//[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel input)
{
if (ModelState.IsValid)
{
var credentials = _oAuthValidator.ValidateUser(input.Username, input.Password);
if (credentials != null)
{
var password = Crypto.HashPassword(input.Password);
var user = new Credentials { Username = input.Username, Password = password, Role = credentials.Role };
var identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, input.Username),
new Claim(ClaimTypes.Role, user.Role)
},
DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.Name, ClaimTypes.Role);
// tell OWIN the identity provider, optional
// identity.AddClaim(new Claim(IdentityProvider, "Simplest Auth"));
Authentication.SignIn(new AuthenticationProperties
{
IsPersistent = input.RememberMe
}, identity);
return RedirectToAction("Index", "Home");
}
ViewBag.LoginFailed = true;
}
return View("Login");
//return RedirectToAction("login");
}
public IHttpActionResult SaveCredentials(Credentials credentials)
{
if (ModelState.IsValid)
{
try
{
var isInsert = credentials.Id == 0;
credentials.Password = Crypto.HashPassword(credentials.Password);
if (isInsert)
{
_dbService.AddCredentials(credentials);
}
else
{
_dbService.UpdateCredentials(credentials);
}
return Ok(new ResponseData<Credentials> { Data = new List<Credentials> { credentials }, Done = true });
}
catch (Exception ex)
{
return Ok(new ResponseData<Credentials> { Data = null, Done = false, Message = ex.Message });
}
}
return Ok(new ResponseData<Credentials> { Data = null, Done = false, Message = "Model invalid" });
}
public WebClientSampleCode(string baseUrl, string endpointToken,
string endpointAllStudents, string endpointStudentByIdentity, string endpointStudentByStatetestnumber)
{
_baseUrl = baseUrl;
_endpointToken = endpointToken;
_endpointAllStudents = endpointAllStudents;
_endpointStudentByIdentity = endpointStudentByIdentity;
_endpointStudentByStatetestnumber = endpointStudentByStatetestnumber;
var oauthAccess = new OAuthAccess();
_credentials = oauthAccess.GetCredentials();
}
public void AddCredentials(Credentials credentials)
{
var sqlStatement = string.Format("INSERT INTO ServiceUser (username, password, role) VALUES ('{0}','{1}','{2}')",
credentials.Username,credentials.Password,credentials.Role);
try
{
_sqlDataAccess.ExecuteNonQuery(sqlStatement);
}
catch (Exception e)
{
// log error
throw;
}
}
public Credentials GetCredentials()
{
// todo: get credentials from db
var credentials = new Credentials { ClientId = "goalview", ClientSecret = "goalview", Username = "******", Password = "******" };
return credentials;
}
public void UpdateCredentials(Credentials credentials)
{
var sqlStatement = string.Format("UPDATE ServiceUser SET username = '******', password = '******', role = '{2}' WHERE id = {3} ",
credentials.Username, credentials.Password, credentials.Role,credentials.Id);
try
{
_sqlDataAccess.ExecuteNonQuery(sqlStatement);
}
catch (Exception e)
{
// log error
throw;
}
}