public async Task <IActionResult> Login(LoginDTO loginDTO) { var result = new LoginDTO { StrUserID = loginDTO.StrUserID, password = MD5.Create(loginDTO.password) }; var isAdmin = new MemberOrAdminDTO { StrUserID = loginDTO.StrUserID, sec_primary = 1, sec_content = 1 }; if (await _accountRepository.CheckMemberOrAdmin(isAdmin)) { if (await _accountRepository.LoginUser(result)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, loginDTO.StrUserID), new Claim(ClaimTypes.Role, "Admin") }; var userIdentity = new ClaimsIdentity(claims, "login"); ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity); await HttpContext.SignInAsync(principal); return(RedirectToAction("Index", "Home", new { Area = "Admin" })); } } else { if (await _accountRepository.LoginUser(result)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, loginDTO.StrUserID), new Claim(ClaimTypes.Role, "Member") }; var userIdentity = new ClaimsIdentity(claims, "login"); ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity); await HttpContext.SignInAsync(principal); return(RedirectToAction("Index", "Home", new { Area = "Member" })); } } return(View(loginDTO)); }
public async Task <bool> CheckMemberOrAdmin(MemberOrAdminDTO user) { var isAdmin = await _accountDbContext.TB_User.SingleOrDefaultAsync(u => u.StrUserID == user.StrUserID && u.sec_primary == 1 && u.sec_content == 1); if (isAdmin != null) { return(true); } return(false); }