Esempio n. 1
0
        /// <summary>
        /// Author: BOS Framework, Inc
        /// Description: Triggers when the Login button is clicked
        /// </summary>
        /// <param name="authObj"></param>
        /// <returns></returns>
        public async Task <ActionResult> AuthenticateUser(AuthModel authObj)
        {
            try
            {
                /* Checking if the Cookie Concent has been accepted.
                 * If it is not, before logging-in, we ask the user to accept the terms.
                 * The reason for this is that, we are storing pieces of information in sessions through out the application
                 * In order to be confromant with the GDPR Laws, it is required that we get the constent from the user
                 */
                if (HttpContext != null && !HttpContext.Request.Cookies.ContainsKey(".AspNet.Consent"))
                {
                    ModelState.AddModelError("CustomError", "Before proceeding, please 'Accept' our Cookies' terms.");
                    return(View("Index", new AuthModel()));
                }
                else if (authObj != null) //Checking if the authObj is null.
                {
                    if (_bosAuthClient == null)
                    {
                        return(RedirectToAction("Index"));
                    }

                    var result = await _bosAuthClient.SignInAsync(authObj.Username.Trim(), authObj.Password); //Making the call to the BOS Auth API to verify the user's login credentials

                    if (result != null && result.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                    {
                        return(RedirectToAction("SignOut", "Auth"));
                    }
                    if (result.IsVerified)
                    {
                        /* ------- LOGIC ------
                         * First, check for non-null credentials sent as input paramters
                         * Make an API call to BOS Auth to verify the credentials
                         * On successful validation, get the user's roles, based on his Id
                         * After that, make another API to get the user's permissions-set. This API returns all the modules and operations that the user is permitted
                         * Finally, navigating him to the Dashboard
                         */
                        var userRoles = await _bosAuthClient.GetUserByIdWithRolesAsync <User>(result.UserId.Value); //On successful authentication, fetching the user's role

                        if (userRoles != null && userRoles.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                        {
                            return(RedirectToAction("SignOut", "Auth"));
                        }
                        if (userRoles != null && userRoles.User != null && userRoles.User.Roles != null)
                        {
                            var user  = userRoles.User;
                            var roles = user.Roles;

                            // Convert Roles Array into a comma separated string containing roles
                            string rolesString = string.Empty;
                            if (roles != null && roles.Count > 0)
                            {
                                foreach (UserRole userRole in roles)
                                {
                                    RoleUser role = userRole.Role;
                                    rolesString = (!string.IsNullOrEmpty(rolesString)) ? (rolesString + "," + role.Name) : (role.Name);
                                }
                            }

                            //Create Claims Identity. Saving all the information in the Claims object
                            var claims = new List <Claim> {
                                new Claim("CreatedOn", DateTime.UtcNow.ToString()),
                                new Claim("Email", user.Email),
                                new Claim("Initials", (!string.IsNullOrEmpty(user.FirstName) ?  user.FirstName[0].ToString() : "")
                                          + (!string.IsNullOrEmpty(user.LastName) ?  user.LastName[0].ToString() : "").ToUpper()),
                                new Claim("Name", user.FirstName + " " + user.LastName),
                                new Claim("Role", rolesString),
                                new Claim("UserId", user.Id.ToString()),
                                new Claim("Username", user.Username.ToString()),
                                new Claim("IsAuthenticated", "True")
                            };
                            var             userIdentity = new ClaimsIdentity(claims, "Auth");
                            ClaimsPrincipal principal    = new ClaimsPrincipal(userIdentity);

                            //Sign In created claims Identity Principal with cookie Authentication scheme
                            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties
                            {
                                ExpiresUtc   = DateTime.UtcNow.AddMinutes(140),
                                IsPersistent = false,
                                AllowRefresh = false
                            });

                            var status = await SetModulePermissions(result.UserId.Value);

                            if (status != "")
                            {
                                await SignOut();
                            }

                            return(RedirectToAction("Index", "Dashboard")); //Finally, redirecting the user to the Dashboard page
                        }
                        else
                        {
                            ModelState.AddModelError("CustomError", "User Details Fetch Error");
                            return(View("Index", new AuthModel()));
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("CustomError", "Username or password is incorrect"); //Returning back to the Login page with an error message
                        return(View("Index", new AuthModel()));
                    }
                }
                else
                {
                    //ModelState.AddModelError("CustomError", "Username or password is incorrect");
                    //return View("Index", new AuthModel());
                    return(RedirectToAction("Index"));
                }
            }
            catch (ArgumentNullException ex)
            {
                Logger.LogException("Auth", "AuthenticateUser", ex);
                dynamic model = new ExpandoObject();
                model.Message    = ex.Message;
                model.StackTrace = ex.StackTrace;
                return(View("ErrorPage", model));
            }
            catch (Exception ex)
            {
                Logger.LogException("Auth", "AuthenticateUser", ex);
                dynamic model = new ExpandoObject();
                model.Message    = ex.Message;
                model.StackTrace = ex.StackTrace;
                return(View("ErrorPage", model));
            }
        }