public ActionResult Login(LoginViewModel login)
{
var user = _userRepository.CheckPassword(login.Email, login.Password);
if (user == null)
{
return(BadRequest(new[] { "Email or password invalid" }));
}
return(Ok(_accessRepository.Add(new Access
{
Token = Guid.NewGuid().ToString(),
UserId = user.Id
})));
}
public IActionResult Post([FromBody] AccessControlEntity value)
{
string currentUser = HttpContext.User.Identity.Name;
if (!_securityRepository.UserIsAuthorisedByBuisnessAreas(HttpContext, AuthActions.Supervisor, value.BusinessArea))
{
return(_securityRepository.Gate(GateType.Unathorised, AccessLogAction.ACECreate, currentUser, _object, string.Empty));
}
_accessRepository.Add(value);
_accessRepository.SaveChanges();
_securityRepository.LogUserAction(currentUser, AccessLogAction.ACECreate, value.Id, _object, true);
_securityRepository.SaveChanges();
return(Ok(value));
}
