public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
double timeDiff = 0;
tblBlockedIP tblBlockedIP = new tblBlockedIP();
var ip = HttpContext.Current.Request.GetOwinContext().Request.RemoteIpAddress;
tblBlockedIP = _commmonRepository.GetIps();
int IPBlockAttempt = Convert.ToInt32(ConfigurationManager.AppSettings["IPBlockAttempt"]);
int IPBlockedTime = Convert.ToInt32(ConfigurationManager.AppSettings["IPBlockedTime"]);
if (tblBlockedIP != null)
{
timeDiff = TimeDifferenceInMinutes(DateTime.Now, Convert.ToDateTime(tblBlockedIP.ModifiedOn));
}
if (timeDiff > IPBlockedTime)
{
_commmonRepository.DeleteUser(tblBlockedIP.BlockedIPID);
tblBlockedIP = null;
}
tblBlockedIP blockIP = new tblBlockedIP();
try
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
List <tblAppUser> userDetails = new List <tblAppUser>();
List <ValidateUserEntity> postValidateEntity = new List <ValidateUserEntity>();
if (context.ClientId == "MobileApp")
{
userDetails = _userRepository.GetUser(context.UserName, context.Password);
}
else
{
postValidateEntity = _userRepository.AuthenticateUser(context.UserName, context.Password);
}
// DevicesEntity userDetails = _userRepository.GetUserByPhoneNo(context.UserName);
if (userDetails.Count > 0 || postValidateEntity.Count > 0)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"userName", context.UserName
},
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
if (tblBlockedIP != null)
{
_commmonRepository.DeleteUser(tblBlockedIP.BlockedIPID);
//db.tblBlockedIPs.Remove(tblBlockedIP.ID);
//db.SaveChanges();
}
}
else
{
blockIP.IPAddress = ip;
if (tblBlockedIP == null)
{
blockIP.FailAttempts = 1;
blockIP.IPAddress = ip;
blockIP.ModifiedOn = DateTime.Now;
_commmonRepository.CreateFailureEntry(blockIP);
context.SetError("Invalid user or the user is not registered");
// throw new ApiDataException(1005, "Invalid user or the user is not registered", HttpStatusCode.InternalServerError);
// db.tblBlockedIPs.Add(blockIP);
}
else
{
if (tblBlockedIP.FailAttempts < IPBlockAttempt)
{
tblBlockedIP.FailAttempts = tblBlockedIP.FailAttempts + 1;
tblBlockedIP.BlockedIPID = tblBlockedIP.BlockedIPID;
tblBlockedIP.ModifiedOn = DateTime.Now;
// db.Entry(blockIP).State = EntityState.Modified;
_commmonRepository.UpdateFailureInfo(tblBlockedIP);
context.SetError("Invalid user or the user is not registered");
// throw new ApiDataException(1005, "Invalid user or the user is not registered", HttpStatusCode.InternalServerError);
}
else
{
context.SetError("Invalid user or the user is not registered");
// throw new ApiDataException(1005, "Invalid user or the user is not registered", HttpStatusCode.InternalServerError);
}
}
// db.SaveChanges();
//
}
}
catch (Exception ex)
{
context.SetError("Invalid user or the user is not registered");
//throw new ApiDataException(1004, "Invalid credentials", HttpStatusCode.InternalServerError);
}
}
