public AdministrasiUserLogin Login(string userName, string password) { var z = Cryptography.EncryptString(password); var recUser = ctx.Set <AdministrasiUser>().Where(x => x.Kode == userName && x.Aktif == true).FirstOrDefault(); var rec = new AdministrasiUserLogin(); if (recUser != null) { var recRoles = ctx.Set <AdministrasiRoleUser>().Where(x => x.KodeUser == userName) .Select(x => x.KodeRole); var recHakAkses = ctx.Set <AdministrasiHakAksesRole>().Where(x => recRoles.Contains(x.KodeRole)) .Select(x => x.KodeHakAkses); rec.Kode = recUser.Kode; rec.Nama = recUser.Nama ?? ""; rec.Aktif = recUser.Aktif; rec.Alamat = recUser.Alamat ?? ""; rec.Avatar = recUser.Avatar ?? ""; rec.Email = recUser.Email ?? ""; rec.IsAdministrator = recUser.IsAdministrator; rec.Telepon = recUser.Telepon ?? ""; rec.Roles = recUser.IsAdministrator.Value ? "Administrator" : recRoles != null?string.Join(",", recRoles) : ""; } else { rec = null; } return(rec); }
public IGenericWebApiResult GetSimpleData(string keyValues) { try { using (var result = new GenericWebApiResult <AdministrasiUserLogin>()) { var rec = repo.GetSingle(keyValues); var data = new AdministrasiUserLogin() { Kode = rec.Kode, Nama = rec.Nama, Alamat = rec.Alamat, Telepon = rec.Telepon, Email = rec.Email, Avatar = rec.Avatar ?? "male.png" }; var dir = HttpContext.Current.Server.MapPath("~/Avatars"); if (!Directory.Exists(dir)) { Directory.CreateDirectory(dir); } var path = Path.Combine(dir, data.Avatar); if (File.Exists(path)) { using (Image image = Image.FromFile(path)) { using (MemoryStream m = new MemoryStream()) { image.Save(m, image.RawFormat); byte[] imageBytes = m.ToArray(); // Convert byte[] to Base64 String string base64String = Convert.ToBase64String(imageBytes).TrimStart(','); data.Avatar = "data:image/png;base64," + base64String; } } } result.Data = data; if (result.Data != null) { result.Success = true; } else { throw new Exception(BaseConstants.MESSAGE_DATA_IS_NOT_EXIST); } return(result); } } catch (Exception ex) { using (var result = new GenericWebApiResult <AdministrasiUserLogin>(ex)) { result.Success = false; dynamic more = new ExpandoObject(); more.Errors = ex.Message; result.More = more; return(result); } } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin"); if (allowedOrigin == null) { allowedOrigin = "*"; } context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var req = await context.Request.ReadFormAsync(); var userName = context.UserName; var password = context.Password; var ldapDomain = ConfigurationManager.AppSettings["LdapDomain"]; var ldapServer = ConfigurationManager.AppSettings["LdapServer"] ?? ""; var ldapPort = Int32.Parse(ConfigurationManager.AppSettings["LdapPort"]); try { var user = new AdministrasiUserLogin(); using (var ctx = new GenericContext()) { using (var repoUser = new AdministrasiUserRepository(ctx)) { user = repoUser.Login(userName, password); if (user != null) { try { try { var avatar = "male.png"; //user.Avatar; var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, userName.ToUpper())); identity.AddClaim(new Claim(ClaimTypes.Role, user.Roles)); identity.AddClaim(new Claim("UserRole", user.Roles)); identity.AddClaim(new Claim("IsAdministrator", user.IsAdministrator.ToString())); identity.AddClaim(new Claim("as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId)); var props = new AuthenticationProperties(new Dictionary <string, string> { { "as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId }, { "UserName", userName.ToUpper() }, { "Avatar", avatar }, { "UserRole", user.Roles } }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); context.Request.Context.Authentication.SignIn(identity); } catch (LdapException ex) { var errMsg = string.Format(ex.Message); context.SetError("invalid_authorize", errMsg); context.Response.StatusCode = 401; return; } } catch (LdapException ex) { var errMsg = string.Format("Username tidak terdaftar pada Domain {0}.", ldapDomain);// + ex.Message; context.SetError("invalid_authorize", errMsg); context.Response.StatusCode = 401; return; } } else { var errMsg = string.Format("Username atau Password salah."); context.SetError("invalid_authorize", errMsg); context.Response.StatusCode = 401; return; } } } } catch (Exception ex) { var errMsg = ex.InnerException.Message; //string.Format("Gagal pada saat proses Login. Silahkan menghubungi Team ICT"); context.SetError("Internal Server Error", errMsg); context.Response.StatusCode = 500; return; } }