diff --git a/400-SOURCECODE/AIAHTML5.API/Controllers/AuthController.cs b/400-SOURCECODE/AIAHTML5.API/Controllers/AuthController.cs
new file mode 100644
index 0000000..41ee501
--- /dev/null
+++ b/400-SOURCECODE/AIAHTML5.API/Controllers/AuthController.cs
@@ -0,0 +1,377 @@
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Web.Http;
+using log4net;
+using AIAHTML5.API.Constants;
+using AIAHTML5.API.Models;
+using System.Collections;
+
+namespace AIAHTML5.API.Controllers
+{
+ public class AuthenticateController : ApiController
+ {
+ // GET api/authenticate
+ public IEnumerable Get()
+ {
+ return new string[] { "value1", "value2" };
+ }
+
+ // GET api/authenticate/5
+ public string Get(int id)
+ {
+ return "value";
+ }
+
+ // POST api/authenticate
+ public HttpResponseMessage Post([FromBody]JObject credentials)
+ {
+ ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType));
+ logger.Debug("inside POST");
+
+ dynamic authenticationRepsonse;
+
+ try
+ {
+
+ //01.get the user detail for autheticate user
+ User userInfo = AIAHTML5.API.Models.Users.getUserDetails(credentials);
+
+ if (userInfo.Id > 0)
+ {
+ // Check user is authenticated or not by login credential macth
+ bool isUserAuthenticated = AIAHTML5.API.Models.Users.IsUserAuthenticated(credentials, userInfo);
+
+ // check if user is blocked
+ DateTime blockTime;
+ bool isUserBlocked = AIAHTML5.API.Models.Users.isUserBlocked(userInfo.Id, out blockTime);
+
+ if (isUserAuthenticated && !isUserBlocked)
+ {
+ //01. Get User details
+ //userInfo = AIAHTML5.API.Models.Users.getUserDetails(credentials);
+
+ //02. assigning isCorrectPassword to true 'required for internal processing'
+ userInfo.IsCorrectPassword = true;
+
+ //04.delete past wrong login attempts of user
+ int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id);
+ if (wrongAttemptDeteledCount < 0)
+ {
+ logger.Fatal("Unable to delete past wrong login attempts for userId= " + userInfo.Id);
+ }
+
+ //05. Now get the module list- for ADMIN (superadmin/ general admin) by default all module loads
+ if (userInfo.UserType == AIAHTML5.API.Models.User.SUPER_ADMIN || userInfo.UserType == AIAHTML5.API.Models.User.GENERAL_ADMIN)
+ {
+ userInfo.Modules = AIAHTML5.API.Models.Users.getAllModulesList();
+
+ //Insert user login detail
+ AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id);
+ }
+ else
+ {
+ //05.1 For normal user need to get the license details, get the license id for authenticated user
+ int licenseId, editionId;
+ AIAHTML5.API.Models.Users.getLicenseIdForThisUser(userInfo.Id, out licenseId, out editionId);
+
+ userInfo.LicenseId = licenseId;
+ userInfo.EditionId = editionId;
+
+ //05.2 Check user is active or not
+
+
+ //05.3 get license details
+ userInfo.LicenseInfo = AIAHTML5.API.Models.Users.getLicenseDetails(userInfo.LicenseId);
+
+ if (userInfo.LicenseInfo.Id > 0)
+ {
+ //05.4 get licenseSubscription details
+ userInfo.LicenseSubscriptions = AIAHTML5.API.Models.Users.getLicenseSubscriptionDetails(userInfo.LicenseId);
+
+ //05.5 check the License expiration irespective of either user is active or not because on AIA
+ //we shows the License expiration message for inactive users too
+ string expirationDate = null;
+ bool isLicenseExpired = false;
+
+ if (userInfo.LicenseSubscriptions.Id > 0)
+ {
+ isLicenseExpired = AIAHTML5.API.Models.Users.checkIfLicenseExpired(userInfo.LicenseSubscriptions, out expirationDate);
+ }
+
+ // send message to the UI for license expiration
+ //05.6 Check for subscription Expiration [Promoted for case if license inactive along with subscription expired]
+ if (isLicenseExpired)
+ {
+ userInfo.IsSubscriptionExpired = isLicenseExpired;
+ userInfo.SubscriptionExpirationDate = expirationDate;
+ }
+ else
+ {
+ //05.6.1
+ if (userInfo.LicenseInfo.IsActive)
+ {
+ if (!userInfo.LicenseInfo.IsTermAccepted)
+ {
