public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); ApplicationUser user = null; if (Membership.ValidateUser(context.UserName, context.Password)) { MembershipUser ldapUser = Membership.GetUser(context.UserName); user = userService.SyncLdapUser(ldapUser.UserName, ldapUser.Email, context.Password, UserManager); } if (user == null) { context.SetError("invalid", "The user name or password is incorrect."); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.WindowsAccountName, user.Id)); using (var db = new ApplicationDbContext()) { var usr = (from u in db.Users where u.UserName.Equals(context.UserName) select u).FirstOrDefault(); var userLogin = new Models.Core.UserLogin { ApplicationUser = usr, Ip = context.OwinContext.Request.RemoteIpAddress }; db.UserLogins.Add(userLogin); db.Entry(userLogin).State = System.Data.Entity.EntityState.Added; db.SaveChanges(); } context.Validated(identity); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { try { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (var db = new ApplicationDbContext()) { ApplicationUser user = null; if (!string.IsNullOrEmpty(context.UserName) && context.UserName.Contains("----")) { var data = context.UserName.Split(new string[] { "----" }, StringSplitOptions.RemoveEmptyEntries); AppAuthenticationRequest request = new AppClient.AppAuthenticationRequest(); request.Application = "NGP-R"; request.UserName = data[0]; request.SystemLoginUser = data[1]; request.SystemID = data[2]; request.IP = data[3]; request.ApplicationVersion = data[4]; request.PWD = context.Password; AppASClient client = new AppASClient(); var LDAPResult = client.AuthenticateUser(request); if (!LDAPResult.Acknowledgement.IsError) { user = userService.SyncLdapUser(data[0], context.Password, UserManager); if (user == null) { context.SetError("invalid", "The user name or password is incorrect."); return; } } else { context.SetError("invalid", LDAPResult.Acknowledgement.Description); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.WindowsAccountName, user.Id)); var usr = (from u in db.Users where u.UserName.Equals(user.UserName) select u).FirstOrDefault(); if (usr.AnalystId == null) { usr.AnalystId = 0; usr.BenchMark = 0; } var userLogin = new Models.Core.UserLogin { ApplicationUser = usr, Ip = context.OwinContext.Request.RemoteIpAddress }; db.UserLogins.Add(userLogin); db.Entry(userLogin).State = System.Data.Entity.EntityState.Added; db.SaveChanges(); context.Validated(identity); context.Response.Headers.Add("UserId", new string[] { user.Id }); } else { context.SetError("invalid", "Some fields Missed in Request"); return; } } } catch (Exception ex) { Log.Error(ex); throw; } }