public IHttpActionResult GetUser([FromBody] ClientUser user) { BaseUser userCheck = UserLogic.CheckUser(user.Username, MD5Utility.GetMD5Password(user.Password)); if (userCheck == null) { return(BadRequest("Username or password invalid.")); } else if (userCheck.IsPasswordRecovered) { return(BadRequest("This user is locked.")); } else { return(Ok(userCheck)); } }
public IHttpActionResult ChangePassword([FromBody] ClientUser user) { Int64 userChanged = 0; BaseUser userCheck = UserLogic.GetUserIdByToken(user.Token); if (userCheck.Id > 0) { userChanged = UserLogic.ChangeUser(userCheck.Id, MD5Utility.GetMD5Password(user.Password)); } if (userChanged == 0) { return(BadRequest("Invalid data.")); } else { return(Ok("Passord changed.")); } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); //Use the Factory repository in order to get the right type of user BaseUser user = UserLogic.GetUser(context.UserName, MD5Utility.GetMD5Password(context.Password)); if (user != null) { identity.AddClaim(new Claim(ClaimTypes.Role, user.Role.Name)); identity.AddClaim(new Claim("username", user.Username)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Firstname + " " + user.Surname)); context.Validated(identity); } else { context.SetError("invalid_grant", "Provided username and password are incorrect."); return; } }