//public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) //{ // context.OwinContext.Response.Headers.Add("access-control-allow-origin", new[] { "*" }); // //we check if the passed username and password are correct. // if (context.UserName == "user" && context.Password == "pwd") // { // System.Security.Claims.ClaimsIdentity ci = new System.Security.Claims.ClaimsIdentity("ci"); // //this indicates that user is valid one and can be issued a token. // //it has several overloads ,you can take what fits for you.I have used it with ClaimsIdentity // context.Validated(ci); // } // else // { // // a custom error message can be returned to client before rejecting the request. // context.SetError("Incorrect Credentials"); // context.Rejected(); // } // return ; //} public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { string allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Content-Type" }); UserRepository userrepo = new UserRepository(); try { Domain.Socioboard.Domain.User user = userrepo.GetUserInfo(context.UserName, Utility.MD5Hash(context.Password)); if (user != null) { Api.Socioboard.Helper.UserManager.User apiUser = new Api.Socioboard.Helper.UserManager.User(); apiUser.UserName = user.UserName; apiUser.EmailId = user.EmailId; apiUser.Id = user.Id; ClaimsIdentity identity = new ClaimsIdentity("User"); identity.AddClaim(new Claim(ClaimTypes.Name, apiUser.Id.ToString())); //foreach (string claim in user.Claims) //{ // identity.AddClaim(new Claim("Claim", claim)); //} var ticket = new AuthenticationTicket(identity, null); context.Validated(ticket); } else { context.SetError("Incorrect Credentials"); context.Rejected(); } }catch(Exception e){} }
//public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) //{ // context.OwinContext.Response.Headers.Add("access-control-allow-origin", new[] { "*" }); // //we check if the passed username and password are correct. // if (context.UserName == "user" && context.Password == "pwd") // { // System.Security.Claims.ClaimsIdentity ci = new System.Security.Claims.ClaimsIdentity("ci"); // //this indicates that user is valid one and can be issued a token. // //it has several overloads ,you can take what fits for you.I have used it with ClaimsIdentity // context.Validated(ci); // } // else // { // // a custom error message can be returned to client before rejecting the request. // context.SetError("Incorrect Credentials"); // context.Rejected(); // } // return ; //} public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { string allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Content-Type" }); UserRepository userrepo = new UserRepository(); try { Domain.Socioboard.Domain.User user = userrepo.GetUserInfo(context.UserName, Utility.MD5Hash(context.Password)); if (user != null) { Api.Socioboard.Helper.UserManager.User apiUser = new Api.Socioboard.Helper.UserManager.User(); apiUser.UserName = user.UserName; apiUser.EmailId = user.EmailId; apiUser.Id = user.Id; ClaimsIdentity identity = new ClaimsIdentity("User"); identity.AddClaim(new Claim(ClaimTypes.Name, apiUser.Id.ToString())); //foreach (string claim in user.Claims) //{ // identity.AddClaim(new Claim("Claim", claim)); //} var ticket = new AuthenticationTicket(identity, null); context.Validated(ticket); } else { context.SetError("Incorrect Credentials"); context.Rejected(); } }catch (Exception e) {} }