public ActionResult Login(LoginViewModel login) { var user = _userRepository.CheckPassword(login.Email, login.Password); if (user == null) { return(BadRequest(new[] { "Email or password invalid" })); } return(Ok(_accessRepository.Add(new Access { Token = Guid.NewGuid().ToString(), UserId = user.Id }))); }
public IActionResult Post([FromBody] AccessControlEntity value) { string currentUser = HttpContext.User.Identity.Name; if (!_securityRepository.UserIsAuthorisedByBuisnessAreas(HttpContext, AuthActions.Supervisor, value.BusinessArea)) { return(_securityRepository.Gate(GateType.Unathorised, AccessLogAction.ACECreate, currentUser, _object, string.Empty)); } _accessRepository.Add(value); _accessRepository.SaveChanges(); _securityRepository.LogUserAction(currentUser, AccessLogAction.ACECreate, value.Id, _object, true); _securityRepository.SaveChanges(); return(Ok(value)); }