Exemplo n.º 1
0
        public IProfileDto GetUserInfo(Guid userId)
        {
            var panelUser = _panelRepository.FindUser(userId).Result;

            return(new ProfileDto
            {
                LastName = panelUser.LastName,
                FirstName = panelUser.FirstName,
                Roles = _panelRepository.GetUserRoles(panelUser).Result,
                UserId = Guid.Parse(panelUser.Id),
                MobileNumber = panelUser.PhoneNumber,
                Email = panelUser.Email,
                NationalCode = panelUser.NationalCode
            });
        }
Exemplo n.º 2
0
        /// <summary>
        /// دریافت اطلاعات کاربر
        /// </summary>
        /// <param name="userId"></param>
        /// <returns></returns>
        public IProfileDto GetUserInfo(Guid userId)
        {
            var applicationUser = _repository.FindUser(userId).Result;

            return(new ProfileDto
            {
                Roles = _repository.GetUserRoles(applicationUser).Result,
                UserId = Guid.Parse(applicationUser.Id),
                FirstName = applicationUser.FirstName,
                LastName = applicationUser.LastName
            });
        }
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            try
            {
                _panelRepository = Bootstrapper.WindsorContainer.Resolve <IPanelRepository>();
                string deviceId      = context.OwinContext.Get <string>("as:device_id");
                var    allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
                if (allowedOrigin == null)
                {
                    allowedOrigin = "*";
                }
                context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });

                var client = _repository.FindClient(context.ClientId);
                if (client == null)
                {
                    context.SetError("invalid_clientId", $"Client '{context.ClientId}' is not registered in the system.");
                    return;
                }
                if (client.ApplicationType == ApplicationType.JavaScript)
                {
                    var user = await _panelRepository.FindUser(context.UserName, context.Password);

                    if (user == null)
                    {
                        context.SetError("invalid_grant", "The user name or password is incorrect.");
                        return;
                    }
                    var roles = await _panelRepository.GetUserRoles(user);

                    var identity = new ClaimsIdentity(context.Options.AuthenticationType);
                    identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                    identity.AddClaim(new Claim("FirstName", user.FirstName));
                    identity.AddClaim(new Claim("LastName", user.LastName));
                    identity.AddClaim(new Claim("UserId", user.Id));
                    foreach (var role in roles)
                    {
                        identity.AddClaim(new Claim(ClaimTypes.Role, role));
                    }
                    var props = new AuthenticationProperties(new Dictionary <string, string>
                    {
                        {
                            "as:client_id", context.ClientId ?? string.Empty
                        },
                        {
                            "userId", user.Id
                        },
                        {
                            "firstName", user.FirstName
                        },
                        {
                            "lastName", user.LastName
                        }
                    });
                    var ticket = new AuthenticationTicket(identity, props);
                    context.Validated(ticket);
                }
                else if (client.ApplicationType == ApplicationType.CustomerUserApp || client.ApplicationType == ApplicationType.ShopUserApp)
                {
                    var appUser  = _userManager.Users.SingleOrDefault(item => item.PhoneNumber == context.UserName);
                    var rolesApp = await _repository.GetUserRoles(appUser);

                    if (appUser == null)
                    {
                        context.SetError("invalid_grant", "کاربر یافت نشد");
                        return;
                    }

                    switch (client.ApplicationType)
                    {
                    case ApplicationType.CustomerUserApp:
                    {
                        if (!appUser.CustomerIsActive)
                        {
                            context.SetError("invalid_grant", "کاربر غیرفعال می باشد");
                        }
                        break;
                    }

                    case ApplicationType.ShopUserApp:
                    {
                        if (!appUser.ShopIsActive)
                        {
                            context.SetError("invalid_grant", "کاربر غیرفعال می باشد");
                        }
                        break;
                    }
                    }

                    await VerifyPhoneNumber(appUser, context.Password, context.UserName);

                    var identityApp = new ClaimsIdentity(context.Options.AuthenticationType);
                    identityApp.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                    identityApp.AddClaim(new Claim("UserId", appUser.Id));
                    identityApp.AddClaim(new Claim("MobileNumber", appUser.PhoneNumber));
                    identityApp.AddClaim(new Claim("DeviceId", deviceId));
                    identityApp.AddClaim(new Claim("ShopIsActive", appUser.ShopIsActive.ToString()));
                    identityApp.AddClaim(new Claim("CustomerIsActive", appUser.CustomerIsActive.ToString()));
                    identityApp.AddClaim(new Claim("RegisterDate", appUser.RegisterDate.ToString()));
                    foreach (var role in rolesApp)
                    {
                        identityApp.AddClaim(new Claim(ClaimTypes.Role, role));
                    }
                    var appProps = new AuthenticationProperties(new Dictionary <string, string>
                    {
                        {
                            "as:client_id", context.ClientId ?? string.Empty
                        },
                        {
                            "userId", appUser.Id
                        },
                        {
                            "mobileNumber", appUser.PhoneNumber
                        }
                    });
                    var appTicket = new AuthenticationTicket(identityApp, appProps);
                    context.Validated(appTicket);
                }
            }
            catch (Exception e)
            {
                context.SetError("invalid_grant", e.Message);
            }
        }