public IHttpActionResult Authenticate(Login_Request login)
{
bool isUserValid = false;
if (login == null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
EResponseBase <User> eResponse = UserService.Login(login.Username, login.Password);
if (eResponse.Code == 200)
{
isUserValid = true;
}
//TODO: This code is only for demo - extract method in new class & validate correctly in your application !!
//var isUserValid = (login.Username == "user" && login.Password == "123456");
if (isUserValid)
{
var token = TokenGenerator.GenerateTokenJwt(eResponse.Object.UserName, eResponse.Object.Role);
return(Ok(token));
}
//if (isUserValid)
//{
// var rolename = "Developer";
// var token = TokenGenerator.GenerateTokenJwt(login.Username, rolename);
// return Ok(token);
//}
////TODO: This code is only for demo - extract method in new class & validate correctly in your application !!
//var isTesterValid = (login.Username == "test" && login.Password == "123456");
//if (isTesterValid)
//{
// var rolename = "Tester";
// var token = TokenGenerator.GenerateTokenJwt(login.Username, rolename);
// return Ok(token);
//}
////TODO: This code is only for demo - extract method in new class & validate correctly in your application !!
//var isAdminValid = (login.Username == "admin" && login.Password == "123456");
//if (isAdminValid)
//{
// var rolename = "Administrator";
// var token = TokenGenerator.GenerateTokenJwt(login.Username, rolename);
// return Ok(token);
//}
// Unauthorized access
return(Unauthorized());
}
private void loginButton_Click(object sender, EventArgs e)
{
if (!username.Text.Equals("") && !password.Text.Equals(""))
{
//Check if username + passwords match on db
//check database for entries
string apiUrl = "https://craig.im/infosec.php";
string apiMethod = "userLogin";
Login_Request myLogin_Request = new Login_Request()
{
username = username.Text,
password = password.Text
};
// make http post request
string response = Http.Post(apiUrl, new NameValueCollection()
{
{ "api_method", apiMethod },
{ "api_data", JsonConvert.SerializeObject(myLogin_Request) }
});
// decode json string to object
API_Response r = JsonConvert.DeserializeObject <API_Response>(response);
// check response
if (!r.IsError && r.ResponseData == "SUCCESS")
{
string teacherUsername = username.Text;
loginMenu myForm = new loginMenu(teacherUsername);
this.Hide();
myForm.ShowDialog();
this.Show();
}
else
{
MessageBox.Show("ERROR: " + r.ErrorMessage);
}
}
else if (username.Text.Equals("") || password.Text.Equals(""))
{
MessageBox.Show("You cannot leave the fields blank.");
}
else
{
MessageBox.Show("An error has occured.");
}
}
private void ClickButtonLogin(object sender, EventArgs e)
{
Login_Request?.Invoke(BoxUserName.Text, BoxPassword.Text);
}
