public ActionResult Login(FormCollection formCollection)
{
var login = formCollection["login"];
var password = formCollection["pass"];
var repo = new LoginRepository();
var user = repo.Auth(login, password);
LoginResponce loginResponce;
if (user != null)
{
var r = new Random(DateTime.Now.Millisecond + login.GetHashCode());
var token = r.NextToken();
loginResponce = new LoginResponce {
Logged = true, DisplayName = user.DisplayName, Token = token
};
repo.WriteToken(user.id, token);
repo.UpdateLoginDate(user.id);
}
else
{
loginResponce = new LoginResponce {
Logged = false, Error = "Invalid login/password combination"
};
}
var ms = new MemoryStream();
Serializer.Serialize(ms, loginResponce);
ms.Position = 0;
return(new FileStreamResult(ms, "application/octet-stream"));
}
public ActionResult <LoginResponce> Acceder(LoginRequest request)
{
LoginService _service = new LoginService(_unitOfWork);
LoginResponce response = _service.Verificar(request);
return(Ok(response));
}
public LoginResponce Post(LoginUser user)
{
LoginResponce result = new LoginResponce();
if (user.password == "")
{
result.ResultCode = 401;
result.ResultMessage = "Поле пароля не должен быть пусты";
}
else if (user.email == "")
{
result.ResultCode = 401;
result.ResultMessage = "Поле почты не должно быть пустым";
}
else
{
User dbUser = db.Users.Where(x => x.login == user.email).FirstOrDefault();
if (dbUser != null)
{
string password = user.password;
password = Hash.ComputeSha256Hash(password);
if (dbUser.password == password)
{
HttpContext.Current.Session["userId"] = dbUser.ID;
HttpContext.Current.Session["email"] = user.email;
HttpContext.Current.Session["roleid"] = dbUser.roleID;
HttpContext.Current.Session["name"] = dbUser.name;
HttpContext.Current.Session["login"] = dbUser.login;
result.ResultCode = 200;
//result = "Success";
}
else
{
result.ResultCode = 401;
result.ResultMessage = "Неверный пароль";
}
}
else
{
result.ResultCode = 401;
result.ResultMessage = "Неверная почта";
}
}
return(result);
}
public LoginResponce Post(RegisterUser registerUser)
{
LoginResponce result = new LoginResponce();
if (registerUser.email.Trim().Length == 0)
{
result.ResultCode = 401;
result.ResultMessage = "Поле почты не должно быть пустым";
}
else if (registerUser.password.Trim().Length == 0 || registerUser.password_second.Trim().Length == 0)
{
result.ResultCode = 401;
result.ResultMessage = "Поля паролей не должны быть пусты";
}
else if (registerUser.password != registerUser.password_second)
{
result.ResultCode = 401;
result.ResultMessage = "Пароли не совпадают";
}
else if (db.Users.Where(x => x.login == registerUser.email).FirstOrDefault() != null)
{
result.ResultCode = 401;
result.ResultMessage = "Данная почта уже используется";
}
else
{
string password = registerUser.password;
User user = new User();
user.login = registerUser.email;
user.password = Hash.ComputeSha256Hash(password);
user.roleID = 1;
user.name = registerUser.name;
db.Users.Add(user);
db.SaveChanges();
result.ResultCode = 200;
}
return(result);
}
//Log in
public LoginResponce Post(LoginUser logUser)
{
LoginResponce responce = new LoginResponce();
User user = db.Users.Where(x => x.Login == logUser.Login).FirstOrDefault();
if (user == null)
{
responce.ResultCode = 404;
responce.ErrorMessage = $"User with login '{logUser.Login}' not exists";
}
else if (!user.IsActivated)
{
responce.ResultCode = 400;
responce.ErrorMessage = $"User with login '{logUser.Login}' not activated";
}
else if (logUser.Login == user.Login && Hash.ComputeSha256Hash(logUser.Password) == user.Password)
{
responce.ResultCode = 200;
responce.User = logUser.Login;
HttpContext.Current.Session.Add("LoggedAs", user.Login);
Debug.WriteLine(logUser.RememberMe);
if (logUser.RememberMe)
{
HttpContext.Current.Response.SetCookie(new HttpCookie("LoggedAs")
{
Value = user.Login,
Expires = DateTime.Now.AddYears(1)
});
}
}
else
{
responce.ResultCode = 403;
responce.ErrorMessage = "Wrong password";
}
return(responce);
}
