using Business.Authentication; using Business.KftcPasswordRule; using Business.Mobile; using Common; using Common.Helper; using Common.Language; using Common.Model; using Common.Model.Config; using JsonRx.AuthFilter; using JsonRx.Helper; using log4net; using Newtonsoft.Json; using PushNotification; using System; using System.Collections.Generic; using System.Linq; using System.Net; using System.Runtime.Remoting.Messaging; using System.Threading.Tasks; using System.Web.Http; using System.Web.Http.ModelBinding; namespace JsonRx.Api { ///

///

[RoutePrefix("api/v1")] public class AuthController : ApiController { private readonly IMobileServices _requestServices; private readonly IAuthenticationBusiness _authenticationBusiness; private static readonly ILog Log = LogManager.GetLogger(typeof(AuthController)); ///

///

public AuthController() { } ///

///

/// /// public AuthController(IMobileServices requestServices, IAuthenticationBusiness authenticationBusiness) { _requestServices = requestServices; _authenticationBusiness = authenticationBusiness; } ///

/// Login to GME mobile application. It uses basic authentication. During login, it checks /// both the first time login and verification code validity/expiry. ///

/// /// [HttpPost] [ApplicationLevelAuthentication] [Route("users/access-code")] public IHttpActionResult LoginToSystem(LoginCredential login) { LogicalThreadContext.Properties[LoggerProperty.PROCESSID] = Guid.NewGuid(); LogicalThreadContext.Properties[LoggerProperty.CREATEDBY] = login.userId; LogicalThreadContext.Properties[LoggerProperty.METHODNAME] = "LoginToSystem"; LogicalThreadContext.Properties[LoggerProperty.IPADDRESS] = Request.GetClientIpAddress(); Log.Debug("LoginToSystem | REQUEST : " + JsonConvert.SerializeObject(login)); var error = new { error = "BadRequest", message = "BadRequest", details = "" }; if (login != null) { login.uuid = Util.GetUuid(Request); login.clientId = Util.GetClientId(Request); } ModelState.Clear(); if (!login.IsBiometricLogin && String.IsNullOrWhiteSpace(login.password)) { return Content(HttpStatusCode.OK, new JsonRxResponse { ErrorCode = "1", Msg = "Password is missing." }); } if (login.IsBiometricLogin && String.IsNullOrWhiteSpace(login.accessCode)) { return Content(HttpStatusCode.OK, new JsonRxResponse { ErrorCode = "1", Msg = "Accesscode is missing." }); } if (ModelState.IsValid) { string guidCode = Guid.NewGuid().ToString(); login.AccessGuid = guidCode; login.DeviceType = Util.GetDeviceType(Request); var response = _authenticationBusiness.LoginSystem(login); if (response != null && response.ErrorCode.Equals("0")) { JwtTokenizer tokenizer = new JwtTokenizer(login.userId.Trim(), guidCode, response.senderId, login.fcmId, login.DeviceType); response.accessCode = tokenizer.CreateToken(); return Ok(new JsonRxResponse { ErrorCode = "0", Msg = response.Msg, Data = response }); } else { return Content(HttpStatusCode.OK, new JsonRxResponse { ErrorCode = "1", Msg = response.Msg }); } } return Content(HttpStatusCode.OK, new JsonRxResponse { ErrorCode = "1", Msg = "Login failed. Please try again." }); } ///

///

/// /// [HttpPost] // [ApplicationLevelAuthentication] [Route("mobile/passwordReset")] public IHttpActionResult ResetPassword(PasswordReset pwdReset) { var processid = Guid.NewGuid().ToString(); LogicalThreadContext.Properties[LoggerProperty.PROCESSID] = processid; LogicalThreadContext.Properties[LoggerProperty.CREATEDBY] = pwdReset.Username; LogicalThreadContext.Properties[LoggerProperty.METHODNAME] = "ResetPassword"; Log.Debug("ResetPassword | REQUEST : " + JsonConvert.SerializeObject(pwdReset)); if (ModelState.IsValid) { var resetPwdResponse = _requestServices.ResetPassword(pwdReset, processid); return Ok(resetPwdResponse); } return ModelValidationError(ModelState); } [HttpPost] [ApplicationLevelAuthentication] [Route("mobile/CheckInfoAgree/{username}")] public IHttpActionResult CheckInfoAgree(String username) { LogicalThreadContext.Properties[LoggerProperty.PROCESSID] = Guid.NewGuid(); LogicalThreadContext.Properties[LoggerProperty.CREATEDBY] = username; LogicalThreadContext.Properties[LoggerProperty.METHODNAME] = "CheckInfoAgree"; Log.Debug("CheckInfoAgree | REQUEST : " + username); var agreeRes = _requestServices.CheckInfoAgree(username); return Ok(agreeRes); } ///

