//public AuthService(IUnitOfWork unitOfWork)
//{
// this._unitOfWork = unitOfWork;
//}
public LogInStatus SignIn(LoginViewModel loginModel, bool rememberMe)
{
//User userDetail = _userRepository.GetUserWithUserName(loginModel.UserName);
UserAuthViewModel userDetail = _userRepository.GetUserDetailsByUserName(loginModel.UserName);
LogInStatus result = LogInStatus.Failure;
if (userDetail != null)
{
if (PasswordHelpers.ValidateUser(userDetail.PasswordFormat, loginModel.Password, userDetail.Password, userDetail.PasswordSalt))
{
string token = TokenManager.GenerateToken(userDetail, 30);
userDetail.Token = token;
SignInSucessfully(userDetail, rememberMe, loginModel.IpAddress);
result = LogInStatus.Success;
}
else
{
result = LogInStatus.Failure;
}
}
return(result);
}
//public SecurityFactorys(ICBSEntities context)
//{
// this.context = context;
//}
public LogInStatus CheckLogIn(LogOnModel entity)
{
LogInStatus _LogInStatus = new LogInStatus();
Dictionary <string, string> list = new Dictionary <string, string>();
Encription encription = new Encription();
try
{
_loginStatusFactory = new LoginStatusFactory();
_userFactory = new UserFactory();
//var data = _userFactory.GetAll().ToList();
//TBLA_USER_INFORMATION tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.IsActive == true && x.TBLB_COMPANY.Code.ToLower() == entity.Company.ToLower()).FirstOrDefault();
SEC_UserInformation tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.CompanyID == entity.CompanyID && x.BranchID == entity.BranchID && x.IsActive == true).FirstOrDefault();
if (tblUserInformation != null)
{
SEC_LoginStatus logInStatus = _loginStatusFactory.FindBy(x => x.UserID == tblUserInformation.ID).FirstOrDefault();
if (logInStatus != null)
{
if (logInStatus.ForcedLogOutStatus == true)
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "The Page is Under maintenance";
}
else
{
_userPasswordFactory = new UserPasswordFactory();
SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault();
if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim()))
{
{
list.Add("UserId", tblUserInformation.ID.ToString());
list.Add("UserName", tblUserInformation.UserName);
list.Add("Name", tblUserInformation.UserFullName);
list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString());
list.Add("UserCompany", tblUserInformation.CompanyID.ToString());
list.Add("UserBranch", tblUserInformation.BranchID.ToString());
_LogInStatus.IsAllowed = true;
_LogInStatus.Status = list;
_LogInStatus.Message = "Login Successfully";
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "Password or User Name does not match";
}
}
}
else
{
_userPasswordFactory = new UserPasswordFactory();
SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault();
if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim()))
{
{
list.Add("UserId", tblUserInformation.ID.ToString());
list.Add("UserName", tblUserInformation.UserName);
list.Add("Name", tblUserInformation.UserFullName);
list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString());
list.Add("UserCompany", tblUserInformation.CompanyID.ToString());
list.Add("UserBranch", tblUserInformation.BranchID.ToString());
_LogInStatus.IsAllowed = true;
_LogInStatus.Status = list;
_LogInStatus.Message = "Login Successfully";
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "Password or User Name not matching";
}
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "User are not exist";
}
return(_LogInStatus);
}
catch (Exception ex)
{
throw ex;
}
}
// POST: api/Login
public int Post([FromBody] UserModel value)
{
LogInStatus Flag = LogInStatus.OFF;
int level = 0;
using (OdbcConnection conn = new OdbcConnection(connectionString))
{
//logger.Debug(value.PW);
string pwHash = Tools.cryptoPW(value.PW);
OdbcCommand cmd = new OdbcCommand();
//logger.Debug(pwHash);
try
{
conn.Open();
cmd.Connection = conn;
cmd.CommandText = $"SELECT PW, LEVEL FROM MEMBER WHERE ID LIKE '{value.ID}'";
OdbcDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
if (reader[0].Equals(pwHash)) // 패스워드가 맞으면,, 히스토리 입력후 레벨 응답
{
level = (int)reader[1]; // level : 1(일반), 2(관리자), 3(슈퍼관리자)
Flag = LogInStatus.OK;
}
else
{
level = 0; //패스워드가 틀린경우
}
}
}
else
{
level = -1; // 사용자가 없는경우
}
reader.Close();
if (Flag == LogInStatus.OK)
{
cmd.CommandText = $"INSERT INTO HISTORY_SIGN_ON ( ID, IP) VALUES ('{value.ID}', '{value.IP}')";
cmd.ExecuteNonQuery();
}
}
catch (Exception ex)
{
logger.Error("Error Log In", ex);
level = -2; // 서버오류시
}
finally
{
try
{
if (conn != null)
{
conn.Dispose();
}
}
catch (Exception ex)
{
logger.Error("Error Closing DB Connection", ex);
}
}
}
return(level); // 에러 발생시
}
