public async Task <LoginResult> Login(string userName, string password)
{
LoginResult result = null;
var encryptedPass = MD5Encoding(password);
var user = await userRepository.ValidateUser(userName, encryptedPass);
if (user == null)
{
throw new BadRequestException("Invalid credential!");
}
var urm = await urmRepository.GetUrmByUserId(user.Id);
if (urm == null)
{
throw new BadRequestException("No active role for this user!");
}
var role = roleRepository.GetById(urm.RoleId);
if (role == null)
{
throw new InternalException("Invalid user role data!");
}
IQueryable <Permission> permissions = permissionRepository.GetAllByRoleId(role.Id);
if (permissions == null)
{
throw new BadRequestException("No active permission for this user!");
}
var resources = new List <Resource>();
var resourceNames = new List <string>();
permissions.ToList().ForEach(p => {
var resource = resourceRepository.GetById(p.ResourceId);
if (resource == null)
{
throw new BadRequestException("No active permission for this user!");
}
resources.Add(resource);
resourceNames.Add(resource.Name);
});
var token = tokenService.CreateToken(user.Id.ToString(), userName, role.Name, resourceNames.ToArray());
result = new LoginResult();
result.Token = token;
result.Role = role.Name;
result.User = user;
result.Resource = resourceNames.ToArray();
return(result);
}
public async Task <bool> IsAuthorized(string userId, string[] resources)
{
var isAuthorized = false;
try
{
var id = new Guid(userId);
var urm = await urmRepository.GetUrmByUserId(id);
if (urm != null)
{
var role = roleRepository.GetById(urm.RoleId);
if (role != null)
{
IQueryable <Permission> permissions = permissionRepository.GetAllByRoleId(role.Id);
if (permissions != null)
{
permissions.ToList().ForEach(p =>
{
var resource = resourceRepository.GetById(p.ResourceId);
if (resources.Any(r => r.Trim() == resource.Name.Trim()))
{
isAuthorized = true;
}
});
}
}
}
}
catch (Exception e)
{
logger.LogCritical(403, e, e.Message);
}
return(isAuthorized);
}