private bool f_UpdateLogin(AccountUser datLogin)
{
int result;
string sqlQuery = @"select * from tblAccount_update(
:_username,
:_password,
:_employee_id)";
cmd = new NpgsqlCommand(sqlQuery, conn);
datLogin.Password = LoginSet.ComputeSha256Hash(datLogin.Password);
cmd.Parameters.AddWithValue("_username", NpgsqlTypes.NpgsqlDbType.Varchar, datLogin.Username);
cmd.Parameters.AddWithValue("_password", NpgsqlTypes.NpgsqlDbType.Varchar, datLogin.Password);
cmd.Parameters.AddWithValue("_employee_id", NpgsqlTypes.NpgsqlDbType.Varchar, datLogin.EmployeeID);
result = (int)cmd.ExecuteScalar();
conn.Close();
if (result == 1)
{
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// 构造函数,初始化视图
/// 通过订阅事件实现双向数据绑定
/// </summary>
public SetModel()
{
view = new LoginSet
{
BaseInupt = { Text = baseServer },
SaveUserCheckBox = { Checked = saveUser }
};
// 订阅控件事件实现数据双向绑定
view.BaseInupt.EditValueChanged += (sender, args) => baseServer = view.BaseInupt.Text;
view.SaveUserCheckBox.CheckStateChanged += (sender, args) => saveUser = view.SaveUserCheckBox.Checked;
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//// Bawaannya .NET
//var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
//ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
//if (user == null)
//{
// context.SetError("invalid_grant", "The user name or password is incorrect.");
// return;
//}
//ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
// OAuthDefaults.AuthenticationType);
//ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
// CookieAuthenticationDefaults.AuthenticationType);
//AuthenticationProperties properties = CreateProperties(user.UserName);
//AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
//context.Validated(ticket);
//context.Request.Context.Authentication.SignIn(cookiesIdentity);
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
//refresh current token
var getIdentity = identity.Claims.FirstOrDefault(x => x.Value == context.UserName);
identity.TryRemoveClaim(getIdentity);
// Custom sendiri nih
bool getLogin = LoginSet.UsernamePassword(context.UserName, context.Password);
if (!getLogin)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
// Optional : You can add a role based claim by uncommenting the line below.
// identity.AddClaim(new Claim(ClaimTypes.Role, "Administrator"));
context.Validated(identity);
}
/// Private Function/ Method Area
/// Just in case you need some code, write here.
///
private bool f_CreateLogin(AccountUser lgn)
{
int result;
string sqlQuery = @"select * from tblaccount_insert(:_Username,:_Password,:_employee_id)";
cmd = new NpgsqlCommand(sqlQuery, conn);
lgn.Password = LoginSet.ComputeSha256Hash(lgn.Password);
cmd.Parameters.AddWithValue("_Username", lgn.Username.ToLower());
cmd.Parameters.AddWithValue("_Password", lgn.Password);
cmd.Parameters.AddWithValue("_employee_id", lgn.EmployeeID);
result = (int)cmd.ExecuteScalar();
conn.Close();
if (result == 1)
{
return(true);
}
else
{
return(false);
}
}
// For basic authentication
public HttpResponseMessage Login([FromUri] string username, [FromUri] string password)
{
try
{
bool getLogin = LoginSet.UsernamePassword(username, password);
if (!getLogin)
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "Invalid username / password!"));
}
var AccountUser = new AccountUser()
{
Username = username,
Password = password,
};
var jsonString = JsonConvert.SerializeObject(AccountUser);
var token = StringCrypter.Encrypt(jsonString, password);
return(Request.CreateResponse(HttpStatusCode.OK, token));
}
catch (Exception ex)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "There error :" + ex.Message));
}
}
