string IAuthentication.SignIn(TokenJWTSecret token) { Claim[] arrClaim = new Claim[] { new Claim(JwtClaimTypes.EmpCode, token.sEmployeeCode), new Claim(JwtClaimTypes.UnitCode, token.sUnitCode), new Claim(JwtClaimTypes.RoleID, token.nRoleID + ""), new Claim(JwtClaimTypes.IsRightToRequest, token.isRightToRequest ? "1" : "0"), new Claim(JwtClaimTypes.Name, token.sName), new Claim(JwtClaimTypes.Position, token.sPosition), new Claim(JwtClaimTypes.Organization, token.sOrganization), new Claim(JwtClaimTypes.Email, token.sEmail), new Claim(JwtClaimTypes.EmpCode_MG1, token.sEmpCode_MG1), new Claim(JwtClaimTypes.EmpCode_MG2, token.sEmpCode_MG2), new Claim(JwtClaimTypes.EmpCode_MG3, token.sEmpCode_MG3), }; SymmetricSecurityKey sk = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(token.sSecretKey)); SigningCredentials credential = new SigningCredentials(sk, SecurityAlgorithms.HmacSha256); JwtSecurityToken st = new JwtSecurityToken( issuer: token.sIssuer, audience: token.sAudience, claims: arrClaim, expires: token.dTimeout, signingCredentials: credential ); return(new JwtSecurityTokenHandler().WriteToken(st)); }
public IActionResult SignIn(AuthenProperties props) { try { string sToken = ""; string sMessage = ""; var r = IConfig["AppSettings:BypassCode"] == props.sPassword ? new IProcessResult() { Success = true } : PISFunction.LDAP_Connect("ptt", props.sUsername, props.sPassword); if (r.Success) { TokenJWTSecret tk = null; var emp = pis.personel_info.FirstOrDefault(w => w.CODE == props.sUsername); if (emp != null) { bool isGSP = IsGSP(emp.UNITCODE); int nRoleID = 0; var lstUser = db.TB_User .Where(w => !w.IsDel && w.IsActive && ((w.sEmployeeID == emp.CODE && w.sOrgID == emp.UNITCODE) || w.sEmpCode_MG == emp.CODE)) .Select(s => new { s.sEmployeeID, s.nRoleID }).ToList(); var usr = lstUser.FirstOrDefault(w => w.sEmployeeID == emp.CODE); if (usr != null) { nRoleID = usr.nRoleID; } if (isGSP || lstUser.Any()) { tk = new TokenJWTSecret(); tk.sEmployeeCode = emp.CODE; tk.sUnitCode = emp.UNITCODE; tk.nRoleID = nRoleID; tk.isRightToRequest = isGSP || nRoleID == 3; tk.sName = emp.FNAME + " " + emp.LNAME; tk.sEmail = emp.EmailAddr; var pos = pis.position.FirstOrDefault(w => w.poscode == emp.POSCODE); tk.sPosition = pos != null ? pos.AB_NAME : emp.POSNAME; var unit = pis.unit.FirstOrDefault(w => w.unitcode == emp.UNITCODE); tk.sOrganization = unit != null ? unit.unitabbr : ""; List <string> lstBand_Allow = new List <string>() { "AA", "AB", "AC0", "AC1", "AD" }; var lstEmpCode_ReportTo = PISFunction.RepInfo.AllReportTo(emp.CODE, pis) .Where(w => w.sEmpCode != emp.CODE && lstBand_Allow.Contains(w.sBand)) .Select(s => s.sEmpCode).ToList(); int nEmp_ReportTo = lstEmpCode_ReportTo.Count; tk.sEmpCode_MG1 = nEmp_ReportTo > 0 ? lstEmpCode_ReportTo[0] : emp.CODE; tk.sEmpCode_MG2 = nEmp_ReportTo > 1 ? lstEmpCode_ReportTo[1] : ""; tk.sEmpCode_MG3 = nEmp_ReportTo > 2 ? lstEmpCode_ReportTo[2] : ""; } } if (tk != null) { tk.sSecretKey = IConfig["jwt:Key"]; tk.sIssuer = IConfig["jwt:Issuer"]; tk.sAudience = IConfig["jwt:Audience"]; tk.dTimeout = DateTime.Now.AddMinutes(IConfig["jwt:Expire"].ToDouble()); sToken = IAuthen.SignIn(tk); } else { sMessage = "ไม่พบข้อมูลผู้ใช้งาน"; } } else { sMessage = "ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง"; } return(Ok(new { code = StatusCodes.Status200OK, token = sToken, message = sMessage })); } catch (Exception ex) { return(Ok(new { code = StatusCodes.Status404NotFound, message = ex })); } }