public async Task <IActionResult> Login(LoginDTO loginDTO)
{
var result = new LoginDTO
{
StrUserID = loginDTO.StrUserID,
password = MD5.Create(loginDTO.password)
};
var isAdmin = new MemberOrAdminDTO
{
StrUserID = loginDTO.StrUserID,
sec_primary = 1,
sec_content = 1
};
if (await _accountRepository.CheckMemberOrAdmin(isAdmin))
{
if (await _accountRepository.LoginUser(result))
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, loginDTO.StrUserID),
new Claim(ClaimTypes.Role, "Admin")
};
var userIdentity = new ClaimsIdentity(claims, "login");
ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity);
await HttpContext.SignInAsync(principal);
return(RedirectToAction("Index", "Home", new { Area = "Admin" }));
}
}
else
{
if (await _accountRepository.LoginUser(result))
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, loginDTO.StrUserID),
new Claim(ClaimTypes.Role, "Member")
};
var userIdentity = new ClaimsIdentity(claims, "login");
ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity);
await HttpContext.SignInAsync(principal);
return(RedirectToAction("Index", "Home", new { Area = "Member" }));
}
}
return(View(loginDTO));
}
public async Task <bool> CheckMemberOrAdmin(MemberOrAdminDTO user)
{
var isAdmin = await _accountDbContext.TB_User.SingleOrDefaultAsync(u => u.StrUserID == user.StrUserID && u.sec_primary == 1 && u.sec_content == 1);
if (isAdmin != null)
{
return(true);
}
return(false);
}
