/// <summary> /// Update Password /// </summary> /// <param name="obj">Request object</param> /// <returns>User object</returns> public ActionResponse UpdatePasswordAction(UpdatePasswordRequest obj) { try { int idProduct = obj.idProduct.Value; int idChannel = obj.idChannel.Value; decimal idClient = obj.idClient.Value; // STEP 0: Need to verify if product and channel exist or not ProductData prodData = new ProductData(); Product oProduct = prodData.GetProductById(idProduct); if (oProduct == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El producto no existe en el sistema", null)); } ChannelData channelData = new ChannelData(); Channel oChannel = channelData.GetChannelById(idChannel); if (oChannel == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El canal no existe en el sistema", null)); } // STEP 0.1: Verify if user exists ClienteData clientData = new ClienteData(); Cliente oClient = clientData.GetUserById(idClient); if (oClient.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "No existe el usuario en el sistema", null)); } // STEP 1: Check if user identify already exists by id_cliente + channel UserIdentifyData uiData = new UserIdentifyData(); UserIdentify ui = uiData.FindByIdUserAndIdChannel(idClient, idChannel); if (ui.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "La identidad del usuario no existe en el sistema", null)); } int idUserIdentify = ui.idUserIdentify.Value; // STEP 2: Check credential string oldPassAsMD5 = ""; string newPassAsMD5 = ""; using (MD5 md5Hash = MD5.Create()) { string oldPass = obj.oldPassword.Trim(); string newPass = obj.newPassword.Trim(); // Password integrity if (String.IsNullOrEmpty(newPass)) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no puede ser una cadena vacía", null)); } int minLengthPass = Int32.Parse(functions.ConfigItem("MIN_PASS_LENGTH")); if (newPass.Length < minLengthPass) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña debe tener un mínimo de " + minLengthPass + " caracteres", null)); } if (oldPass == newPass) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La nueva contraseña no puede ser igual a la actual", null)); } // Passwords as MD5 oldPassAsMD5 = functions.GetMd5Hash(md5Hash, oldPass); newPassAsMD5 = functions.GetMd5Hash(md5Hash, newPass); } CredentialData credData = new CredentialData(); Credential oCredential = credData.FindByProductAndUserIdentifyAndPass(idProduct, idUserIdentify, oldPassAsMD5); if (oCredential.idCredential == null) { return(functions.Response((int)CodeStatusEnum.BAD_REQUEST, "La contraseña no es válida", null)); } int idCredential = oCredential.idCredential.Value; // STEP 3: If Credential is OK, need to check if credential is NORMAL or TEMPORAL if (oCredential.idState.Value == (int)StateEnum.ACTIVE) { // Normal process bool updCredential = credData.UpdatePassword(idCredential, newPassAsMD5, (int)StateEnum.ACTIVE); if (!updCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null)); } } else if (oCredential.idState.Value == (int)StateEnum.TEMPORAL_PASSWORD) { // Will set normal credential with new password // Firstly, need to find it List <Credential> lstCredentials = credData.FindByProductAndUserIdentify(idProduct, idUserIdentify); foreach (Credential o in lstCredentials) { // Finding normal credential related to product and useridentify if (o.idState.Value == (int)StateEnum.ACTIVE) { bool updCredential = credData.UpdatePassword(o.idCredential.Value, newPassAsMD5, (int)StateEnum.ACTIVE); if (!updCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la contraseña", null)); } } } // Pass temporal credential to TEMPORAL_PASSWORD_USED bool updTmpCredential = credData.UpdatePassword(idCredential, oldPassAsMD5, (int)StateEnum.TEMPORAL_PASSWORD_USED); if (!updTmpCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar la credencial temporal", null)); } } else { // Desactive, I can´t do anything return(functions.Response((int)CodeStatusEnum.CONFLICT, "La credencial se encuentra inactiva y no se puede actualizar", null)); } // OK, return true/false UpdatePasswordResponse response = new UpdatePasswordResponse(); response.updated = DateTime.Now; return(functions.Response((int)CodeStatusEnum.OK, "OK", response)); } catch (Exception e) { logger.Fatal(e.Message); return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, e.Message, null)); } }
