isValid = await m.ValidateUserAsync(); break; default: // Login bang store proceduce // Create param store proceduce List <string> arStoreName = new List <string>(); Dictionary <string, object> paramObj = new Dictionary <string, object>(); arStoreName.Add(functionName.ToLower()); arStoreName.Add(StoreName.ToLower()); dynamic d2 = d1[j].ParamIn; for (var l = 0; l < d2.Count; l++) { string a = ""; string b = ""; a = d2[l].LocalName.ToString(); if (dRequest != null) { if (dRequest[d2[l].ParamName.ToString()] != null) { b = dRequest[d2[l].ParamName.ToString()].ToString(); } } // Encrypt Password //if(a.ToUpper == "P_PASSWORD") //{ // using (encry = new EncryptData) // { // b = encry.EncryptString(b) // } //} paramObj.Add(a, b); } d2 = d1[j].ParamOut; for (var l = 0; l < d2.Count; l++) { string a = ""; string b = ""; a = d2[l].LocalName.ToString(); b = d2[l].LocalValue.ToString(); paramObj.Add(a, b); } // Call store with Param isValid = true; break; } if (!isValid) { ResponseCode = -600; ResponseMessage = "Login không thành công"; httpStatusCode = 200; } else { ResponseCode = 1; ResponseMessage = "Login thành công"; httpStatusCode = 200; token = TokenHelper.GenerateToken(dRequest["DeviceID"].ToString(), dRequest["UserName"].ToString()); Data = string.Format(",\"Token\":\"{0}\"", token); } } catch (Exception ex) { ResponseCode = -600; ResponseMessage = string.Format("Login không thành công {0}", ex.ToString()); } } } } else { ResponseCode = -600; ResponseMessage = "Hệ thống không tìm được nghiệp vụ: " + functionName; } } else { ResponseCode = -600; ResponseMessage = "Hệ thống không tìm được ClientID"; } } } } } } Utils.WriteLogAsync(string.Format("ResponseCode: {0}, ResponseMessage: {1}", ResponseCode, ResponseMessage)); taskReturn = httpStatusCode.ToString() + "^{\"Status\": " + ResponseCode + ", \"Message\": \"" + ResponseMessage + "\"" + Data + "}"; return(taskReturn); }); string[] a = task.Split(new string[] { "^" }, StringSplitOptions.None); int _StatusCode = int.Parse(a[0]); dynamic r = JObject.Parse(a[1]); if (_StatusCode == 200) { //return Json(a[1]); return(new ContentResult { Content = a[1], ContentType = "application/json" }); } else { return(StatusCode(_StatusCode)); } }
public async Task <HttpResponseMessage> FileUpload(/*ExternalFileUploadRequestModel req*/) { var token = HttpContext.Current.Request.Params["Token"]; var timestamp = Convert.ToInt64(HttpContext.Current.Request.Params["timestamp"]); var sign = HttpContext.Current.Request.Params["sign"]; var api_account = HttpContext.Current.Request.Params["api_account"]; if (string.IsNullOrWhiteSpace(HttpContext.Current.Request.Params["Token"]) || string.IsNullOrWhiteSpace(HttpContext.Current.Request.Params["timestamp"]) || string.IsNullOrWhiteSpace(HttpContext.Current.Request.Params["sign"]) || string.IsNullOrWhiteSpace(HttpContext.Current.Request.Params["api_account"])) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_Param_Empty })); } if (string.IsNullOrWhiteSpace(token)) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_Param_Empty })); } if (!_parameterValidateService.CheckTimestamp(timestamp)) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_TimeStamp })); } if (!TokenHelper.CheckToken(token)) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_TokenExpiration })); } var apiAccount = _apiService.GetByAccount(api_account); if (apiAccount == null) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_ApiAccountNotExist })); } // Check whether the POST operation is MultiPart? if (!Request.Content.IsMimeMultipartContent()) { throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType); } // Prepare CustomMultipartFormDataStreamProvider in which our multipart form // data will be loaded. string fileSaveLocation = System.Configuration.ConfigurationManager.AppSettings["filesavelocation"] + DateTime.Now.ToString("yyyyMM"); string fileSaveLogicalLocation = "~/App_Data/" + DateTime.Now.ToString("yyyyMM"); Directory.CreateDirectory(fileSaveLocation); AlphaEssMultipartFormDataStreamProvider provider = new AlphaEssMultipartFormDataStreamProvider(fileSaveLocation); //List<string> files = new List<string>(); if (Request.Content.Headers.ContentLength > 10485760) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel() { ReturnCode = (int)OperationCode.Error_FileIsTooLarge })); } try { // Read all contents of multipart message into CustomMultipartFormDataStreamProvider. await Request.Content.ReadAsMultipartAsync(provider); //foreach (MultipartFileData file in provider.FileData) //{ var result = new ExternalFileUploadResponseModel() { ReturnCode = (int)OperationCode.Success }; result.FilePath = Path.Combine(fileSaveLogicalLocation, Path.GetFileName(provider.FileData[0].LocalFileName)); //} return(Request.CreateResponse(HttpStatusCode.OK, result)); } catch (Exception exc) { return(Request.CreateResponse(HttpStatusCode.OK, new ExternalFileUploadResponseModel { ReturnCode = (int)OperationCode.Error_Unknown })); } }