private string STATUS_NORMAL = "Normal"; //使用者狀態: 正常 public string VerifyIdentity(string Username, string Password) { string sqlquery = @"SELECT U.Id, U.Email, U.Username, U.Password, U.Name, U.PhoneNumber, U.EditTime, R.RoleName, S.StatusName FROM dbo.Users AS U INNER JOIN dbo.Roles AS R ON R.Id = U.Roles_Id INNER JOIN dbo.Status AS S ON S.Id = U.Status_Id WHERE Username = {0} and StatusName = {1}"; ViewUserDetail user = db.Database.SqlQuery <ViewUserDetail>(sqlquery, Username, STATUS_NORMAL).First(); //ViewUserDetail user = db.ViewUserDetail.FirstOrDefault(x => x.Username == Username && x.StatusName == STATUS_NORMAL); if (user != null && user.Password == Password) { return(user.Id); } return(null); }
public ClaimsIdentity IdentityAddClaim(ClaimsIdentity identity, string Username) { string sqlquery = @"SELECT U.Id, U.Email, U.Username, U.Password, U.Name, U.PhoneNumber, U.EditTime, R.RoleName, S.StatusName FROM dbo.Users AS U INNER JOIN dbo.Roles AS R ON R.Id = U.Roles_Id INNER JOIN dbo.Status AS S ON S.Id = U.Status_Id WHERE Username = {0}"; ViewUserDetail user = db.Database.SqlQuery <ViewUserDetail>(sqlquery, Username).First(); //ViewUserDetail user = db.ViewUserDetail.FirstOrDefault(x => x.Username == Username); identity.AddClaim(new Claim(ClaimTypes.GivenName, user.Username)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Name)); identity.AddClaim(new Claim(ClaimTypes.Role, user.RoleName)); identity.AddClaim(new Claim("StatusName", user.StatusName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); return(identity); }