public async Task <bool> SignInUserForAdmin(HttpContext httpContext, int userId) { await httpContext.SignOutAsync(); RestAccess ra = new RestAccess(Constants.ServiceClientEndPointWithApiPrefix); using (Db db = new Db()) { var user = await db.TblUsers.FirstOrDefaultAsync(a => a.Id == userId); if (user == null) { return(false); } ExUserAccountData ud = new ExUserAccountData { UserId = user.Id, FirstName = user.Firstname, LastName = user.Lastname, IsAdmin = false, PhoneNumber = user.PhoneNumber }; ClaimsIdentity identity = new ClaimsIdentity(GetUserClaims(ud), CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal principal = new ClaimsPrincipal(identity); await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); } return(true); }
/// <summary> /// Anmelden /// </summary> /// <param name="httpContext"></param> /// <param name="username"></param> /// <param name="password"></param> /// <param name="isPersistent"></param> /// <returns></returns> public async Task <bool> SignInAdmin(HttpContext httpContext, string username, string password, bool isPersistent = false) { try { RestAccess ra = new RestAccess(Constants.ServiceClientEndPointWithApiPrefix); var user = await ra.UserCheck(username); //if (user.Ok && user.Result != null && !user.Result.UserIsLocked && user.Result.UserId > 0) if (username.ToLower() == "admin" && password == "[PASSWORT]") { //var hash = PasswordHelper.CumputeHash(password); //var userAccountData = await ra.UserAccountData(new ExPostUserPasswortData {UserId = user.Result.UserId, PasswordHash = hash}); //if (userAccountData.Ok && userAccountData.Result != null && userAccountData.Result.UserAccountData != null) var tmp = new ExUserAccountData { IsAdmin = true, FirstName = "Admin", LastName = "Admin", UserId = 1, PhoneNumber = "+43" }; { ClaimsIdentity identity = new ClaimsIdentity(GetUserClaims(tmp), CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal principal = new ClaimsPrincipal(identity); await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); return(true); } } } catch (Exception) { return(false); } return(false); }
private IEnumerable <Claim> GetUserClaims(ExUserAccountData user) { var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()), new Claim(ClaimTypes.Name, user.FullName), new Claim(ClaimTypes.Email, user.PhoneNumber) }; claims.AddRange(GetUserRoleClaims(user)); return(claims); }
private IEnumerable <Claim> GetUserRoleClaims(ExUserAccountData user) { var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()), new Claim(ClaimTypes.Role, user.IsAdmin ? "Admin" : user.IsDemoUser ? "Demo" : "User") }; return(claims); }
public async Task <ExSaveDataResult> UserUpdate([FromBody] ExUserAccountData user) { ClaimsIdentity identity = null; try { identity = HttpContext.User.Identity as ClaimsIdentity; } catch (Exception e) { Logging.Log.LogError("No Claims identity"); } if (identity != null) { var claims = identity.Claims; if (!identity.HasClaim(c => c.Type == "UserID")) { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } var userId = identity.HasClaim(c => c.Type == "UserID") ? identity.FindFirst("UserID").Value : "a"; //BENUTZER ID if (user.UserId.ToString() != userId) { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } } else { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } Logging.Log.LogInfo($"UserUpdate {user.UserId}"); using (var db = new Db()) { if (user.IsDemoUser) { return new ExSaveDataResult { Result = EnumSaveDataResult.Information, Description = "Daten können nicht geändert werden.", Caption = "Nicht möglich" } } ; var data = await db.TblUsers.FirstOrDefaultAsync(u => u.Id == user.UserId); if (data == null) { return new ExSaveDataResult { Result = EnumSaveDataResult.Error, Description = "Account ungültig!", Caption = "Fehler" } } ; data.Firstname = user.FirstName; data.Lastname = user.LastName; data.Street = user.Street; data.PostalCode = user.PostalCode; data.City = user.City; try { db.SaveChanges(); } catch (Exception e) { Logging.Log.LogWarning($"UserDeviceUpdate Save: {e}"); return(ExSaveDataResult.GetDefaultSaveError()); } return(ExSaveDataResult.GetDefaultSuccess()); } }
/// <summary> /// Benutzerstammdaten ändern /// </summary> /// <param name="user">Benutzerdaten</param> /// <returns></returns> public async Task <ResultData <ExSaveDataResult> > UserUpdate(ExUserAccountData user) { return(await _wap.Post <ExSaveDataResult>("UserUpdate", user)); }