public List <UserProfile> UserRecords() { try { //var users = UserManager.Users.Include(t => t.Roles).Include(t => t.UserInfo).ToList(); var appUsers = new List <UserProfile>(); var connStr = ConfigurationManager.ConnectionStrings["crimsDbEntities"].ConnectionString;; var conn = new MySqlConnection(connStr); conn.Open(); var sql = $"SELECT t.*, o.*, r.* FROM aspnetusers t JOIN userprofiles o ON o.Id = t.UserInfo_Id JOIN aspnetuserroles r ON t.Id = r.UserId"; var cmd = new MySqlCommand(sql, conn); using (var rdr = cmd.ExecuteReader()) { while (rdr.Read()) { if (!rdr.HasRows) { continue; } var dateRegistered = Convert.ToDateTime(rdr["DateCreated"].ToString()); var lockoutEndDate = rdr["LockoutEndDateUtc"].ToString(); var lockoutEndDateUtc = !string.IsNullOrEmpty(lockoutEndDate) ? Convert.ToDateTime(lockoutEndDate) : new DateTime(); var accessFailedCount = rdr["AccessFailedCount"].ToString(); var lockOutEnabled = rdr["LockoutEnabled"].ToString(); var twoFactorEnabled = rdr["TwoFactorEnabled"].ToString(); var phoneNumberConfirmed = rdr["PhoneNumberConfirmed"].ToString(); var emailConfirmed = rdr["EmailConfirmed"].ToString(); var userid = rdr["Id"].ToString(); var newUser = new UserProfile { Id = rdr["UserInfo_Id"].ToString(), FullName = rdr["FullName"].ToString(), PhoneNumber = rdr["PhoneNumber"].ToString(), Sex = rdr["Sex"].ToString(), DateCreated = dateRegistered, Status = rdr["Status"].ToString(), AspNetUser = new AspNetUser { Id = userid, PasswordHash = rdr["PasswordHash"].ToString(), Email = rdr["Email"].ToString(), UserInfo_Id = rdr["UserInfo_Id"].ToString(), LockoutEndDateUtc = lockoutEndDateUtc, SecurityStamp = rdr["SecurityStamp"].ToString(), PhoneNumber = rdr["PhoneNumber"].ToString(), EmailConfirmed = Convert.ToBoolean(emailConfirmed), PhoneNumberConfirmed = Convert.ToBoolean(phoneNumberConfirmed), TwoFactorEnabled = Convert.ToBoolean(twoFactorEnabled), LockoutEnabled = Convert.ToBoolean(lockOutEnabled), AccessFailedCount = string.IsNullOrEmpty(accessFailedCount) && accessFailedCount != "0" ? Convert.ToInt32(accessFailedCount) : 0, UserName = rdr["UserName"].ToString(), AspNetUserRole = new AspNetUserRole { RoleId = rdr["RoleId"].ToString(), UserId = userid }, } }; appUsers.Add(newUser); } } if (!appUsers.Any()) { return(new List <UserProfile>()); } return(appUsers); } catch (Exception ex) { ErrorLogger.LogError(ex.StackTrace, ex.Source, ex.Message); return(new List <UserProfile>()); } }
public UserModel ApiLogin() { var userModel = new UserModel(); try { var credentials = Request.Content.ReadAsFormDataAsync().Result; var passwords = credentials.GetValues("password"); if (passwords == null) { userModel.Code = -1; userModel.Message = "Please provide your Password"; return(userModel); } var password = passwords[0]; var emails = credentials.GetValues("email"); if (emails == null) { userModel.Code = -1; userModel.Message = "Please provide your Email"; return(userModel); } var email = emails[0]; if (!email.Contains("@")) { userModel.Code = -1; userModel.Message = "Please provide a valid Email"; return(userModel); } if (!email.Contains(".")) { userModel.Code = -1; userModel.Message = "Please provide a valid Email"; return(userModel); } if (string.IsNullOrEmpty(password)) { userModel.Code = -1; userModel.Message = "Please provide your Password"; return(userModel); } var appUsers = new List <UserModel>(); var connStr = ConfigurationManager.ConnectionStrings["crimsDbEntities"].ConnectionString;; var conn = new MySqlConnection(connStr); conn.Open(); var sql = $"SELECT t.*, o.* FROM aspnetusers t JOIN userprofiles o ON o.Id = t.UserInfo_Id WHERE t.Email = '{email}'"; var cmd = new MySqlCommand(sql, conn); using (var rdr = cmd.ExecuteReader()) { while (rdr.Read()) { if (!rdr.HasRows) { continue; } var dateRegistered = Convert.ToDateTime(rdr["DateCreated"].ToString()); var newUser = new UserModel { UserId = rdr["Id"].ToString(), FullName = rdr["FullName"].ToString(), Email = rdr["Email"].ToString(), PhoneNumber = rdr["PhoneNumber"].ToString(), Sex = rdr["Sex"].ToString(), //Role = UserManager.GetRoles(rdr["Id"].ToString()).ToList()[0].Replace("_", " "), ProfileId = rdr["UserInfo_Id"].ToString(), DateCreated = dateRegistered, Status = rdr["Status"].ToString(), Hash = rdr["PasswordHash"].ToString() }; appUsers.Add(newUser); } } if (!appUsers.Any()) { userModel.Code = -1; userModel.Message = "The email provided is wrong"; return(userModel); } var user = appUsers[0]; var hasher = new PasswordHasher(); var passwordVerificationResult = hasher.VerifyHashedPassword(user.Hash, password); if (passwordVerificationResult == PasswordVerificationResult.Failed) { userModel.Code = -1; userModel.Message = "Wrong Password"; return(userModel); } userModel = user; userModel.Code = 5; userModel.Message = "Login was successful"; return(userModel); } catch (Exception ex) { userModel.Code = -1; userModel.Message = "Login attempt failed. Please try again or contact our support"; ErrorLogger.LogError(ex.StackTrace, ex.Source, ex.Message); return(userModel); } }