Esempio n. 1
0
 public ActionResult PostLogin(user user)
 {
     return(RedirectToAction("Index"));
 }
        public async Task <IActionResult> loginUser([FromBody] user loginUser)
        {
            try
            {
                if (loginUser == null)
                {
                    return(NotFound("الرجاء ادخال البريد الالكتروني او اسم الدخول"));
                }

                //if (!Validation.IsValidEmail(loginUser.Email))
                //{
                //    return BadRequest("Please enter correct email address");
                //}
                if (string.IsNullOrWhiteSpace(loginUser.Email))
                {
                    return(BadRequest("الرجاء ادخال البريد الالكتروني او اسم الدخول"));
                }

                if (string.IsNullOrWhiteSpace(loginUser.Password))
                {
                    return(BadRequest("الرجاء ادخال كلمه المرور"));
                }

                var cUser = (from p in db.Users
                             where (p.Email == loginUser.Email || p.LoginName == loginUser.Email) && p.Status != 9
                             select p).SingleOrDefault();

                if (cUser == null)
                {
                    return(NotFound("الرجاء التاكد من البريد الالكتروني وكلمة المرور"));
                }

                if (cUser.UserType != 0 && cUser.UserType != 1 && cUser.UserType != 2 && cUser.UserType != 3)
                {
                    return(BadRequest("ليس لديك صلاحيه للدخول علي النظام"));
                }

                if (cUser.Status == 0)
                {
                    return(BadRequest("حسابك غير مفعل"));
                }
                if (cUser.Status == 2)
                {
                    if (cUser.LoginTryAttemptDate != null)
                    {
                        DateTime dt     = (DateTime)cUser.LoginTryAttemptDate;
                        double   minuts = 30;
                        dt = dt.AddMinutes(minuts);
                        if (dt >= DateTime.Now)
                        {
                            return(BadRequest("لايمكنك الدخول للنظام: تم ايقافك"));
                        }
                        else
                        {
                            cUser.Status = 1;

                            db.SaveChanges();
                        }
                    }
                    else
                    {
                        return(BadRequest("لايمكنك الدخول للنظام: تم ايقافك"));
                    }
                }

                if (!Security.VerifyHash(loginUser.Password, cUser.Password, HashAlgorithms.SHA512))
                {
                    cUser.LoginTryAttempts++;
                    if (cUser.LoginTryAttempts >= 5 && cUser.Status == 1)
                    {
                        cUser.LoginTryAttemptDate = DateTime.Now;
                        cUser.Status = 2;
                    }
                    db.SaveChanges();
                    return(NotFound("الرجاء التاكد من البريد الالكتروني وكلمة المرور"));
                }
                //string hospital = "";
                //if (cUser.UserType == 5 && cUser.HospitalId != null && cUser.HospitalId>0)
                //{
                //    hospital = db.Hospital.Where(x => x.HospitalId == cUser.HospitalId).SingleOrDefault().Name;
                //}

                cUser.LoginTryAttempts = 0;
                cUser.LastLoginOn      = DateTime.Now;
                db.SaveChanges();
                long branchId = -1;
                // int branchType = -1;
                string brancheName = "";

                if (cUser.UserType == 1)
                {
                    // branchType = (int)cUser.Office.OfficeType;

                    //     if (officeType==1)
                    //     {
                    //          issusId = db.Offices.AsEnumerable().Where(x => x.OfficeIndexId == officeId)
                    //.Select(r => (long?)r.OfficeId)
                    //.ToArray();

                    //          CivilId = db.Offices.AsEnumerable().Where(x => issusId.ToList().Contains(x.OfficeIndexId))
                    //     .Select(r => (long?)r.OldOfficeId)
                    //     .ToArray();
                    //     } else if(officeType == 2)
                    //     {
                    //          CivilId = db.Offices.AsEnumerable().Where(x => x.OfficeIndexId == officeId)
                    //    .Select(r => (long?)r.OldOfficeId).ToArray();

                    //     }
                    //     else {
                    //         CivilId = db.Offices.AsEnumerable().Where(x => x.OfficeId == officeId)
                    // .Select(r => (long?)r.OldOfficeId).ToArray();
                    //     }
                }
                var userInfo = new
                {
                    userId   = cUser.Id,
                    fullName = cUser.Name,
                    userType = cUser.UserType,
                    branchId = branchId,
                    // officeType = officeType,
                    brancheName = brancheName,
                    LoginName   = cUser.LoginName,
                    DateOfBirth = cUser.BirthDate,
                    Email       = cUser.Email,
                    //cUser.Office.OfficeName,
                    Gender = cUser.Gender,
                    Status = cUser.Status,
                    Phone  = cUser.Phone
                };

                const string Issuer = "http://www.nid.ly";
                var          claims = new List <Claim>();
                claims.Add(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/id", cUser.Id.ToString(), ClaimValueTypes.Integer64, Issuer));
                claims.Add(new Claim(ClaimTypes.Name, cUser.Name, ClaimValueTypes.String, Issuer));
                //claims.Add(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/OfficeId", cUser.BranchId.ToString(), ClaimValueTypes.Integer64, Issuer));
                claims.Add(new Claim("userType", cUser.UserType.ToString(), ClaimValueTypes.Integer32, Issuer));
                var userIdentity = new ClaimsIdentity("thisisasecreteforauth");
                userIdentity.AddClaims(claims);
                var userPrincipal = new ClaimsPrincipal(userIdentity);

                await HttpContext.SignInAsync(
                    CookieAuthenticationDefaults.AuthenticationScheme,
                    userPrincipal,
                    new AuthenticationProperties
                {
                    ExpiresUtc   = DateTime.UtcNow.AddHours(1),
                    IsPersistent = true,
                    AllowRefresh = true
                });

                return(Ok(userInfo));
            }
            catch (Exception e)
            {
                return(StatusCode(500, e.Message));
            }
        }