/// <summary> /// Will desactive user credential (user identify + product) /// </summary> /// <param name="obj">Unregister request object (idProduct, idChannel, value)</param> /// <returns></returns> public ActionResponse UnregisterAction(UnregisterRequest obj) { try { int idProduct = obj.idProduct.Value; int idChannel = obj.idChannel.Value; string value = obj.value; // effective value for user identify string password = obj.password; // STEP 0: Need to verify if product and channel exist or not ProductData prodData = new ProductData(); Product oProduct = prodData.GetProductById(obj.idProduct.Value); if (oProduct == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El producto no existe en el sistema", null)); } ChannelData channelData = new ChannelData(); Channel oChannel = channelData.GetChannelById(obj.idChannel.Value); if (oChannel == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El canal no existe en el sistema", null)); } // STEP 1: Check if user identify already exists by id_cliente + channel + value UserIdentifyData uiData = new UserIdentifyData(); UserIdentify ui = uiData.FindByIdChannelAndValue(idChannel, value); if (ui.idUserIdentify == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "La identidad del usuario no existe en el sistema", null)); } // STEP 2: Check credentials string passwordAsMD5 = null; if (password != null) { using (MD5 md5Hash = MD5.Create()) { passwordAsMD5 = functions.GetMd5Hash(md5Hash, password.Trim()); } } CredentialData credData = new CredentialData(); Credential oCredential = credData.FindByProductAndUserIdentifyAndPass(idProduct, ui.idUserIdentify.Value, passwordAsMD5); if (oCredential.idCredential == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "No existe ninguna credencial con los datos proporcionados", null)); } // STEP 3: If Credential is OK, will use same method passing actual password, the idea is use it for updating // the state to INACTIVE, it's not neccesary to make another method int idCredential = oCredential.idCredential.Value; bool updCredential = credData.UpdatePassword(idCredential, passwordAsMD5, (int)StateEnum.INACTIVE); if (!updCredential) { return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, "No se pudo actualizar el estado de la credencial", null)); } // OK, return true/false UnregisterResponse response = new UnregisterResponse(); response.updated = DateTime.Now; return(functions.Response((int)CodeStatusEnum.OK, "OK", response)); } catch (Exception e) { logger.Fatal(e.Message); return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, e.Message, null)); } }
/// <summary> /// Authentication into user module. Will check if user exists or not /// </summary> /// <param name="obj">Request object</param> /// <returns>User object</returns> public ActionResponse LoginAction(LoginRequest obj) { ActionResponse output = new ActionResponse(); try { // STEP 0: Need to verify if product and channel exist or not ProductData prodData = new ProductData(); Product oProduct = prodData.GetProductById(obj.idProduct.Value); if (oProduct == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El producto no existe en el sistema", null)); } ChannelData channelData = new ChannelData(); Channel oChannel = channelData.GetChannelById(obj.idChannel.Value); if (oChannel == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "El canal no existe en el sistema", null)); } // STEP 1: Check if user identify already exists UserIdentifyData uiData = new UserIdentifyData(); UserIdentify ui = uiData.FindByIdChannelAndValue(obj.idChannel.Value, obj.value); if (ui.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "La identidad del usuario no existe en el sistema", null)); } // STEP 2: If pass is setted, we need to check credentials too CredentialData credData = new CredentialData(); string tmpPass = null; if (obj.password != null) { using (MD5 md5Hash = MD5.Create()) { tmpPass = functions.GetMd5Hash(md5Hash, obj.password); } } Credential cred = credData.FindByProductAndUserIdentifyAndPass(obj.idProduct.Value, ui.idUserIdentify.Value, tmpPass); if (cred.idCredential == null) { return(functions.Response((int)CodeStatusEnum.CONFLICT, "La contraseña no corresponde", null)); } switch (cred.idState.Value) { case (int)StateEnum.INACTIVE: return(functions.Response((int)CodeStatusEnum.CONFLICT, "La credencial del usuario se encuentra inactiva", null)); case (int)StateEnum.TEMPORAL_PASSWORD: return(functions.Response((int)CodeStatusEnum.CONFLICT, "No se puede acceder con una contraseña temporal. Por favor ejecutar servicio de actualización.", null)); case (int)StateEnum.TEMPORAL_PASSWORD_USED: return(functions.Response((int)CodeStatusEnum.CONFLICT, "La contraseña temporal ya no es válida.", null)); } // Get User ClienteData clientData = new ClienteData(); Cliente res = clientData.GetUserById(ui.id_cliente.Value); if (res.id_cliente == null) { return(functions.Response((int)CodeStatusEnum.NO_CONTENT, "No se ha podido encontrar el usuario relacionado a las credenciales proporcionadas", null)); } // OK (will return ID cliente generated -last insert-) LoginResponse response = new LoginResponse(); response.idClient = res.id_cliente.Value; return(functions.Response((int)CodeStatusEnum.OK, "OK", response)); } catch (Exception e) { logger.Fatal(e.Message); return(functions.Response((int)CodeStatusEnum.INTERNAL_ERROR, e.Message, null)); } }