From cd969d4f25ef618a4c117d82e3f44c68b236e18f Mon Sep 17 00:00:00 2001 From: nikita Date: Fri, 22 Sep 2017 18:28:18 +0530 Subject: [PATCH] check licence if not user isActive --- 400-SOURCECODE/AIAHTML5.API/Controllers/AuthenticateController.cs | 311 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------------------------------------------------------------------------------------------------------------------------- 1 file changed, 158 insertions(+), 153 deletions(-) diff --git a/400-SOURCECODE/AIAHTML5.API/Controllers/AuthenticateController.cs b/400-SOURCECODE/AIAHTML5.API/Controllers/AuthenticateController.cs index 22ccb6d..8d7ba55 100644 --- a/400-SOURCECODE/AIAHTML5.API/Controllers/AuthenticateController.cs +++ b/400-SOURCECODE/AIAHTML5.API/Controllers/AuthenticateController.cs @@ -33,62 +33,57 @@ namespace AIAHTML5.API.Controllers ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); logger.Debug("inside POST"); - dynamic authenticationRepsonse; - DateTime blockTime; - bool isUserBlocked; + dynamic authenticationRepsonse; + DateTime blockTime; + bool isUserBlocked; - try - { + try + { //01.get the user detail to autheticate the user - User userInfo = AIAHTML5.API.Models.Users.getUserDetails(credentials); - - if (userInfo!= null) - { - // Check user is authenticated or not by login credential match - bool isUserAuthenticated = AIAHTML5.API.Models.Users.checkUserAuthenticity(credentials, userInfo); - - if (isUserAuthenticated) - { - - //01. assigning isCorrectPassword to true 'required for internal processing' - userInfo.IsCorrectPassword = true; - - //02. check if user is blocked - if(userInfo.IsActive){ - - isUserBlocked = AIAHTML5.API.Models.Users.checkUserBlockStatus(userInfo.Id, out blockTime); - - - if(!isUserBlocked) - { - //04.delete past wrong login attempts of user - int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id); - if (wrongAttemptDeteledCount < 0) - { - logger.Fatal("Unable to delete past wrong login attempts for userId= " + userInfo.Id); - } + User userInfo = AIAHTML5.API.Models.Users.getUserDetails(credentials); - //05. Now get the module list- for ADMIN (superadmin/ general admin) by default all module loads - GetModulesBasedOnUserType(userInfo); + if (userInfo != null) + { + // 02 Check user is authenticated or not by login credential match + bool isUserAuthenticated = AIAHTML5.API.Models.Users.checkUserAuthenticity(credentials, userInfo); - // authenticationRepsonse = JsonConvert.SerializeObject(userInfo); - } - - else + if (isUserAuthenticated) { - //compare block time of user with current time if user is blocked - DateTime blockDuration = blockTime.AddDays(1); - var difference = DateTime.Compare(DateTime.Now, blockDuration); - - //check if credentials are valid credentials - //bool isCorrectLoginId, isCorrectPassword; - //AIAHTML5.API.Models.Users.isCredentialCorrect(credentials, userInfo, out isCorrectLoginId, out isCorrectPassword); - - if (difference >= 0) + if (userInfo.IsActive) + { + //03. check if user is blocked + isUserBlocked = AIAHTML5.API.Models.Users.checkUserBlockStatus(userInfo.Id, out blockTime); + + if (!isUserBlocked) { - //means 24 hours block time is finished - userInfo.IsBlocked = false; + //04.delete past wrong login attempts of user + int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id); + if (wrongAttemptDeteledCount < 0) + { + logger.Fatal("Unable to delete past wrong login attempts for userId= " + userInfo.Id); + } + //05. + GetModulesBasedOnUserType(userInfo); + + // authenticationRepsonse = JsonConvert.SerializeObject(userInfo); + } + + else + { + + //compare block time of user with current time if user is blocked + DateTime blockDuration = blockTime.AddDays(1); + var difference = DateTime.Compare(DateTime.Now, blockDuration); + + //check if credentials are valid credentials + //bool isCorrectLoginId, isCorrectPassword; + //AIAHTML5.API.Models.Users.isCredentialCorrect(credentials, userInfo, out isCorrectLoginId, out isCorrectPassword); + + if (difference >= 0) + { + //means 24 hours block time is finished + userInfo.IsBlocked = false; int wrongAttemptDeteledCount = AIAHTML5.API.Models.Users.deletePastWrongAttempts(userInfo.Id); if (wrongAttemptDeteledCount < 0) @@ -98,70 +93,69 @@ namespace AIAHTML5.API.Controllers //05. Now get the module list- for ADMIN (superadmin/ general admin) by default all module loads GetModulesBasedOnUserType(userInfo); - - } - else{ - userInfo.IsBlocked = true; + + } + else + { + userInfo.IsBlocked = true; + } } - } - } - else - { - userInfo.LoginFailureCauseId = ErrorHelper.E_USER_NOT_ACTIVE; - } - } - - else - { + } + else + { + //CODE REVIW: validate that is this tarnslated by UI because we need to show message to user if he is inactive + userInfo.LoginFailureCauseId = ErrorHelper.E_USER_NOT_ACTIVE; + //05.4 check the License expiration irespective of either user is active + //or not because on AIA, we shows the License expiration message + //for inactive users too - //NIKITA. in this case user will come only when its is not authenticated and authenticity is checked based on userID and password - //and validating we have got record of user based on userd so this is the case when password is incorrect - userInfo.IsCorrectPassword = false; - if (userInfo.IsCorrectPassword == false) - { - // send message back to th UI that password is incorrect - // userInfo.IsCorrectPassword = false; + CheckLicenseStatus(userInfo); - //get wrong attempt count of user - int previousIncorrectLoginAttempts = AIAHTML5.API.Models.Users.checkNoOfWrongAttempts(userInfo.Id); - userInfo.IncorrectLoginAttemptCount = previousIncorrectLoginAttempts + 1; - userInfo.LoginFailureCauseId = ErrorHelper.E_PASSWORD_NOT_MATCH; + } + } + + else + { + //get wrong attempt count of user + int previousIncorrectLoginAttempts = AIAHTML5.API.Models.Users.checkNoOfWrongAttempts(userInfo.Id); + userInfo.IncorrectLoginAttemptCount = previousIncorrectLoginAttempts + 1; + userInfo.LoginFailureCauseId = ErrorHelper.E_PASSWORD_NOT_MATCH; - //01. insert wrong attempt in dtabase - int updateCount = AIAHTML5.API.Models.Users.saveWrongAttemptOfUser(userInfo.Id, previousIncorrectLoginAttempts); + //01. insert wrong attempt in dtabase + int updateCount = AIAHTML5.API.Models.Users.saveWrongAttemptOfUser(userInfo.Id, previousIncorrectLoginAttempts); - if (updateCount < 0) - { - //Put the log in log file - logger.Fatal("Unable to Update past wrong login attempts for userId= " + userInfo.Id); - } - //else - //{ - if (userInfo.IncorrectLoginAttemptCount > 4) - { - userInfo.IsBlocked = true; - userInfo.LoginFailureCauseId = ErrorHelper.E_USER_ID_BLOCKED_24_HRS; - } - //} - } + if (updateCount < 0) + { + //Put the log in log file + logger.Fatal("Unable to Update past wrong login attempts for userId= " + userInfo.Id); } - // unreachable code detected as license is null - //if (userInfo.License != null && !string.IsNullOrEmpty(userInfo.License.AccountNumber)) + //else //{ - // int result = AIAHTML5.API.Models.Users.insertUserLoginLog(userInfo.License.AccountNumber, userInfo.LoginFailureCauseId, null, userInfo.EditionId.ToString(), null); - // if (result < 0) - // logger.Fatal("Unable to insert wrong attempt detail in UserLoginLog table for accountNumber= " + userInfo.License.AccountNumber); + if (userInfo.IncorrectLoginAttemptCount > 4) + { + userInfo.IsBlocked = true; + userInfo.LoginFailureCauseId = ErrorHelper.E_USER_ID_BLOCKED_24_HRS; + } //} - authenticationRepsonse = JsonConvert.SerializeObject(userInfo); - //} - } - - else - { + } + // unreachable code detected as license is null + //if (userInfo.License != null && !string.IsNullOrEmpty(userInfo.License.AccountNumber)) + //{ + // int result = AIAHTML5.API.Models.Users.insertUserLoginLog(userInfo.License.AccountNumber, userInfo.LoginFailureCauseId, null, userInfo.EditionId.ToString(), null); + // if (result < 0) + // logger.Fatal("Unable to insert wrong attempt detail in UserLoginLog table for accountNumber= " + userInfo.License.AccountNumber); + //} + + authenticationRepsonse = JsonConvert.SerializeObject(userInfo); + //} + } + + else + { authenticationRepsonse = AIAConstants.USER_NOT_FOUND; - } + } } catch (Exception e) { @@ -190,74 +184,85 @@ namespace AIAHTML5.API.Controllers } else { - //05.1 For normal user need to get the license details, get the license id for authenticated user - int