///

/// /// [HttpPost] [TokenAuthentication] [Route("mobile/ChangePassword")] public IHttpActionResult ChangePassword(ChangePassword changePwd) { var lang = Convert.ToString(CallContext.GetData(Constants.Language)); LogicalThreadContext.Properties[LoggerProperty.PROCESSID] = Guid.NewGuid(); LogicalThreadContext.Properties[LoggerProperty.CREATEDBY] = changePwd.UserId; LogicalThreadContext.Properties[LoggerProperty.METHODNAME] = "ChangePassword"; Log.DebugFormat("ChangePassword | LANG {0} | REQUEST {1} ", lang, JsonConvert.SerializeObject(changePwd)); JsonRxResponse changePwdResponse = new JsonRxResponse(); if (changePwd == null) { changePwd = new ChangePassword(); } /* 가상키패드 복호화 */ //changePwd.OldPassword = StringExtension.ToVirtualKeyDecryptString(changePwd.OldPassword); changePwd.OldPassword = changePwd.OldPassword; //changePwd.NewPassword = StringExtension.ToVirtualKeyDecryptString(changePwd.NewPassword); changePwd.NewPassword = changePwd.NewPassword; //changePwd.ConfirmPassword = StringExtension.ToVirtualKeyDecryptString(changePwd.ConfirmPassword); changePwd.ConfirmPassword = changePwd.ConfirmPassword; string enumString = string.Empty; if (string.IsNullOrEmpty(changePwd.UserId)) { //changePwdResponse.ErrorCode = "1"; //changePwdResponse.Msg = "UserId is missing."; enumString = RESPONSE_MSG.CHANGE_PASSWORD_FAIL_3.ToString(); var map = Utilities.GetLanguageMapping(enumString, lang); changePwdResponse.SetResponse("1", map.Message); return Ok(changePwdResponse); } else if (string.IsNullOrEmpty(changePwd.OldPassword)) { //changePwdResponse.ErrorCode = "1"; //changePwdResponse.Msg = "OldPassword is missing."; enumString = RESPONSE_MSG.CHANGE_PASSWORD_FAIL_4.ToString(); var map = Utilities.GetLanguageMapping(enumString, lang); changePwdResponse.SetResponse("1", map.Message); return Ok(changePwdResponse); } else if (string.IsNullOrEmpty(changePwd.NewPassword)) { //changePwdResponse.ErrorCode = "1"; //changePwdResponse.Msg = "NewPassword is missing."; enumString = RESPONSE_MSG.CHANGE_PASSWORD_FAIL_5.ToString(); var map = Utilities.GetLanguageMapping(enumString, lang); changePwdResponse.SetResponse("1", map.Message); return Ok(changePwdResponse); } else if (!String.Equals(changePwd.NewPassword, changePwd.ConfirmPassword, StringComparison.CurrentCulture)) { //changePwdResponse.ErrorCode = "1"; //changePwdResponse.Msg = "Password does not match with confirm password."; enumString = RESPONSE_MSG.CHANGE_PASSWORD_FAIL_6.ToString(); var map = Utilities.GetLanguageMapping(enumString, lang); changePwdResponse.SetResponse("1", map.Message); return Ok(changePwdResponse); } if (changePwd.NewPassword.Length < 6) { //changePwdResponse.ErrorCode = "1"; //changePwdResponse.Msg = "Password cannot be less than 6 characters"; enumString = RESPONSE_MSG.CHANGE_PASSWORD_FAIL_7.ToString(); var map = Utilities.GetLanguageMapping(enumString, lang); changePwdResponse.SetResponse("1", map.Message); return Ok(changePwdResponse); } var regData = new ValidationModel { Password = changePwd.NewPassword, ConfirmPassword = changePwd.ConfirmPassword }; changePwdResponse = _requestServices.ChangePassword(changePwd); return Ok(changePwdResponse); } ///

///

/// /// protected IHttpActionResult ModelValidationError(ModelStateDictionary modelState) { var modelErrors = modelState.Select(x => x.Value.Errors) .Where(y => y.Count > 0) .First()[0].ErrorMessage; JsonRxResponse jsonRx = new JsonRxResponse() { ErrorCode = "1", Msg = string.IsNullOrEmpty(modelErrors) ? "It seems like incorrect Json input(s)." : modelErrors, Data = "" }; return Ok(jsonRx); } } }