public bool UpdateBlackUser(FailedLoginAttempt blackUser)
{
_failedLoginAttemptsDAO.Update(blackUser);
FailedLoginAttempt blackUserForChecking = _failedLoginAttemptsDAO.Get(blackUser.ID);
bool isUpdated = Statics.BulletprofComparsion(blackUserForChecking, blackUser);
return(isUpdated);
}
public IHttpActionResult Authenticate([FromBody] JObject credentials)
{
if (credentials == null)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.UnsupportedMediaType, $"Sorry, but your credentials came in unsupported format.")));
}
Dictionary <string, object> credentialsData = _jsonToDictionaryConverter.ProvideAPIDataFromJSON(credentials);
string username = string.Empty;
string password = string.Empty;
foreach (var s in credentialsData)
{
if (s.Key.Contains("username"))
{
username = s.Value.ToString();
}
if (s.Key.Contains("password"))
{
password = s.Value.ToString();
}
}
var loginResponse = new LoginResponseVM();
bool isUsernamePasswordValid = _userValidator.ValidateUser(username, password, out Utility_class_User validatedUserModel);
//if credentials are invalid
if (!isUsernamePasswordValid)
{
FailedAttemptsFacade failedFacade = FlyingCenterSystem.GetInstance().getFacede <FailedAttemptsFacade>();
FailedLoginAttempt attemptByPassword = failedFacade.GetByPassword(password);
FailedLoginAttempt attempByUsername = failedFacade.GetByUserName(username);
bool attemptsComparsion = Statics.BulletprofComparsion(attemptByPassword, attempByUsername);
if (!attemptsComparsion)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Your username or password is incorrect, also there is no consistency between them! Acsess denied.")));
}
long failedAttemptNum = 0;
long failedAttemptNumToDisplay = 1;
bool isTheAttemptIsFirts = attemptByPassword.Equals(new FailedLoginAttempt());
if (isTheAttemptIsFirts)
{
failedFacade.AddBlackUser(new FailedLoginAttempt(username, password, 2, DateTime.Now));
}
else
{
//long.TryParse(ConfigurationManager.AppSettings["Permitted_Login_Attempts_Num"], out long permittedLOginAttempts);
if (attemptByPassword.FAILED_ATTEMPTS_NUM <= 3)
{
failedAttemptNum = attemptByPassword.FAILED_ATTEMPTS_NUM;
failedAttemptNumToDisplay = failedAttemptNum;
failedAttemptNum++;
attemptByPassword.FAILED_ATTEMPTS_NUM = failedAttemptNum;
bool isUpdated = failedFacade.UpdateBlackUser(attemptByPassword);
}
else
{
if (DateTime.Now.AddDays(-1) < attemptByPassword.FAILURE_TIME)
{
TimeSpan timeRemainder = new TimeSpan(24, 0, 0) - DateTime.Now.Subtract(attemptByPassword.FAILURE_TIME);
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, $"Sorry, but the system didn't regocnyzed you as registered user. Your accsess is denied. You're had tried to aouthorize more tham 3 times. Wait {timeRemainder.Hours} hours and {timeRemainder.Minutes} minutes until new attempt!")));
}
else
{
failedAttemptNum = 1;
attemptByPassword.FAILED_ATTEMPTS_NUM = failedAttemptNum;
attemptByPassword.FAILURE_TIME = DateTime.Now;
bool updated = failedFacade.UpdateBlackUser(attemptByPassword);
}
}
}
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, $"Sorry, but the system didn't regocnyzed you as registered user. Your accsess is denied. You're had tried to aouthorize {failedAttemptNumToDisplay} times.")));
}
//if credentials are valid
if (isUsernamePasswordValid)
{
var token = _jwtService.CreateToken(validatedUserModel);
return(Ok(token));
}
//if credentials are nt valid send unathorized status code in response
loginResponse.responseMsg.StatusCode = HttpStatusCode.Unauthorized;
IHttpActionResult response = ResponseMessage(loginResponse.responseMsg);
return(response);
}
public bool AddBlackUser(FailedLoginAttempt blackUser)
{
_failedLoginAttemptsDAO.Add(blackUser);
return(IsSomethingExists(blackUser));
}
