Ejemplo n.º 1
0
        // Login for check is users authentication parameters are OK and generate token.
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
            Guid userid;

            using (UnitOfWork _repo = new UnitOfWork())
            {
                UserModel user    = null;
                RoleModel roleMod = null;
                Guid      role;
                unitOfWork = new UnitOfWork();
                // trying to get user by given username
                if (context.Password.Length > 100)
                {
                    try
                    {
                        user = Mapper.Map <UserModel>(unitOfWork.UserRepository.Get(u => u.Email == context.UserName).First());
                    }
                    catch
                    {
                        context.SetError("invalid_grant", "The user does not exists.");
                        return;
                    }
                    if (user.Locked == true)
                    {
                        context.SetError("invalid_grant", "Your account is not acivated yet.");
                        return;
                    }
                    // get roleID of user and put in variable "role"
                    role     = user.RoleId;
                    roleMod  = Mapper.Map <RoleModel>(_repo.RoleRepository.Get().Where(r => r.Id == role).First());
                    roleName = roleMod.Name;
                    userid   = user.Id;

                    // Check if username and password are correct
                    bool       isLoggedIn   = false;
                    string     concatenated = context.Password;
                    string     rndClient    = concatenated.Substring(0, 32);
                    string     bigHash      = concatenated.Substring(32);
                    string     hashPassword = user.Password;
                    LoginCheck logCheck     = new LoginCheck(bigHash, rndClient, hashPassword);
                    isLoggedIn = logCheck.isOk(user.Email);

                    if (isLoggedIn == false)
                    {
                        context.SetError("invalid_grant", "Wrong password.");
                        return;
                    }
                }


                else
                {
                    try
                    {
                        if (context.Password.Equals("Gplus"))
                        {
                            user = GPLogin(context, _repo);
                        }
                        else if (context.Password.Equals("FB"))
                        {
                            user = FBLogin(context, _repo);
                        }
                        role     = user.RoleId;
                        roleMod  = Mapper.Map <RoleModel>(_repo.RoleRepository.Get().Where(r => r.Id == role).FirstOrDefault());
                        roleName = roleMod.Name;
                        userid   = user.Id;
                    }
                    catch (Exception e)
                    {
                        context.SetError("invalid_grant", "Server error");
                        return;
                    }
                }
            }
            var identity = new ClaimsIdentity(context.Options.AuthenticationType);

            identity.AddClaim(new Claim(ClaimTypes.UserData, userid.ToString()));
            identity.AddClaim(new Claim(ClaimTypes.Role, roleName));

            context.Validated(identity);
        }