string IAuthentication.SignIn(TokenJWTSecret token)
{
Claim[] arrClaim = new Claim[] {
new Claim(JwtClaimTypes.EmpCode, token.sEmployeeCode),
new Claim(JwtClaimTypes.UnitCode, token.sUnitCode),
new Claim(JwtClaimTypes.RoleID, token.nRoleID + ""),
new Claim(JwtClaimTypes.IsRightToRequest, token.isRightToRequest ? "1" : "0"),
new Claim(JwtClaimTypes.Name, token.sName),
new Claim(JwtClaimTypes.Position, token.sPosition),
new Claim(JwtClaimTypes.Organization, token.sOrganization),
new Claim(JwtClaimTypes.Email, token.sEmail),
new Claim(JwtClaimTypes.EmpCode_MG1, token.sEmpCode_MG1),
new Claim(JwtClaimTypes.EmpCode_MG2, token.sEmpCode_MG2),
new Claim(JwtClaimTypes.EmpCode_MG3, token.sEmpCode_MG3),
};
SymmetricSecurityKey sk = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(token.sSecretKey));
SigningCredentials credential = new SigningCredentials(sk, SecurityAlgorithms.HmacSha256);
JwtSecurityToken st = new JwtSecurityToken(
issuer: token.sIssuer,
audience: token.sAudience,
claims: arrClaim,
expires: token.dTimeout,
signingCredentials: credential
);
return(new JwtSecurityTokenHandler().WriteToken(st));
}
public IActionResult SignIn(AuthenProperties props)
{
try
{
string sToken = "";
string sMessage = "";
var r = IConfig["AppSettings:BypassCode"] == props.sPassword
? new IProcessResult()
{
Success = true
}
: PISFunction.LDAP_Connect("ptt", props.sUsername, props.sPassword);
if (r.Success)
{
TokenJWTSecret tk = null;
var emp = pis.personel_info.FirstOrDefault(w => w.CODE == props.sUsername);
if (emp != null)
{
bool isGSP = IsGSP(emp.UNITCODE);
int nRoleID = 0;
var lstUser = db.TB_User
.Where(w => !w.IsDel && w.IsActive && ((w.sEmployeeID == emp.CODE && w.sOrgID == emp.UNITCODE) || w.sEmpCode_MG == emp.CODE))
.Select(s => new { s.sEmployeeID, s.nRoleID }).ToList();
var usr = lstUser.FirstOrDefault(w => w.sEmployeeID == emp.CODE);
if (usr != null)
{
nRoleID = usr.nRoleID;
}
if (isGSP || lstUser.Any())
{
tk = new TokenJWTSecret();
tk.sEmployeeCode = emp.CODE;
tk.sUnitCode = emp.UNITCODE;
tk.nRoleID = nRoleID;
tk.isRightToRequest = isGSP || nRoleID == 3;
tk.sName = emp.FNAME + " " + emp.LNAME;
tk.sEmail = emp.EmailAddr;
var pos = pis.position.FirstOrDefault(w => w.poscode == emp.POSCODE);
tk.sPosition = pos != null ? pos.AB_NAME : emp.POSNAME;
var unit = pis.unit.FirstOrDefault(w => w.unitcode == emp.UNITCODE);
tk.sOrganization = unit != null ? unit.unitabbr : "";
List <string> lstBand_Allow = new List <string>()
{
"AA", "AB", "AC0", "AC1", "AD"
};
var lstEmpCode_ReportTo = PISFunction.RepInfo.AllReportTo(emp.CODE, pis)
.Where(w => w.sEmpCode != emp.CODE && lstBand_Allow.Contains(w.sBand))
.Select(s => s.sEmpCode).ToList();
int nEmp_ReportTo = lstEmpCode_ReportTo.Count;
tk.sEmpCode_MG1 = nEmp_ReportTo > 0 ? lstEmpCode_ReportTo[0] : emp.CODE;
tk.sEmpCode_MG2 = nEmp_ReportTo > 1 ? lstEmpCode_ReportTo[1] : "";
tk.sEmpCode_MG3 = nEmp_ReportTo > 2 ? lstEmpCode_ReportTo[2] : "";
}
}
if (tk != null)
{
tk.sSecretKey = IConfig["jwt:Key"];
tk.sIssuer = IConfig["jwt:Issuer"];
tk.sAudience = IConfig["jwt:Audience"];
tk.dTimeout = DateTime.Now.AddMinutes(IConfig["jwt:Expire"].ToDouble());
sToken = IAuthen.SignIn(tk);
}
else
{
sMessage = "ไม่พบข้อมูลผู้ใช้งาน";
}
}
else
{
sMessage = "ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง";
}
return(Ok(new { code = StatusCodes.Status200OK, token = sToken, message = sMessage }));
}
catch (Exception ex)
{
return(Ok(new { code = StatusCodes.Status404NotFound, message = ex }));
}
}
