示例#1
0
        public IHttpActionResult PuttUsersErrLog(int id, tUsersErrLog tUsersErrLog)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            if (id != tUsersErrLog.Id)
            {
                return(BadRequest());
            }

            db.Entry(tUsersErrLog).State = EntityState.Modified;

            try
            {
                db.SaveChanges();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!tUsersErrLogExists(id))
                {
                    return(NotFound());
                }
                else
                {
                    throw;
                }
            }

            return(StatusCode(HttpStatusCode.NoContent));
        }
示例#2
0
        public IHttpActionResult GettUsersErrLog(int id)
        {
            tUsersErrLog tUsersErrLog = db.tUsersErrLogs.Find(id);

            if (tUsersErrLog == null)
            {
                return(NotFound());
            }

            return(Ok(tUsersErrLog));
        }
示例#3
0
        public IHttpActionResult PosttUsersErrLog(tUsersErrLog tUsersErrLog)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            db.tUsersErrLogs.Add(tUsersErrLog);
            db.SaveChanges();

            return(CreatedAtRoute("DefaultApi", new { id = tUsersErrLog.Id }, tUsersErrLog));
        }
示例#4
0
        public IHttpActionResult DeletetUsersErrLog(int id)
        {
            tUsersErrLog tUsersErrLog = db.tUsersErrLogs.Find(id);

            if (tUsersErrLog == null)
            {
                return(NotFound());
            }

            db.tUsersErrLogs.Remove(tUsersErrLog);
            db.SaveChanges();

            return(Ok(tUsersErrLog));
        }
        public IHttpActionResult GetLogin(LoginModel model)
        {
            try
            {
                tUser tUser = db.tUsers
                              .Include("tSalt")
                              //.Include("tUserLoginAuths")
                              .SingleOrDefault(x => x.Email == model.Username &&
                                               x.AccountStatusID == 1);

                if (tUser == null)
                {
                    throw new UserInvalidLoginException(AuditLogging.ErrMsg_Invalid_Username);
                    //return NotFound();
                }

                if (model.Password != null)
                {
                    PasswordStorage oPassUtil = new PasswordStorage();
                    oPassUtil.Hashstring = tUser.PasswordHash;
                    oPassUtil.Saltstring = tUser.tSalt.Salt;
                    if (!oPassUtil.VerifyPassword(model.Password))
                    {
                        throw new UserInvalidLoginException(AuditLogging.ErrMsg_Invalid_Password, tUser.ID);
                        //return Unauthorized();
                    }
                }


                tUserLoginAuth userLoginAuth = db.tUserLoginAuths.FirstOrDefault(x => x.UserID == tUser.ID && x.ExpirationDate > DateTime.Now);
                if (userLoginAuth != null)
                {
                    //return existing auth
                    return(Ok(userLoginAuth));
                }
                else
                {
                    //Insert new auth into LoginAuth
                    userLoginAuth        = new tUserLoginAuth();
                    userLoginAuth.UserID = tUser.ID;
                    userLoginAuth.tUser  = tUser;

                    db.tUserLoginAuths.Add(userLoginAuth);
                }

                //Insert Audit Log
                tUsersAudit userAuditLog = new tUsersAudit();
                userAuditLog.ApplicationID = (int)AuditLogging.enumApplication.SFCWebSite;
                userAuditLog.EventID       = (int)AuditLogging.enumEvent.Security_Login_Success;
                userAuditLog.UserID        = tUser.ID;
                userAuditLog.Description   = AuditLogging.const_Successful_Login + " from IP Address: " + model.IpAddress;
                userAuditLog.TypeID        = 7;//Login

                db.tUsersAudits.Add(userAuditLog);

                //Commit All
                db.SaveChanges();

                return(Ok(userLoginAuth));
            }
            catch (UserInvalidLoginException exLogin)
            {
                if (exLogin.Message == AuditLogging.ErrMsg_Invalid_Username)
                {
                    //Insert Error Log for bad username
                    string sTrace = "UserName: "******"| IP Address: " + model.IpAddress;

                    tUsersErrLog userErrorLog = new tUsersErrLog();

                    userErrorLog.ErrTypeID   = (int)ErrorLogging.enumErrorType.Security;
                    userErrorLog.ErrSourceID = (int)AuditLogging.enumApplication.SFCWebSite;
                    userErrorLog.Description = exLogin.Message;
                    userErrorLog.Trace       = sTrace;


                    db.tUsersErrLogs.Add(userErrorLog);
                    db.SaveChanges();

