public ActionResult Register(user_login user_Login)
{
try
{
using (var db = new HRISContext())
{
var chkUser = (from s in db.user_login where s.user_id == user_Login.user_id select s).FirstOrDefault();
if (chkUser == null)
{
var keyNew = PasswordHashHelper.GeneratePassword(10);
var pass = PasswordHashHelper.EncodePassword(user_Login.password, keyNew);
user_Login.password = pass;
user_Login.vcode = keyNew;
db.user_login.Add(user_Login);
db.SaveChanges();
ModelState.Clear();
return(RedirectToAction("LogIn", "Login"));
}
ViewBag.ErrorMessage = "User Already Exixts!";
return(View());
}
}
catch (Exception e)
{
ViewBag.ErrorMessage = "Some exception occured" + e;
return(View());
}
}
public ActionResult Create(user_login user_Login)
{
try
{
var check = (from s in db.user_login where s.user_id == user_Login.user_id select s).FirstOrDefault();
if (check == null)
{
var keyNew = PasswordHashHelper.GeneratePassword(10);
var pass = PasswordHashHelper.EncodePassword(user_Login.user_id + DateTime.Now.Year.ToString(), keyNew);
user_login _Login = new user_login
{
user_id = user_Login.user_id,
password = pass,
vcode = keyNew,
role = user_Login.role,
status = user_Login.status,
date_created = DateTime.Now
};
karyawan karyawan = new karyawan
{
user_id = _Login.user_id
};
db.user_login.Add(_Login);
db.karyawan.Add(karyawan);
db.SaveChanges();
ModelState.Clear();
return(Json("0", JsonRequestBehavior.AllowGet));
}
return(Json("1", JsonRequestBehavior.AllowGet));
}
catch (DbEntityValidationException e)
{
return(Json("2", JsonRequestBehavior.AllowGet));
}
}
public ActionResult Index(user_login user_Login)
{
try
{
using (var db = new HRISContext())
{
var user = db.user_login.FirstOrDefault(m => m.user_id == user_Login.user_id);
if (user != null)
{
var hashCode = user.vcode;
var encodingPasswordString = PasswordHashHelper.EncodePassword(user_Login.password, hashCode);
var query = db.karyawan
.Join(db.user_login, k => k.user_id, u => u.user_id, (k, u) => new { k, u })
.Where(x => x.u.user_id == user_Login.user_id && x.u.password.Equals(encodingPasswordString))
.Select(x => new { x.k.user_id, x.k.karyawan_id, x.u.status })
.FirstOrDefault();
if (query != null)
{
if (query.status)
{
Session["user_id"] = query.user_id;
Session["emp_id"] = query.karyawan_id;
var emp_id = (int)Session["emp_id"];
var hist_kary = db.hist_karyawan
.OrderByDescending(x => x.tgl_mulai)
.Where(x => x.karyawan_id == emp_id)
.Select(x => new { x.gol_jabatan_id, x.divisi_id })
.Take(1)
.FirstOrDefault();
Session["pos"] = hist_kary.gol_jabatan_id != null ? hist_kary.gol_jabatan_id : -1;
Session["divisi_id"] = hist_kary.divisi_id != null ? hist_kary.divisi_id : -1;
async.UpdateWorkdaysAndAge(emp_id);
if (user.role == "superuser")
{
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
else
{
return(RedirectToAction("Index", "Home", new { area = "Employee" }));
}
}
else
{
ViewBag.ErrorMsg = "Your account has not been activated. Please contact administrator.";
return(View());
}
}
ViewBag.ErrorMsg = "Invalid username or password";
return(View());
}
ViewBag.ErrorMsg = "Invalid username or password";
return(View());
}
}
catch (DataException e)
{
ViewBag.ErrorMsg = "Error :" + e.Message;
return(View());
}
}
public override async Task HandleTokenRequest(HandleTokenRequestContext context)
{
var username = context.Request.Username;
var password = context.Request.Password;
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
CreateInvalidGrantResponse(context);
return;
}
Users user = null;
var security = (SecurityContext)context.HttpContext.RequestServices.GetService(typeof(SecurityContext));
var userQuery = from u in security.Users
where u.Username == username && (u.IsActive ?? false)
select u;
user = await userQuery.FirstOrDefaultAsync();
if (user == null)
{
CreateInvalidGrantResponse(context);
return;
}
var salt = user.Salt;
var userPasswordHash = user.Password;
var enteredPasswordHash = PasswordHashHelper.EncodePassword(password, salt);
if (!userPasswordHash.Equals(enteredPasswordHash))
{
CreateInvalidGrantResponse(context);
return;
}
var identity = new ClaimsIdentity(context.Scheme.Name,
OpenIdConnectConstants.Claims.Name,
OpenIdConnectConstants.Claims.Role);
identity.AddClaim(ClaimTypes.NameIdentifier, user.Id.ToString("N"),
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim(OpenIdConnectConstants.Claims.Subject, user.Id.ToString("N"),
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim(ClaimTypes.Name, user.Username,
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim(ClaimTypes.Uri, "https://abs.twimg.com/sticky/default_profile_images/default_profile_400x400.png",
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
context.Scheme.Name);
ticket.SetScopes(
OpenIdConnectConstants.Scopes.Profile,
OpenIdConnectConstants.Scopes.OfflineAccess);
context.Validate(ticket);
}