public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); //Allow CORS (cross-site requests) using (AuthRepository _repo = new AuthRepository()) { IdentityUser user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } //return identity object based on their user,role in db var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); //can add more claims, but token size will increase context.Validated(identity); //generates the token based on identity }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (AuthRepository _repo = new AuthRepository()) { IdentityUser user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); context.Validated(identity); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (var _repo = new AuthRepository()) { IdentityUser user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); context.Validated(identity); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin"); if (allowedOrigin == null) allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); using (AuthRepository _repo = new AuthRepository()) { IdentityUser user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim(ClaimTypes.Role, "user")); identity.AddClaim(new Claim("sub", context.UserName)); var props = new AuthenticationProperties(new Dictionary<string, string> { { "as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId }, { "userName", context.UserName } }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); }
// // GET api/<controller>/5 // public IEnumerable<string> Get(int id) // { // } // POST api/<controller> public async Task <IHttpActionResult> Enroll([FromBody] Campaign customer)//void Post([FromBody]string value) //async Task<IHttpActionResult> Register(UserModel userModel) { //Campaign cmpn = new Campaign() { ID = customer.ID, PrntID = customer.PrntID, Phone = customer.Phone, Email = customer.Email }; //var cvid = Int32.Parse(externalLogin.Viid); //ObjectResult objRslt = ctx.usp_insertCustomer(customer.ID,customer.Name,customer.PrntID,customer.PassPrnt,customer.Email,customer.Phone); var check1 = _repo2.Campaigns.SingleOrDefault(email => email.Email == customer.Email); if (check1 != null) { var Content = "This Vi email address " + customer.Email.ToString() + " already exists in the database."; //}; return(BadRequest(Content)); } var check = _repo2.Campaigns.Find(customer.ID); if (check == null) { ObjectResult objRslt = ctx.usp_insertCustomer(customer.ID, customer.Name, customer.PrntID, customer.PassPrnt, customer.Email, customer.Phone); var check2 = _repo2.Campaigns.Find(customer.ID); if (check2 != null) { var Content = "Success!"; UserModel um = new UserModel(); um.UserName = customer.Email; um.Password = customer.ID.ToString(); um.ConfirmPassword = customer.ID.ToString(); IdentityResult result = await _repo.RegisterUser(um); IdentityUser user = await _repo.FindUser(um.UserName, um.Password); user.Email = check2.Email; user.EmailConfirmed = true; result = await _repo.UpdateUser(user); var check3 = _repo2.Campaigns.Find(customer.PrntID); if (check3 != null) { check3.TokenID = ""; } _repo2.SaveChanges(); await SendSG(customer); return(Ok(Content)); } else { var Content = "This Vi customer ID " + customer.ID.ToString() + " did not save to the database."; //}; return(BadRequest(Content)); } //customer.StartDate = DateTime.Now; //customer.Rank = "Customer"; //Campaign success = _repo2.Campaigns.Add(customer); //_repo2.SaveChanges(); //HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, customer); //return Ok(); } else { //var message = new HttpResponseMessage(HttpStatusCode.BadRequest) //{ var Content = "This Vi customer ID " + customer.ID.ToString() + " already exists in the database."; //}; return(BadRequest(Content)); //throw new HttpResponseException(message); //return new HttpResponseMessage(HttpStatusCode.NotModified); } //return Ok(); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { IdentityUser user; //var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin"); //if (allowedOrigin == null) allowedOrigin = "*"; //context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); using (var repo = new AuthRepository()) { user = await repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var ticket = _authenticationTicketCreator.CreateTicket(user, context.ClientId); context.Validated(ticket); }