+ ArrayList termsList = AIAHTML5.API.Models.Users.getTermsOfServiceText();
+ foreach (Hashtable item in termsList)
+ {
+ userInfo.TermsOfServiceTitle = item[AIAConstants.KEY_TITLE].ToString();
+ userInfo.TermsOfServiceText = item[AIAConstants.KEY_CONTENT].ToString();
+ }
+ }
+ else
+ {
+ userInfo.Modules = AIAHTML5.API.Models.Users.getModuleListByLicenseId(userInfo.LicenseId);
+
+ //Insert user login detail
+ AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id);
+ }
+ }
+ else
+ {
+ //05.6.1.1
+ // return message of license inactive
+ // property value assigned. Separate return statement not required
+
+ }
+ }
+ }
+ }
+
+ authenticationRepsonse = JsonConvert.SerializeObject(userInfo);
+ }
+ else
+ {
+ //compare block time of user with current time if user is blocked
+ DateTime blockDuration = blockTime.AddDays(1);
+ var difference = DateTime.Compare(DateTime.Now, blockDuration);
+
+ //check if credentials are valid credentials
+ bool isCorrectLoginId, isCorrectPassword;
+ AIAHTML5.API.Models.Users.isCredentialCorrect(credentials, userInfo, out isCorrectLoginId, out isCorrectPassword);
+
+ if (isUserBlocked)
+ {
+ if (difference >= 0)
+ {
+ if (isCorrectPassword)
+ {
+ userInfo.IsBlocked = false;
+ userInfo.IsCorrectPassword = true;
+
+ int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id);
+ if (wrongAttemptDeteledCount < 0)
+ {
+ logger.Fatal("Unable to delete past wrong login attempts for userId= " + userInfo.Id);
+ }
+
+ //05. Now get the module list- for ADMIN (superadmin/ general admin) by default all module loads
+
+ if (userInfo.UserType == AIAHTML5.API.Models.User.SUPER_ADMIN || userInfo.UserType == AIAHTML5.API.Models.User.GENERAL_ADMIN)
+ {
+ userInfo.Modules = AIAHTML5.API.Models.Users.getAllModulesList();
+
+ //Insert user login detail
+ AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id);
+ }
+ else
+ {
+ //05.1 For normal user need to get the license details, get the license id for aUTHENTICATED USER
+ int licenseId, editionId;
+ AIAHTML5.API.Models.Users.getLicenseIdForThisUser(userInfo.Id, out licenseId, out editionId);
+
+ userInfo.LicenseId = licenseId;
+ userInfo.EditionId = editionId;
+
+ //05.2 Check user is active or not
+
+
+ //05.3 get license/ licenseSubscription details
+ userInfo.LicenseInfo = AIAHTML5.API.Models.Users.getLicenseDetails(userInfo.LicenseId);
+
+ if (userInfo.LicenseInfo.Id > 0)
+ {
+ //05.4
+ userInfo.LicenseSubscriptions = AIAHTML5.API.Models.Users.getLicenseSubscriptionDetails(userInfo.LicenseId);
+
+ //05.5 check the License expiration irespective of either user is active or not because on AIA
+ //we shows the License expiration message for inactive users too
+ string expirationDate = null;
+ bool isLicenseExpired = false;
+
+ if (userInfo.LicenseSubscriptions.Id > 0)
+ {
+ isLicenseExpired = AIAHTML5.API.Models.Users.checkIfLicenseExpired(userInfo.LicenseSubscriptions, out expirationDate);
+ }
+ // send message to the UI for license expiration
+ //05.6 Check for subscription Expiration [Promoted for case if license inactive along with subscription expired]
+ if (isLicenseExpired)
+ {
+ userInfo.IsSubscriptionExpired = isLicenseExpired;
+ userInfo.SubscriptionExpirationDate = expirationDate;
+ }
+ else
+ {
+ //05.6.1
+ if (userInfo.LicenseInfo.IsActive)
+ {
+ if (!userInfo.LicenseInfo.IsTermAccepted)
+ {
+ ArrayList termsList = AIAHTML5.API.Models.Users.getTermsOfServiceText();
+ foreach (Hashtable item in termsList)
+ {
+ userInfo.TermsOfServiceTitle = item[AIAConstants.KEY_TITLE].ToString();
+ userInfo.TermsOfServiceText = item[AIAConstants.KEY_CONTENT].ToString();
+ }
+ }
+ else
+ {
+ userInfo.Modules = AIAHTML5.API.Models.Users.getModuleListByLicenseId(userInfo.LicenseId);
+
+ //Insert user login detail
+ AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id);
+ }
+ }
+ else
+ {
+ //05.6.1.1
+ // return message of license inactive
