public async Task <ActionResult <UserToken> > LoginUsers(SystemUserPasswordsDto userPAssword)
{
if (!await _userPasswordRepository.ValidUserName(userPAssword.UserID))
{
return(new JsonErrorResult(new { Message = "Invalid User Name" }, HttpStatusCode.NotFound));
}
var systemUserPassword = await _userPasswordRepository.GetSystemUserPasswords(userPAssword.UserID);
using var hmac = new HMACSHA512(systemUserPassword.PasswordSalt);
var computedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(userPAssword.PasswordText));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != systemUserPassword.PasswordHash[i])
{
return(new JsonErrorResult(new { Message = "Passowrd Not Valid" }, HttpStatusCode.NotFound));
}
}
int systemuserid = _userPasswordRepository.GetSystemUserID(userPAssword.UserID);
await _userPasswordRepository.UserLoginTracker(systemuserid);
IEnumerable <MenuModelsDto> lnMenu = new List <MenuModelsDto>();
lnMenu = _userPasswordRepository.GetUserMenuRights(userPAssword.UserID).Result;
return(new UserToken
{
UserId = userPAssword.UserID,
Token = _tokenServiceRepository.CreateToken(userPAssword.UserID),
UserRights = lnMenu
});
}
public async Task <UserLoginResponse> Login(UserLoginModel model)
{
List <SqlParameter> parms = new List <SqlParameter>
{
new SqlParameter {
ParameterName = LoginStoredProcedure.StoredProcedureParameters[0].ToString(), Value = model.UserName.AsDbValue()
}
};
var result = await _tcContext.Set <LoginValidationResult>().FromSqlRaw(LoginStoredProcedure.Sql, parms.ToArray()).ToListAsync();
if (result.FirstOrDefault().Code == "1011")// password expired
{
var userLoginResponse = new UserLoginResponse()
{
UserName = model.UserName,
Token = _tokenServiceRepository.CreateToken(model.UserName)
};
throw new ServiceException(new ErrorMessage[]
{
new ErrorMessage()
{
Code = result.FirstOrDefault().Code,
Message = result.FirstOrDefault().Message,
Meta = userLoginResponse
}
});
}
if (string.IsNullOrEmpty(result.FirstOrDefault().Code))
{
var systemUserPassword = await _userPasswordRepository.GetSystemUserPasswords(model.UserName);
if (PasswordManager.IsValidPassword(systemUserPassword.PasswordSalt, systemUserPassword.PasswordHash, model.Password))
{
parms = new List <SqlParameter>
{
new SqlParameter {
ParameterName = LoginPermissionStoredProcedure.StoredProcedureParameters[0].ToString(), Value = model.UserName.AsDbValue()
}
};
var resultPermission = await _tcContext.Set <UserModulePermission>().FromSqlRaw(LoginPermissionStoredProcedure.Sql, parms.ToArray()).ToListAsync();
var userInfo = GetUserOtherInfo(model.UserName);
return(new UserLoginResponse()
{
UserName = model.UserName,
UserFirstName = userInfo.UserFirstName,
UserLastName = userInfo.UserLastName,
UserRole = userInfo.UserRole,
Token = _tokenServiceRepository.CreateToken(model.UserName),
Permissions = resultPermission
});
}
else
{
parms = new List <SqlParameter>
{
new SqlParameter {
ParameterName = LoginAttemptsUpdateStoredProcedure.StoredProcedureParameters[0].ToString(), Value = model.UserName.AsDbValue()
},
new SqlParameter {
ParameterName = LoginAttemptsUpdateStoredProcedure.StoredProcedureParameters[1].ToString(), Value = 0
}
};
await _tcContext.Set <LoginValidationResult>().FromSqlRaw(LoginAttemptsUpdateStoredProcedure.Sql, parms.ToArray()).ToListAsync();
throw new ServiceException(new ErrorMessage[]
{
new ErrorMessage()
{
Code = "1010",
Message = "Invalid Password"
}
});
}
}
throw new ServiceException(new ErrorMessage[]
{
new ErrorMessage()
{
Code = result.FirstOrDefault().Code,
Message = result.FirstOrDefault().Message
}
});
}