public ApiResult <UserInfo> Login(UserPostLogin item)
{
var result = new ApiResult <UserInfo>();
try
{
DbProvider.SetCommandText2("sp_User_Login", CommandType.StoredProcedure);
// Input parameter
DbProvider.AddParameter("Email", item.Email, SqlDbType.NVarChar);
// Output parameter
DbProvider.AddParameter("ErrCode", DBNull.Value, SqlDbType.Int, ParameterDirection.Output);
DbProvider.AddParameter("ReturnMsg", DBNull.Value, SqlDbType.NVarChar, 1000, ParameterDirection.Output);
// Xử lý thủ tục và kết quả trả về từ DB
result.Data = DbProvider.ExecuteObject <UserInfo>();
string errorCode = DbProvider.Command.Parameters["ErrCode"].Value.ToString();
if (!errorCode.Equals(Constants.SUCCESS))
{
result.Failed(new ErrorObject()
{
Code = DbProvider.Command.Parameters["ErrCode"].Value.ToString(),
Description = DbProvider.Command.Parameters["ReturnMsg"].Value.ToString()
});
}
}
catch (Exception ex)
{
result.Failed(new ErrorObject()
{
Code = Constants.ERR_EXCEPTION,
Description = ex.Message
});
}
return(result);
}
public IHttpActionResult Login(UserPostLogin item)
{
var Rs = new ApiResult <UserResult>();
try
{
if (string.IsNullOrEmpty(item.Email))
{
Rs.Failed(new ErrorObject()
{
Code = "1",
Description = "Chưa nhập Email"
});
}
if (string.IsNullOrEmpty(item.Password))
{
Rs.Failed(new ErrorObject()
{
Code = "2",
Description = "Chưa nhập Password"
});
}
if (Rs.Errors.Count > 0)
{
return(Content(HttpStatusCode.Unauthorized, Rs));
}
var Login = userDAL.Login(item);
if (Login.Succeeded && Login.Data != null)
{
if (Libs.GetMd5(item.Password + EncryptCore.PassKey) != Login.Data.Password)
{
Rs.Failed(new ErrorObject
{
Code = "400",
Description = "Sai Mật Khẩu"
});
return(Content(HttpStatusCode.Unauthorized, Rs));
}
Random rnd = new Random();
int RndNumber = rnd.Next(1, 9999);
var TokenCode = "";
var User = Login.Data;
if (User.EmailConfirmed > 0)
{
TokenCode = EncryptCore.Md5Get(item.Email + User.Id + EncryptCore.PassKey + DateTime.Now.ToString("ddMMyyyyhhmmss") + RndNumber);
}
else
{
Rs.Failed(new ErrorObject
{
Code = "EMAIL_NOT_CONFIRM",
Description = "Email is not comfirmed"
});
}
var UserInf = new UserResult()
{
Id = User.Id,
Email = User.Email,
AccessToken = TokenCode,
FirstName = User.FirstName,
LastName = User.LastName,
PhoneNumber = User.PhoneNumber,
Address = User.Address,
DistrictCode = User.DistrictCode,
ProvinceCode = User.ProvinceCode,
RoleDesc = User.RoleDesc,
RoleId = User.RoleId,
UserAvatar = User.UserAvatar,
EmailConfirmed = User.EmailConfirmed
};
CacheUtil.InsertCacheObject(TokenCode, UserInf, 60 * 24 * 30);
Rs.Data = UserInf;
return(Content(HttpStatusCode.OK, Rs));
}
else
{
Rs.Failed(new ErrorObject
{
Code = Login.Errors[0].Code,
Description = Login.Errors[0].Description
});
return(Content(HttpStatusCode.BadRequest, Rs));
}
}
catch (Exception ex)
{
Rs.Failed(new ErrorObject()
{
Code = Constants.ERR_EXCEPTION,
Description = ex.ToString()
});
return(Content(HttpStatusCode.Unauthorized, Rs));
}
}
