public tokenObj validatesApiUser(loginInfo login) { authFunc auth = new authFunc(); tokenObj token = auth.validatesApiUser(login); return(token); }
public async Task <IActionResult> LoginAsync([FromBody] UserCred userCred) { var email = userCred.Email; var password = userCred.Password; //validate fields if (email == "" || password == "") { return(NotFound(JsonConvert.SerializeObject("Please enter all fields", Formatting.Indented))); } //validate user var token = jwtAuthenticationManager.Authenticate(email, password); if (token == null) { return(Unauthorized(JsonConvert.SerializeObject("Invalid credentials", Formatting.Indented))); } User user = await UserMethods.getUser(email); tokenObj sendToken = new tokenObj(token); List <object> objects = new List <object>(); user.UserPassword = null; objects.Add(sendToken); objects.Add(user); return(Ok(JsonConvert.SerializeObject(objects, Formatting.Indented))); }
/// <summary> /// apiuser-驗證帳號 /// </summary> public tokenObj validatesApiUser(loginInfo login) { string sqlstr = @"SELECT userId,aspnetUserId,aspnetPassword FROM sys_apiUser where lockYN='0' and userId=@userId"; SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString); SqlCommand cmd = new SqlCommand(sqlstr, conn); conn.Open(); cmd.Parameters.AddWithValue("@userId", login.userid); SqlDataReader dr = cmd.ExecuteReader(); string userId = ""; string aspnetUserId = ""; while (dr.Read()) { userId = dr["userId"].ToString(); aspnetUserId = dr["aspnetUserId"].ToString(); } dr.Close(); dr.Dispose(); conn.Close(); conn.Dispose(); if (userId != "" && aspnetUserId != "" && login.password != "") { var manager = new UserManager(); ApplicationUser user = manager.FindByName(aspnetUserId); bool YN = manager.CheckPassword(user, "apiUser@_" + login.password); if (YN) { string token = createToken(aspnetUserId, "apiuser"); tokenObj tokenobj = new tokenObj("success", token); return(tokenobj); } else { tokenObj error = new tokenObj("error-no dotnet user", ""); return(error); } } else { tokenObj error = new tokenObj("error-no user", ""); return(error); } }