                    return(NotFound());
                }
                else if (exLogin.Message == AuditLogging.ErrMsg_Invalid_Password)
                {
                    //Insert Audit Log for bad password
                    tUsersAudit userAuditLog = new tUsersAudit();
                    userAuditLog.ApplicationID = (int)AuditLogging.enumApplication.SFCWebSite;
                    userAuditLog.EventID       = (int)AuditLogging.enumEvent.Security_Login_Failed;
                    userAuditLog.UserID        = exLogin.UserID;
                    userAuditLog.Description   = exLogin.Message + " from IP Address: " + model.IpAddress;
                    userAuditLog.TypeID        = 12;//LoginErr

                    db.tUsersAudits.Add(userAuditLog);
                    db.SaveChanges();

                    return(Unauthorized());
                }
            }
            catch (Exception ex)
            {
                //Insert Error Log
                tUsersErrLog userErrorLog = new tUsersErrLog();

                userErrorLog.ErrTypeID   = (int)ErrorLogging.enumErrorType.Application;
                userErrorLog.ErrSourceID = (int)AuditLogging.enumApplication.SFCBAL;
                userErrorLog.Code        = ex.HResult.ToString();
                userErrorLog.Description = ex.Message;
                userErrorLog.Trace       = ex.StackTrace;

                db.tUsersErrLogs.Add(userErrorLog);
                db.SaveChanges();

                string ErrMsg = "An error occured and we have logged the error. Please try again later.";

                Exception Err = new Exception(ErrMsg, ex);

                return(InternalServerError(Err));
            }

            return(Ok());
        }
        public async Task <IHttpActionResult> RegisterUser(tUser tUser)
        {
            //tUser user = await db.tUsers.FirstAsync(x => x.Email == tUser.Email);

            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            //var user = db.tUsers.FirstOrDefault(x => x.Email == tUser.Email);
            //if (user != null)
            //{
            //    return Conflict();
            //}

            try
            {
                tUser.ExternalID      = Guid.NewGuid();
                tUser.CreateDateTime  = DateTime.Now;
                tUser.AccountStatusID = 1;
                //tUser.PHSaltID = 1;

                if (tUser.PasswordHash != null)
                {
                    PasswordStorage oPassUtil = new PasswordStorage();
                    //oPassUtil.Hashstring = ;
                    oPassUtil.CreateHash(tUser.PasswordHash);
                    //oPassUtil.VerifyPassword
                    tUser.PasswordHash = oPassUtil.Hashstring;

                    tSalt salt = new tSalt();
                    salt.Salt = oPassUtil.Saltstring;

                    SaltsController sl = new SaltsController();
                    tUser.tSalt = await sl.PosttSalt(salt);

                    tUser.PHSaltID = tUser.tSalt.Id;
                }

                db.tUsers.Add(tUser);
                db.SaveChanges();

                //post new userid to other dbs
                UserData.UserIDsController userIds = new UserData.UserIDsController();
                tUserID userID = new tUserID();
                userID.UserID = tUser.ID;

                await userIds.PosttUserID(userID);

                WebApp.UserIDsController webUsers = new WebApp.UserIDsController();
                await webUsers.PosttUserID(userID);

                //Add default consent to new user's share settings
                tUserSHARESetting            userSHARESetting = new tUserSHARESetting();
                tXrefUserSHARESettingsPurpos userXrefSHARE    = new tXrefUserSHARESettingsPurpos();
                userSHARESetting.AllData        = true;
                userSHARESetting.UserID         = tUser.ID;
                userSHARESetting.SHARESettingID = 1; //allow
                userSHARESetting.SystemStatusID = 1; //valid
                userXrefSHARE.SHARESettingID    = userSHARESetting.ID;
                userXrefSHARE.SHAREPurposeID    = 2; //Research only, any available
                userSHARESetting.tXrefUserSHARESettingsPurposes.Add(userXrefSHARE);

                UserData.UserSHARESettingsController shareController = new UserData.UserSHARESettingsController();
                await shareController.PosttUserSHARESetting(userSHARESetting);

                //return CreatedAtRoute("UsersAPI", new { id = tUser.ID }, tUser);
                return(Ok(tUser));
            }
            catch (Exception ex)
            {
                //Insert Error Log
                tUsersErrLog userErrorLog = new tUsersErrLog();

                userErrorLog.ErrTypeID   = (int)ErrorLogging.enumErrorType.Application;
                userErrorLog.ErrSourceID = (int)AuditLogging.enumApplication.SFCBAL;
                userErrorLog.Code        = ex.HResult.ToString();
                userErrorLog.Description = ex.Message;
                userErrorLog.Trace       = ex.StackTrace;

                db.tUsersErrLogs.Add(userErrorLog);
                db.SaveChanges();

                string ErrMsg = "An error occured and we have logged the error. Please try again later.";

                Exception Err = new Exception(ErrMsg, ex);

                return(InternalServerError(Err));
            }
        }