public AdministrasiUserLogin Login(string userName, string password)
{
var z = Cryptography.EncryptString(password);
var recUser = ctx.Set <AdministrasiUser>().Where(x => x.Kode == userName && x.Aktif == true).FirstOrDefault();
var rec = new AdministrasiUserLogin();
if (recUser != null)
{
var recRoles = ctx.Set <AdministrasiRoleUser>().Where(x => x.KodeUser == userName)
.Select(x => x.KodeRole);
var recHakAkses = ctx.Set <AdministrasiHakAksesRole>().Where(x => recRoles.Contains(x.KodeRole))
.Select(x => x.KodeHakAkses);
rec.Kode = recUser.Kode;
rec.Nama = recUser.Nama ?? "";
rec.Aktif = recUser.Aktif;
rec.Alamat = recUser.Alamat ?? "";
rec.Avatar = recUser.Avatar ?? "";
rec.Email = recUser.Email ?? "";
rec.IsAdministrator = recUser.IsAdministrator;
rec.Telepon = recUser.Telepon ?? "";
rec.Roles = recUser.IsAdministrator.Value ? "Administrator" : recRoles != null?string.Join(",", recRoles) : "";
}
else
{
rec = null;
}
return(rec);
}
public IGenericWebApiResult GetSimpleData(string keyValues)
{
try
{
using (var result = new GenericWebApiResult <AdministrasiUserLogin>())
{
var rec = repo.GetSingle(keyValues);
var data = new AdministrasiUserLogin()
{
Kode = rec.Kode,
Nama = rec.Nama,
Alamat = rec.Alamat,
Telepon = rec.Telepon,
Email = rec.Email,
Avatar = rec.Avatar ?? "male.png"
};
var dir = HttpContext.Current.Server.MapPath("~/Avatars");
if (!Directory.Exists(dir))
{
Directory.CreateDirectory(dir);
}
var path = Path.Combine(dir, data.Avatar);
if (File.Exists(path))
{
using (Image image = Image.FromFile(path))
{
using (MemoryStream m = new MemoryStream())
{
image.Save(m, image.RawFormat);
byte[] imageBytes = m.ToArray();
// Convert byte[] to Base64 String
string base64String = Convert.ToBase64String(imageBytes).TrimStart(',');
data.Avatar = "data:image/png;base64," + base64String;
}
}
}
result.Data = data;
if (result.Data != null)
{
result.Success = true;
}
else
{
throw new Exception(BaseConstants.MESSAGE_DATA_IS_NOT_EXIST);
}
return(result);
}
}
catch (Exception ex)
{
using (var result = new GenericWebApiResult <AdministrasiUserLogin>(ex))
{
result.Success = false;
dynamic more = new ExpandoObject();
more.Errors = ex.Message;
result.More = more;
return(result);
}
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var req = await context.Request.ReadFormAsync();
var userName = context.UserName;
var password = context.Password;
var ldapDomain = ConfigurationManager.AppSettings["LdapDomain"];
var ldapServer = ConfigurationManager.AppSettings["LdapServer"] ?? "";
var ldapPort = Int32.Parse(ConfigurationManager.AppSettings["LdapPort"]);
try
{
var user = new AdministrasiUserLogin();
using (var ctx = new GenericContext())
{
using (var repoUser = new AdministrasiUserRepository(ctx))
{
user = repoUser.Login(userName, password);
if (user != null)
{
try
{
try
{
var avatar = "male.png"; //user.Avatar;
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, userName.ToUpper()));
identity.AddClaim(new Claim(ClaimTypes.Role, user.Roles));
identity.AddClaim(new Claim("UserRole", user.Roles));
identity.AddClaim(new Claim("IsAdministrator", user.IsAdministrator.ToString()));
identity.AddClaim(new Claim("as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"UserName", userName.ToUpper()
},
{
"Avatar", avatar
},
{
"UserRole", user.Roles
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(identity);
}
catch (LdapException ex)
{
var errMsg = string.Format(ex.Message);
context.SetError("invalid_authorize", errMsg);
context.Response.StatusCode = 401;
return;
}
}
catch (LdapException ex)
{
var errMsg = string.Format("Username tidak terdaftar pada Domain {0}.", ldapDomain);// + ex.Message;
context.SetError("invalid_authorize", errMsg);
context.Response.StatusCode = 401;
return;
}
}
else
{
var errMsg = string.Format("Username atau Password salah.");
context.SetError("invalid_authorize", errMsg);
context.Response.StatusCode = 401;
return;
}
}
}
}
catch (Exception ex)
{
var errMsg = ex.InnerException.Message; //string.Format("Gagal pada saat proses Login. Silahkan menghubungi Team ICT");
context.SetError("Internal Server Error", errMsg);
context.Response.StatusCode = 500;
return;
}
}
