Beispiel #1
0
 public ApiController()
 {
     recMan = new RecordManager();
     secMan = new SecurityManager();
     entMan = new EntityManager();
     relMan = new EntityRelationManager();
 }
Beispiel #2
0
 public WebHooks()
 {
     recMan = new RecordManager();
     secMan = new SecurityManager();
     entMan = new EntityManager();
     relMan = new EntityRelationManager();
 }
		public ApiController(IErpService service, IStorageService storage) : base(service)
		{
			Storage = storage;
			recMan = new RecordManager(service);
			secMan = new SecurityManager(service);
			entityManager = new EntityManager(storage);
		}
        public static string Login(HttpContext context, Guid userId, DateTime? modifiedOn, bool rememberMe, IErpService service)
        {
            var identity = CreateIdentity(userId, service);

            if (identity == null)
                throw new Exception("Try to login with invalid user.");

            if (modifiedOn != identity.User.ModifiedOn)
                modifiedOn = identity.User.ModifiedOn;



            ErpUser user = new SecurityManager(service).GetUser(userId);
            string token = AuthToken.Create(user, rememberMe).Encrypt();
            if (rememberMe)
            {
                CookieOptions options = new CookieOptions();
                options.Expires = DateTime.Today.AddDays(AUTH_REMEMBER_IDENTITY_DAYS);
                context.Response.Cookies.Append(AUTH_TOKEN_KEY, token, options);
            }
            else
                context.Response.Cookies.Append(AUTH_TOKEN_KEY, token);

            context.User = new ErpPrincipal(identity);

            new SecurityManager(service).UpdateUserLastLoginTime(userId);

            return token;
        }
Beispiel #5
0
 public ApiController(IWebHookService hooksService)
 {
     recMan = new RecordManager();
     secMan = new SecurityManager();
     entMan = new EntityManager();
     relMan = new EntityRelationManager();
     this.hooksService = hooksService;
 }
		public IActionResult Login([FromBody]JObject submitObj)
		{
			string email = (string)submitObj["email"];
			string password = (string)submitObj["password"];
			bool rememberMe = (bool)submitObj["rememberMe"];

			SecurityManager secMan = new SecurityManager(service);
			var user = secMan.GetUser(email, password);
			var responseObj = new ResponseModel();

			if (user != null)
			{
				if (user.Enabled == false)
				{
					responseObj.Success = false;
					responseObj.Message = "Error while user authentication.";

					var errorMsg = new ErrorModel();
					errorMsg.Key = "Email";
					errorMsg.Value = email;
					errorMsg.Message = "User account is disabled.";
					responseObj.Errors.Add(errorMsg);
					responseObj.Object = new { token = "" };
				}
				else
				{
					responseObj.Object = null;
					responseObj.Success = true;
					responseObj.Timestamp = DateTime.UtcNow;
					responseObj.Object = new { token = WebSecurityUtil.Login(HttpContext, user.Id, user.ModifiedOn, rememberMe, service) };
				}

			}
			else
			{
				responseObj.Success = false;
				responseObj.Message = "Login failed";
				var errorMsg = new ErrorModel();
				errorMsg.Key = "Email";
				errorMsg.Value = email;
				errorMsg.Message = "Invalid email or password";
				responseObj.Errors.Add(errorMsg);
				responseObj.Object = new { token = "" };
			}

			return DoResponse(responseObj);
		}
Beispiel #7
0
        internal static ErpIdentity CreateIdentity(Guid? userId)
        {
            SecurityManager secMan = new SecurityManager();
            ErpUser user = secMan.GetUser(userId.Value);

            if (user == null || !user.Enabled)
                return null;

            return new ErpIdentity { User = user };
        }