licenseId, editionId; - AIAHTML5.API.Models.Users.getLicenseIdForThisUser(userInfo.Id, out licenseId, out editionId); + CheckLicenseStatus(userInfo); - userInfo.LicenseId = licenseId; - userInfo.EditionId = editionId; + if(!userInfo.IsSubscriptionExpired){ + GetModulesBasedOnLicense(userInfo,false); + } + } + } - //05.2 Check user is active or not + private static void CheckLicenseStatus(User userInfo) + { + //05.1 For normal user need to get the license details, get the license id for authenticated user + int licenseId, editionId; + AIAHTML5.API.Models.Users.getLicenseIdForThisUser(userInfo.Id, out licenseId, out editionId); + userInfo.LicenseId = licenseId; + userInfo.EditionId = editionId; - //05.3 get license details - userInfo.LicenseInfo = AIAHTML5.API.Models.Users.getLicenseDetails(userInfo.LicenseId); + //05.2 get license details + userInfo.LicenseInfo = AIAHTML5.API.Models.Users.getLicenseDetails(userInfo.LicenseId); - // if (userInfo.LicenseInfo.Id > 0) - if (userInfo.LicenseInfo!= null) - { - //05.4 get licenseSubscription details - userInfo.LicenseSubscriptions = AIAHTML5.API.Models.Users.getLicenseSubscriptionDetails(userInfo.LicenseId); + if (userInfo.LicenseInfo != null) + { + //05.3 get licenseSubscription details + userInfo.LicenseSubscriptions = AIAHTML5.API.Models.Users.getLicenseSubscriptionDetails(userInfo.LicenseId); - //05.5 check the License expiration irespective of either user is active or not because on AIA - //we shows the License expiration message for inactive users too - string expirationDate = null; - bool isLicenseExpired = false; + //05.4 check the License expiration irespective of either user is active or not because on AIA + //we shows the License expiration message for inactive users too + string expirationDate = null; + bool isLicenseExpired = false; - if (userInfo.LicenseSubscriptions!= null) - { - isLicenseExpired = AIAHTML5.API.Models.Users.checkIfLicenseExpired(userInfo.LicenseSubscriptions, out expirationDate); - } + if (userInfo.LicenseSubscriptions != null) + { + isLicenseExpired = AIAHTML5.API.Models.Users.checkIfLicenseExpired(userInfo.LicenseSubscriptions, out expirationDate); + } + + if (isLicenseExpired) + { + userInfo.IsSubscriptionExpired = isLicenseExpired; + userInfo.SubscriptionExpirationDate = expirationDate; + } + } + + else + { + // Log The message that License Info Not found + } + } - // send message to the UI for license expiration - //05.6 Check for subscription Expiration [Promoted for case if license inactive along with subscription expired] - if (isLicenseExpired) + private static void GetModulesBasedOnLicense(User userInfo, bool isLicenseExpired) + { + + //05.6.1 + if (userInfo.LicenseInfo.IsActive) + { + if (!userInfo.LicenseInfo.IsTermAccepted) { - userInfo.IsSubscriptionExpired = isLicenseExpired; - userInfo.SubscriptionExpirationDate = expirationDate; + ArrayList termsList = AIAHTML5.API.Models.Users.getTermsAndConditions(); + foreach (Hashtable item in termsList) + { + userInfo.TermsAndConditionsTitle = item[AIAConstants.KEY_TITLE].ToString(); + userInfo.TermsAndConditionsText = item[AIAConstants.KEY_CONTENT].ToString(); + } } else { - //05.6.1 - if (userInfo.LicenseInfo.IsActive) - { - if (!userInfo.LicenseInfo.IsTermAccepted) - { - ArrayList termsList = AIAHTML5.API.Models.Users.getTermsAndConditions(); - foreach (Hashtable item in termsList) - { - userInfo.TermsAndConditionsTitle = item[AIAConstants.KEY_TITLE].ToString(); - userInfo.TermsAndConditionsText = item[AIAConstants.KEY_CONTENT].ToString(); - } - } - else - { - userInfo.Modules = AIAHTML5.API.Models.Users.getModuleListByLicenseId(userInfo.LicenseId); + userInfo.Modules = AIAHTML5.API.Models.Users.getModuleListByLicenseId(userInfo.LicenseId); - //Insert user login detail - AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id); - } - } - else - { - userInfo.LoginFailureCauseId = ErrorHelper.E_LICENCE_IS_INACTIVE; - - } + //Insert user login detail + AIAHTML5.API.Models.Users.insertLoginDetails(userInfo.Id); } } + else + { + userInfo.LoginFailureCauseId = ErrorHelper.E_LICENCE_IS_INACTIVE; + + } } } - + // PUT api/authenticate/5 public void Put(int id, [FromBody]string value) -- libgit2 0.21.4