+ // property value assigned. Separate return statement not required
+
+ }
+ }
+ }
+ }
+ }
+ else
+ {
+ int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id);
+ if (wrongAttemptDeteledCount < 0)
+ {
+ logger.Fatal("Unable to delete past wrong login attempts for userId= " + userInfo.Id);
+ }
+
+ // send message back to th UI that password is incorrect
+ userInfo.IsCorrectPassword = false;
+
+ //get wrong attempt count of user
+ userInfo.IncorrectLoginAttemptCount = AIAHTML5.API.Models.Users.checkNoOfWrongAttempts(userInfo.Id) + 1;
+ userInfo.LoginFailureCauseId = ErrorHelper.E_PASSWORD_NOT_MATCH;
+
+ //01. insert wrong attempt in dtabase
+ int updateCount = AIAHTML5.API.Models.Users.saveWrongAttemptofUser(userInfo.Id);
+
+ if (updateCount < 0)
+ {
+ //Put the log in log file
+ logger.Fatal("Unable to Update past wrong login attempts for userId= " + userInfo.Id);
+ }
+ else
+ {
+ if (userInfo.IncorrectLoginAttemptCount > 4)
+ {
+ userInfo.IsBlocked = true;
+ userInfo.LoginFailureCauseId = ErrorHelper.E_USER_ID_BLOCKED_24_HRS;
+ }
+ }
+
+ }
+
+ }
+ else
+ {
+ userInfo.IsBlocked = true;
+ }
+ }
+
+ else
+ {
+
+ //bool isCorrectLoginId, isCorrectPassword;
+ //AIAHTML5.API.Models.Users.isCredentialCorrect(credentials, out isCorrectLoginId, out isCorrectPassword);
+
+ //below code commented as way of retrieving data changed 'very first line in this method'
+ //if (!isCorrectLoginId)
+ //{
+ // // send message back to th UI that login id is incorrect
+ // authenticationRepsonse = AIAConstants.USER_NOT_FOUND;
+ //}
+ //else
+ //{
+ if (!isCorrectPassword)
+ {
+ // send message back to th UI that password is incorrect
+ userInfo.IsCorrectPassword = false;
+
+ //get wrong attempt count of user
+ userInfo.IncorrectLoginAttemptCount = AIAHTML5.API.Models.Users.checkNoOfWrongAttempts(userInfo.Id) + 1;
+ userInfo.LoginFailureCauseId = ErrorHelper.E_PASSWORD_NOT_MATCH;
+
+ //01. insert wrong attempt in dtabase
+ int updateCount = AIAHTML5.API.Models.Users.saveWrongAttemptofUser(userInfo.Id);
+
+ if (updateCount < 0)
+ {
+ //Put the log in log file
+ logger.Fatal("Unable to Update past wrong login attempts for userId= " + userInfo.Id);
+ }
+ else
+ {
+ if (userInfo.IncorrectLoginAttemptCount > 4)
+ {
+ userInfo.IsBlocked = true;
+ userInfo.LoginFailureCauseId = ErrorHelper.E_USER_ID_BLOCKED_24_HRS;
+ }
+ }
+ }
+ }
+ // unreachable code detected as license is null
+ //if (userInfo.License != null && !string.IsNullOrEmpty(userInfo.License.AccountNumber))
+ //{
+ // int result = AIAHTML5.API.Models.Users.insertUserLoginLog(userInfo.License.AccountNumber, userInfo.LoginFailureCauseId, null, userInfo.EditionId.ToString(), null);
+ // if (result < 0)
+ // logger.Fatal("Unable to insert wrong attempt detail in UserLoginLog table for accountNumber= " + userInfo.License.AccountNumber);
+ //}
+
+ authenticationRepsonse = JsonConvert.SerializeObject(userInfo);
+ //}
+ }
+ }
+ else
+ {
+ authenticationRepsonse = AIAConstants.USER_NOT_FOUND;
+ }
+ }
+ catch (Exception e)
+ {
+
+ logger.Fatal("Exception occured for loginId =" + credentials["username"].ToString() + " and password= " + credentials["password"].ToString() + "Exception= " + e.Message + ", STACKTRACE: " + e.StackTrace);
+
+ ArrayList supportMailList = UserUtility.GetSupportMailList();
+ string mailSubject = "SQL Exception intimation mail";
+ string mailBody = "MESSAGE: " + e.Message + ", STACKTRACE: " + e.StackTrace;
+ UserUtility.SendEmail(credentials, supportMailList, "", mailSubject, mailBody);
+
+ authenticationRepsonse = AIAConstants.SQL_CONNECTION_ERROR;
+ }
+
+ return new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(authenticationRepsonse) };
+ }
+
+
+ // PUT api/authenticate/5
+ public void Put(int id, [FromBody]string value)
+ {
+ }
+
+ // DELETE api/authenticate/5
+ public void Delete(int id)
+ {
+ }
+ }
+}
\ No newline at end of file