private async Task <LdapUser> LdapSignInAsync(Tenant tenant, string username, string password)
{
var ldapUser = default(LdapUser);
var directories = await _directoryManager.GetDirectoriesAsync(tenant);
foreach (var dir in directories)
{
var ldapConfig = await _directoryManager.GetDirectoryLdapAsync(dir.Id);
if (ldapConfig != null)
{
_ldapService.LdapConfig = ldapConfig;
ldapUser = _ldapService.Login(username, password);
//if we have an ldapUser, then we are auth... at least that is the idea.
if (ldapUser != default(LdapUser))
{
//user was found in ldap, no need to continue within the loop.
ldapUser.DirectoryId = dir.Id;
ldapUser.Password = password;
break;
}
}
}
return(ldapUser);
}
/// <summary>
/// Validates the credentials.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <returns>
/// Returns the application user that match that account if the
/// authentication is successful.
/// </returns>
public IAppUser ValidateCredentials(string username, string password)
{
try
{
var user = _authenticationService.Login(username, password);
if (user != null)
{
return(user);
}
}
catch (LoginFailedException)
{
return(default(TUser));
}
return(default(TUser));
}
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
try
{
AppUser user = _authService.Login(model.Username, model.Password);
if (null != user)
{
List <Claim> userClaims = new List <Claim>
{
new Claim("displayName", user.DisplayName),
new Claim("username", user.Username),
new Claim(ClaimsIdentity.DefaultNameClaimType, user.Username)
};
Employee empl = repository.Employees.FirstOrDefault(e => e.Account.Equals(model.Username));
if (empl == null)
{
empl = new Employee()
{
Account = model.Username,
Email = user.Email,
FullName = user.DisplayName,
Position = user.Position,
UserRoleID = 0
};
repository.SaveEmployee(empl);
}
else
{
if (empl.UserRoleID == 1)
{
userClaims.Add(new Claim(ClaimTypes.Role, "Admins"));
}
else
{
userClaims.Add(new Claim(ClaimTypes.Role, "Users"));
}
}
ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(userClaims, _authService.GetType().Name, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType));
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);
return(Redirect(returnUrl ?? "/"));
}
}
catch (Exception ex)
{
ModelState.AddModelError(string.Empty, ex.Message);
}
}
return(View(model));
}
/// <summary>
/// Validates the credentials.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <returns></returns>
public IAppUser ValidateCredentials(string username, string password)
{
try
{
var user = _authenticationService.Login(username, password);
if (user != null)
{
SetRedisData(user);
return(user);
}
}
catch (Exception e)
{
if (e.Message == "Login failed.")
{
return(default(TUser));
}
throw;
}
return(default(TUser));
}
