public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var header = context.OwinContext.Response.Headers.SingleOrDefault(h => h.Key == "Access-Control-Allow-Origin");
if (header.Equals(default(KeyValuePair <string, string[]>)))
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
}
var form = await context.Request.ReadFormAsync();
var tenancyName = form["tenancyName"];
if (string.IsNullOrWhiteSpace(tenancyName))
{
context.SetError("invalid_company_id", "The company id is incorrect");
//await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, null, null, null);
return;
}
var tenant = await _tenantProvider.GetTenantByNameAsync(tenancyName);
if (tenant == null)
{
context.SetError("invalid_company_id", "The company id is incorrect");
//await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, null, null, null);
return;
}
var tenantId = tenant.Id;
var userManager = context.OwinContext.GetUserManager <UserManager>();
userManager.SetTenantId(tenantId);
User user = await userManager.FindAsync(tenantId, context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, null, null, null);
return;
}
//var referer = context.Request.Headers["Referer"];
//if (referer != null)
//{
// tenancyName = TenantHelper.GetTenantNameFromReferer(referer);
//}
if (!string.IsNullOrWhiteSpace(tenancyName) && user.TenantName.ToLower() != tenancyName)
{
context.SetError("others_tenant_user", "Login failed! You are not the user of current company.");
await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
return;
}
if (!user.IsActive)
{
context.SetError("user_inactive", "Login failed! You are not an active user. Please contact with administration.");
await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
return;
}
bool enableEmailConfirmation;
try
{
enableEmailConfirmation = Convert.ToBoolean(ConfigurationManager.AppSettings["Security:IsRequireEmailConfirmation"]);
if (Convert.ToBoolean(enableEmailConfirmation))
{
var isEmailConfirmed = await userManager.IsEmailConfirmedAsync(user.Id);
if (!isEmailConfirmed)
{
context.SetError("email_not_confirmed", "Your email is not confirmed.");
await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
return;
}
}
}
catch (Exception)
{
context.SetError("app_setting__read_error", "Failed to read email confirmation checking setting value.");
await _tenantProvider.SaveLoginAttempt(false, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
return;
}
//var tenant = await _tenantProvider.GetTenantAsync(user.TenantId);
if (!tenant.IsActive)
{
context.SetError("company_inactive", "Your company is not active yet.");
await _tenantProvider.SaveLoginAttempt(true, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
return;
}
var edition = await _tenantProvider.GetEditionAsync(tenant.EditionId);
//var anyActiveSubscription = await _tenantProvider.AnyActiveSubscription(user.TenantId);
//var anyUnpaidSubscription = await _tenantProvider.AnyUnpaidSubscription(user.TenantId);
//var allUnpaidSubscription = await _tenantProvider.AllUnpaidSubscription(user.TenantId);
//string lastPaymentStatus = await _tenantProvider.SubscriptionLastPaymentStatus(user.TenantId);
var session = _sessionProvider.GetCurrentUserSession(user.Id);
session.Application.IsEnableEmailActivation = enableEmailConfirmation;
user.LastLoginTime = DateTime.Now;
await userManager.UpdateAsync(user);
await _tenantProvider.SaveLoginAttempt(true, context.UserName, context.ErrorDescription, user.TenantId, user.CompanyId, user.Id);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
//AuthenticationProperties properties = CreateProperties(user.UserName);
var roles = await userManager.GetRolesAsync(user.Id);
AuthenticationProperties properties = CreateProperties(session); //user, roles, tenant, edition, anyActiveSubscription, anyUnpaidSubscription, allUnpaidSubscription, lastPaymentStatus, enableEmailConfirmation
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
