public IActionResult Login([FromBody]JObject submitObj)
{
string email = (string)submitObj["email"];
string password = (string)submitObj["password"];
bool rememberMe = (bool)submitObj["rememberMe"];
SecurityManager secMan = new SecurityManager(service);
var user = secMan.GetUser(email, password);
var responseObj = new ResponseModel();
if (user != null)
{
if (user.Enabled == false)
{
responseObj.Success = false;
responseObj.Message = "Error while user authentication.";
var errorMsg = new ErrorModel();
errorMsg.Key = "Email";
errorMsg.Value = email;
errorMsg.Message = "User account is disabled.";
responseObj.Errors.Add(errorMsg);
responseObj.Object = new { token = "" };
}
else
{
responseObj.Object = null;
responseObj.Success = true;
responseObj.Timestamp = DateTime.UtcNow;
responseObj.Object = new { token = WebSecurityUtil.Login(HttpContext, user.Id, user.ModifiedOn, rememberMe, service) };
}
}
else
{
responseObj.Success = false;
responseObj.Message = "Login failed";
var errorMsg = new ErrorModel();
errorMsg.Key = "Email";
errorMsg.Value = email;
errorMsg.Message = "Invalid email or password";
responseObj.Errors.Add(errorMsg);
responseObj.Object = new { token = "" };
}
return DoResponse(responseObj);
}
internal static ErpIdentity CreateIdentity(Guid? userId)
{
SecurityManager secMan = new SecurityManager();
ErpUser user = secMan.GetUser(userId.Value);
if (user == null || !user.Enabled)
return null;
return new ErpIdentity { User = user };
}
