public static User GetCurrentUser(BSFinancialRepository repo)
{
string email = HttpContext.Current.User.Identity.GetUserName();
if (email != null && email != "")
{
//var email = userManager.FindByEmail()
var user = repo.GetUserByEmail(email);
return(user);
//IdentityUser identity = await UserManager.FindByIdAsync(accountId);
//if (identity == null)
//{
// return null;
//}
}
else
{
return(null);
}
//var currentUser = await db.Users.SingleOrDefaultAsync(e => e.AccountId == accountId);
//if (currentUser == null)
//{
// return null;
//}
//return new UserService(db, currentUser);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
;
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
BSFinancialRepository _repo = new BSFinancialRepository();
{
//var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(new ApplicationDbContext()));
IdentityUser user = await _repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"userName", context.UserName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
User client = null;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
//Remove the comments from the below line context.SetError, and invalidate context
//if you want to force sending clientId/secrects once obtain access tokens.
context.Validated();
//context.SetError("invalid_clientId", "ClientId should be sent.");
return(Task.FromResult <object>(null));
}
BSFinancialRepository _repo = new BSFinancialRepository();
client = _repo.FindUser(context.ClientId);
if (client == null)
{
context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", context.ClientId));
return(Task.FromResult <object>(null));
}
//context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
//context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
context.Validated();
return(Task.FromResult <object>(null));
}
public AccountController(BSFinancialRepository repo)
{
_repo = repo;
}
public ApplicationController(BSFinancialRepository repo)
{
_repo = repo;
}
public PaymentController(BSFinancialRepository repo)
{
_repo = repo;
}
public InquiryController(BSFinancialRepository repo)
{
_mail = new MailService();
_repo = repo;
}
public LoanController(BSFinancialRepository repo)
{
_repo = repo;
}