public async Task <bool> SignInUserForAdmin(HttpContext httpContext, int userId)
{
await httpContext.SignOutAsync();
RestAccess ra = new RestAccess(Constants.ServiceClientEndPointWithApiPrefix);
using (Db db = new Db())
{
var user = await db.TblUsers.FirstOrDefaultAsync(a => a.Id == userId);
if (user == null)
{
return(false);
}
ExUserAccountData ud = new ExUserAccountData {
UserId = user.Id, FirstName = user.Firstname, LastName = user.Lastname, IsAdmin = false, PhoneNumber = user.PhoneNumber
};
ClaimsIdentity identity = new ClaimsIdentity(GetUserClaims(ud), CookieAuthenticationDefaults.AuthenticationScheme);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);
}
return(true);
}
/// <summary>
/// Anmelden
/// </summary>
/// <param name="httpContext"></param>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="isPersistent"></param>
/// <returns></returns>
public async Task <bool> SignInAdmin(HttpContext httpContext, string username, string password, bool isPersistent = false)
{
try
{
RestAccess ra = new RestAccess(Constants.ServiceClientEndPointWithApiPrefix);
var user = await ra.UserCheck(username);
//if (user.Ok && user.Result != null && !user.Result.UserIsLocked && user.Result.UserId > 0)
if (username.ToLower() == "admin" && password == "[PASSWORT]")
{
//var hash = PasswordHelper.CumputeHash(password);
//var userAccountData = await ra.UserAccountData(new ExPostUserPasswortData {UserId = user.Result.UserId, PasswordHash = hash});
//if (userAccountData.Ok && userAccountData.Result != null && userAccountData.Result.UserAccountData != null)
var tmp = new ExUserAccountData
{
IsAdmin = true, FirstName = "Admin", LastName = "Admin", UserId = 1, PhoneNumber = "+43"
};
{
ClaimsIdentity identity = new ClaimsIdentity(GetUserClaims(tmp), CookieAuthenticationDefaults.AuthenticationScheme);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);
return(true);
}
}
}
catch (Exception)
{
return(false);
}
return(false);
}
private IEnumerable <Claim> GetUserClaims(ExUserAccountData user)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()),
new Claim(ClaimTypes.Name, user.FullName),
new Claim(ClaimTypes.Email, user.PhoneNumber)
};
claims.AddRange(GetUserRoleClaims(user));
return(claims);
}
private IEnumerable <Claim> GetUserRoleClaims(ExUserAccountData user)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()),
new Claim(ClaimTypes.Role, user.IsAdmin
? "Admin"
: user.IsDemoUser
? "Demo"
: "User")
};
return(claims);
}
public async Task <ExSaveDataResult> UserUpdate([FromBody] ExUserAccountData user)
{
ClaimsIdentity identity = null;
try
{
identity = HttpContext.User.Identity as ClaimsIdentity;
}
catch (Exception e)
{
Logging.Log.LogError("No Claims identity");
}
if (identity != null)
{
var claims = identity.Claims;
if (!identity.HasClaim(c => c.Type == "UserID"))
{
HttpContext.Response.StatusCode = Unauthorized().StatusCode;
return(null);
}
var userId = identity.HasClaim(c => c.Type == "UserID")
? identity.FindFirst("UserID").Value
: "a"; //BENUTZER ID
if (user.UserId.ToString() != userId)
{
HttpContext.Response.StatusCode = Unauthorized().StatusCode;
return(null);
}
}
else
{
HttpContext.Response.StatusCode = Unauthorized().StatusCode;
return(null);
}
Logging.Log.LogInfo($"UserUpdate {user.UserId}");
using (var db = new Db())
{
if (user.IsDemoUser)
{
return new ExSaveDataResult
{
Result = EnumSaveDataResult.Information,
Description = "Daten können nicht geändert werden.",
Caption = "Nicht möglich"
}
}
;
var data = await db.TblUsers.FirstOrDefaultAsync(u => u.Id == user.UserId);
if (data == null)
{
return new ExSaveDataResult
{
Result = EnumSaveDataResult.Error,
Description = "Account ungültig!",
Caption = "Fehler"
}
}
;
data.Firstname = user.FirstName;
data.Lastname = user.LastName;
data.Street = user.Street;
data.PostalCode = user.PostalCode;
data.City = user.City;
try
{
db.SaveChanges();
}
catch (Exception e)
{
Logging.Log.LogWarning($"UserDeviceUpdate Save: {e}");
return(ExSaveDataResult.GetDefaultSaveError());
}
return(ExSaveDataResult.GetDefaultSuccess());
}
}
/// <summary>
/// Benutzerstammdaten ändern
/// </summary>
/// <param name="user">Benutzerdaten</param>
/// <returns></returns>
public async Task <ResultData <ExSaveDataResult> > UserUpdate(ExUserAccountData user)
{
return(await _wap.Post <ExSaveDataResult>("UserUpdate", user));
}
