public ManagerLoginResponse ManagerLogin(ManagerLoginRequest request) { Log.Information("LCManagerPartner ManagerLogin {Login}", request.Login); var result = new ServerManagerLogin(); var returnValue = result.ProcessRequest(cnn, request); return(returnValue); }
/// <summary> /// Manager performs login, attempting to gain a new session. /// </summary> /// <param name="loginInfo">Login information</param> /// <param name="ipAddress">IP Address of request</param> public async Task <ManagerLoginResponse> Login(ManagerLoginRequest loginInfo, string ipAddress) { // Pull manager information from database. var manager = await _database.GetManagerByUsername(loginInfo.Username); // Default to a failed login attempt. bool canLogIn = false; if (manager.IsPasswordReset && loginInfo.Password == manager.Password) { // If the manager should reset their password and they have provided the correct cleartext password, // allow them to login -- assuming that the next phase will require them to reset their password. canLogIn = true; } else if (_password.IsPasswordMatch(loginInfo.Password, manager.Salt, manager.Password)) { // If the manager password + salt combination matches the stored password allow them to login canLogIn = true; } // If the login failed, throw an exception. if (!canLogIn) { throw new BadLoginException(); } // Create a new session. var newSession = new SessionDocument { Id = ObjectId.GenerateNewId().ToString(), // Generate a new sessionID. SessionId = await _session.GenerateSessionId(), ManagerId = manager.Id, IPAddress = ipAddress, CreatedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(), // If the manager needs to reset their password, limit the access to "RESET" status. AccessLevel = manager.IsPasswordReset ? "RESET" : "FULL", IsActive = true }; // Save new session. Note: _session.GenerateSessionId() handles retrying sessionID collisions. await _database.SaveSession(newSession); // Return manager login response information. return(new ManagerLoginResponse { SessionId = newSession.SessionId, AccessLevel = newSession.AccessLevel }); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); //return base.GrantResourceOwnerCredentials(context); string connectionString = ConfigurationManager.ConnectionStrings["SqlConnection"].ConnectionString; SqlConnection cnn = new SqlConnection(connectionString); ManagerLoginRequest request = new ManagerLoginRequest { Phone = Convert.ToInt64(context.UserName), Password = context.Password }; var result = new ServerManagerLogin(); var authentificationResult = result.ProcessRequest(cnn, request); if (authentificationResult.ErrorCode == 0) { identity.AddClaim(new Claim(ClaimTypes.Role, authentificationResult.RoleName)); //identity.AddClaim(new Claim("username", context.UserName)); identity.AddClaim(new Claim(ClaimTypes.MobilePhone, context.UserName)); context.Validated(identity); } else { context.SetError("invalid_grant", "Provided username and password is incorrect"); return; } //if (context.UserName == "admin" && context.Password == "admin") //{ // identity.AddClaim(new Claim(ClaimTypes.Role, "admin")); // identity.AddClaim(new Claim("username", "admin")); // identity.AddClaim(new Claim(ClaimTypes.Name, "Alexander Smirnov")); // context.Validated(identity); //} //else if(context.UserName == "user" && context.Password == "user") //{ // identity.AddClaim(new Claim(ClaimTypes.Role, "user")); // identity.AddClaim(new Claim("username", "user")); // identity.AddClaim(new Claim(ClaimTypes.Name, "Vasya Pupkin")); // context.Validated(identity); //} //else //{ // context.SetError("invalid_grant", "Provided username and password is incorrect"); // return; //} }
public ManagerLoginResponse ManagerLogin(ManagerLoginRequest model) { SqlCommand sqlCommand = new SqlCommand(); sqlCommand = connection.CreateCommand("[dbo].[ManagerLogin]", CommandType.StoredProcedure); sqlCommand.Parameters.AddWithValue("@UserName", model.UserName); sqlCommand.Parameters.AddWithValue("@Password", model.Password); SqlDataReader sqlDr = sqlCommand.ExecuteReader(); var result = new ManagerLoginResponse(); while (sqlDr.Read()) { result.Id = (int)sqlDr["Id"]; result.TypeId = (int)sqlDr["TypeId"]; } sqlCommand.Dispose(); return(result); }
public ActionResult ManagerLogin(ManagerLoginRequest model) { var result = database.ManagerLogin(model); return(Json(result)); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); //return base.GrantResourceOwnerCredentials(context); string connectionString = ConfigurationManager.ConnectionStrings["SqlConnection"].ConnectionString; SqlConnection cnn = new SqlConnection(connectionString); ManagerLoginRequest request = new ManagerLoginRequest { Login = context.UserName, Password = context.Password }; var result = new ServerManagerLogin(); var authentificationResult = result.ProcessRequest(cnn, request); if (authentificationResult.ErrorCode == 0) { foreach (var c in authentificationResult.Roles) { identity.AddClaim(new Claim(ClaimTypes.Role, c)); } //identity.AddClaim(new Claim("username", context.UserName)); identity.AddClaim(new Claim("user", context.UserName)); if (authentificationResult.Operator > 0) { identity.AddClaim(new Claim("oper", authentificationResult.Operator.ToString())); } if (authentificationResult.Partner > 0) { identity.AddClaim(new Claim("partner", authentificationResult.Partner.ToString())); } if (authentificationResult.Pos > 0) { identity.AddClaim(new Claim("pos", authentificationResult.Pos.ToString())); } if (!string.IsNullOrEmpty(authentificationResult.PosCode)) { identity.AddClaim(new Claim("poscode", authentificationResult.PosCode)); } if (authentificationResult.DefaultPartner > 0) { identity.AddClaim(new Claim("defaultpartner", authentificationResult.DefaultPartner.ToString())); } if (authentificationResult.DefaultPos > 0) { identity.AddClaim(new Claim("defaultpos", authentificationResult.DefaultPos.ToString())); } if (!string.IsNullOrEmpty(authentificationResult.DefaultPosCode)) { identity.AddClaim(new Claim("defaultposcode", authentificationResult.DefaultPosCode)); } identity.AddClaim(new Claim("permissioncode", authentificationResult.PermissionCode)); context.Validated(identity); } else { //Пишем текст ошибки context.SetError("invalid_grant", "Provided username and password is incorrect"); //Добавляем в заголовок наш флаг (константу), он будет проверен посредником CustomAuthenticationMiddleware context.Response.Headers.Add(ServerGlobalVariables.OwinStatusFlag, new[] { ((int)HttpStatusCode.Unauthorized).ToString() }); } }