public async Task <SignInUserProfile> GetUserProfileAsync(string _username)
{
try
{
SignInUserProfile result = await _Context.SignInUserProfile.FromSql(
"Exec spGetUserProfile @pi_UserName",
new SqlParameter("@pi_UserName", _username)
).SingleOrDefaultAsync();
return(result);
}
catch (Exception ex)
{
throw ex;
}
}
public async Task <IActionResult> Login([FromBody] Login pModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
SignInUserProfile mLogin = await _repo.Login(pModel.Username);
if (mLogin is null)
{
ModelState.AddModelError("", Messages.Invalid("username or password"));
return(BadRequest(ModelState));
}
if (mLogin.Active != true)
{
ModelState.AddModelError("", Messages.ShowErrorMessage("User not active, please contact your software support to active!"));
return(BadRequest(ModelState));
}
SQLResult spres = Functions.VerifyPasswordHash(pModel.Password, mLogin.PasswordHash, mLogin.PasswordSalt);
if (spres.ErrorNo != 0)
{
ModelState.AddModelError("", spres.ErrorMessage);
return(BadRequest(ModelState));
}
string mToken = Functions.GenerateToken(mLogin.UserId, mLogin.UserName, mLogin.FirstName, _config);
mLogin.Token = mToken;
return(Ok(mLogin));
}
catch (Exception ex)
{
SQLResult errorResult = new SQLResult
{
ErrorNo = 9999999999,
ErrorMessage = ex.Message.ToString(),
SQLErrorNumber = ex.HResult,
SQLErrorMessage = ex.Source.ToString()
};
return(BadRequest(errorResult));
}
}
public async Task <IActionResult> ChangePassword([FromBody] ChangePassword pModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
SignInUserProfile mLogin = await _repo.GetUserProfileAsync(pModel.Username);
if (mLogin is null)
{
ModelState.AddModelError("", Messages.Invalid("username or password"));
return(BadRequest(ModelState));
}
if (mLogin.Active != true)
{
ModelState.AddModelError("", Messages.ShowErrorMessage("User not active, please contact your software support to activation!"));
return(BadRequest(ModelState));
}
AuditColumns mAuditColumns = new AuditColumns
{
UserId = 1,
ApprovalStatusId = 0,
CompanyId = 10001,
DeviceType = "Undefined",
FinancialYearId = 1,
HostName = "Undefined",
IPAddress = "Undefined",
MACAddress = "Undefined"
};
// Password generation
byte[] passwordHash;
byte[] passwordSalt;
Functions.CreatePasswordHash(pModel.Password, out passwordHash, out passwordSalt);
pModel.PasswordHash = passwordHash;
pModel.PasswordSalt = passwordSalt;
SQLResult result = await _repo.ChangePassword(pModel, mAuditColumns);
if (result.ErrorNo == 0)
{
return(Ok(result));
}
else
{
return(BadRequest(result));
}
}
catch (Exception ex)
{
SQLResult errorResult = new SQLResult
{
ErrorNo = 9999999999,
ErrorMessage = ex.Message.ToString(),
SQLErrorNumber = ex.HResult,
SQLErrorMessage = ex.Source.ToString()
};
return(BadRequest(errorResult));
}
}
