Ejemplo n.º 1
0
        private async Task <UserModel> Authenticate(LoginModel login)
        {
            // TODO this should probably be removed in favor of using the entity class instead for a User
            UserModel user = new UserModel
            {
                Name            = "Test",
                Email           = login.Email,
                IsAuthenticated = false
            };

            var matchingEmailUser = await _context
                                    .Users
                                    .Where(_ => _.Email == login.Email)
                                    .FirstOrDefaultAsync();

            if (matchingEmailUser != null)
            {
                if (PasswordSecurity.CompareHashedPasswords(login.Password, matchingEmailUser.PasswordHash))
                {
                    user.IsAuthenticated = true;
                    user.Id = matchingEmailUser.UserId;
                }
            }

            return(user);
        }
Ejemplo n.º 2
0
        private async Task <UserModel> Authenticate(LoginModel login)
        {
            UserModel user = new UserModel
            {
                Name            = "Test",
                Email           = login.Email,
                IsAuthenticated = false,
                Roles           = new List <string>()
            };

            // we query the database for the following "claims", which just means
            // that we are querying to see what kind of user the email pertains to
            // which is important for distuinguishing their role and what kind of
            // table relationships can exist for them.
            var studentClaim = await
                               _context
                               .Students
                               .Where(_ => _.Email == login.Email)
                               .FirstOrDefaultAsync();

            var instructorClaim = await
                                  _context
                                  .Instructors
                                  .Where(_ => _.Email == login.Email)
                                  .FirstOrDefaultAsync();

            var adminClaim = await
                             _context
                             .Administrators
                             .Where(_ => _.Email == login.Email)
                             .FirstOrDefaultAsync();

            if (studentClaim != null)
            {
                if (PasswordSecurity.CompareHashedPasswords(login.Password, studentClaim.Password) && studentClaim.EmailConfirmed)
                {
                    user.Roles.Add("Student");
                    user.IsAuthenticated = true;
                    user.Id = studentClaim.StudentId;
                }
            }
            else if (instructorClaim != null)
            {
                if (PasswordSecurity.CompareHashedPasswords(login.Password, instructorClaim.Password) && instructorClaim.EmailConfirmed)
                {
                    user.Roles.Add("Instructor");
                    user.IsAuthenticated = true;
                    user.Id = instructorClaim.InstructorId;
                }
            }
            else if (adminClaim != null)
            {
                if (PasswordSecurity.CompareHashedPasswords(login.Password, adminClaim.Password))
                {
                    user.Roles.Add("Admin");
                    user.IsAuthenticated = true;
                    user.Id = adminClaim.AdministratorId;
                }
            }

            return(user);
        }