public async Task <IActionResult> Login(Credentials credentials)
{
if (!ModelState.IsValid)
{
LoginViewModel viewModel = new LoginViewModel
{
Credentials = credentials
};
return(View(viewModel));
}
else
{
User user = _usersRepo.GetUserByUsername(credentials.Username);
if (user == null)
{
ViewBag.WrongCredentials = true;
LoginViewModel viewModel = new LoginViewModel
{
Credentials = credentials
};
return(View(viewModel));
}
else
{
if (_cryptoManager.VerifyHash(credentials.Password, user.Password))
{
//bool saved = await SaveCookies(user);
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Role, user.IsAdmin ? "Administrador" : "Regular"),
new Claim(PermissionsEnum.CanApproveVacations.ToString(), user.Attorney.CanApproveVacations ? "true" : "false"),
new Claim(PermissionsEnum.CanAdminDeposits.ToString(), user.Attorney.CanAdminDeposits ? "true" : "false"),
new Claim(PermissionsEnum.CanBill.ToString(), user.Attorney.CanBill ? "true" : "false"),
new Claim(PermissionsEnum.CanPreBill.ToString(), user.Attorney.CanPreBill ? "true" : "false"),
new Claim(PermissionsEnum.CanReviewBillDetail.ToString(), user.Attorney.CanReviewBillDetail ? "true" : "false"),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
//AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
//ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
//IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. Required when setting the
// ExpireTimeSpan option of CookieAuthenticationOptions
// set with AddCookie. Also required when setting
// ExpiresUtc.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return(RedirectToAction("Index", "Home", new { area = "" }));
}
else
{
ViewBag.WrongCredentials = true;
LoginViewModel viewModel = new LoginViewModel
{
Credentials = credentials
};
return(View(viewModel));
}
}
}
}