public async Task <IActionResult> DoLogin(Login login) { try { login.Password = HashPassword.DoHash(login.Password.Trim()); var user = _context.User .Include(u => u.UserRole) .ThenInclude(r => r.Role) .Where(w => w.Username == login.Username && w.Password.Trim() == login.Password).FirstOrDefault(); if (user == null) { ViewData["loginMessage"] = "Invalid Username or Password"; return(View("Login", "Account")); } else { var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); try { identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Username)); identity.AddClaim(new Claim(ClaimTypes.GivenName, user.Firstname)); identity.AddClaim(new Claim(ClaimTypes.Surname, user.Lastname)); identity.AddClaim(new Claim(ClaimTypes.Email, user.Email)); identity.AddClaim(new Claim(ClaimTypes.Sid, user.ID.ToString())); identity.AddClaim(new Claim("GUID", user.GUID.ToString())); //if (user.Organization != null) //{ // identity.AddClaim(new Claim("OganizationId", user.Organization.ID.ToString())); // identity.AddClaim(new Claim("Oganization", user.Organization.Name)); //} } catch (Exception ex) { } foreach (var ur in user.UserRole) { identity.AddClaim(new Claim(ClaimTypes.Role, ur.Role.Name)); } var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); return(RedirectToAction("Index", "Home")); } } catch (Exception ex) { ViewData["loginMessage"] = ex.Message; return(View("Login", "Account")); } }