//public AuthService(IUnitOfWork unitOfWork) //{ // this._unitOfWork = unitOfWork; //} public LogInStatus SignIn(LoginViewModel loginModel, bool rememberMe) { //User userDetail = _userRepository.GetUserWithUserName(loginModel.UserName); UserAuthViewModel userDetail = _userRepository.GetUserDetailsByUserName(loginModel.UserName); LogInStatus result = LogInStatus.Failure; if (userDetail != null) { if (PasswordHelpers.ValidateUser(userDetail.PasswordFormat, loginModel.Password, userDetail.Password, userDetail.PasswordSalt)) { string token = TokenManager.GenerateToken(userDetail, 30); userDetail.Token = token; SignInSucessfully(userDetail, rememberMe, loginModel.IpAddress); result = LogInStatus.Success; } else { result = LogInStatus.Failure; } } return(result); }
//public SecurityFactorys(ICBSEntities context) //{ // this.context = context; //} public LogInStatus CheckLogIn(LogOnModel entity) { LogInStatus _LogInStatus = new LogInStatus(); Dictionary <string, string> list = new Dictionary <string, string>(); Encription encription = new Encription(); try { _loginStatusFactory = new LoginStatusFactory(); _userFactory = new UserFactory(); //var data = _userFactory.GetAll().ToList(); //TBLA_USER_INFORMATION tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.IsActive == true && x.TBLB_COMPANY.Code.ToLower() == entity.Company.ToLower()).FirstOrDefault(); SEC_UserInformation tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.CompanyID == entity.CompanyID && x.BranchID == entity.BranchID && x.IsActive == true).FirstOrDefault(); if (tblUserInformation != null) { SEC_LoginStatus logInStatus = _loginStatusFactory.FindBy(x => x.UserID == tblUserInformation.ID).FirstOrDefault(); if (logInStatus != null) { if (logInStatus.ForcedLogOutStatus == true) { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "The Page is Under maintenance"; } else { _userPasswordFactory = new UserPasswordFactory(); SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault(); if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim())) { { list.Add("UserId", tblUserInformation.ID.ToString()); list.Add("UserName", tblUserInformation.UserName); list.Add("Name", tblUserInformation.UserFullName); list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString()); list.Add("UserCompany", tblUserInformation.CompanyID.ToString()); list.Add("UserBranch", tblUserInformation.BranchID.ToString()); _LogInStatus.IsAllowed = true; _LogInStatus.Status = list; _LogInStatus.Message = "Login Successfully"; } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "Password or User Name does not match"; } } } else { _userPasswordFactory = new UserPasswordFactory(); SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault(); if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim())) { { list.Add("UserId", tblUserInformation.ID.ToString()); list.Add("UserName", tblUserInformation.UserName); list.Add("Name", tblUserInformation.UserFullName); list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString()); list.Add("UserCompany", tblUserInformation.CompanyID.ToString()); list.Add("UserBranch", tblUserInformation.BranchID.ToString()); _LogInStatus.IsAllowed = true; _LogInStatus.Status = list; _LogInStatus.Message = "Login Successfully"; } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "Password or User Name not matching"; } } } else { _LogInStatus.IsAllowed = false; _LogInStatus.Message = "User are not exist"; } return(_LogInStatus); } catch (Exception ex) { throw ex; } }
// POST: api/Login public int Post([FromBody] UserModel value) { LogInStatus Flag = LogInStatus.OFF; int level = 0; using (OdbcConnection conn = new OdbcConnection(connectionString)) { //logger.Debug(value.PW); string pwHash = Tools.cryptoPW(value.PW); OdbcCommand cmd = new OdbcCommand(); //logger.Debug(pwHash); try { conn.Open(); cmd.Connection = conn; cmd.CommandText = $"SELECT PW, LEVEL FROM MEMBER WHERE ID LIKE '{value.ID}'"; OdbcDataReader reader = cmd.ExecuteReader(); if (reader.HasRows) { while (reader.Read()) { if (reader[0].Equals(pwHash)) // 패스워드가 맞으면,, 히스토리 입력후 레벨 응답 { level = (int)reader[1]; // level : 1(일반), 2(관리자), 3(슈퍼관리자) Flag = LogInStatus.OK; } else { level = 0; //패스워드가 틀린경우 } } } else { level = -1; // 사용자가 없는경우 } reader.Close(); if (Flag == LogInStatus.OK) { cmd.CommandText = $"INSERT INTO HISTORY_SIGN_ON ( ID, IP) VALUES ('{value.ID}', '{value.IP}')"; cmd.ExecuteNonQuery(); } } catch (Exception ex) { logger.Error("Error Log In", ex); level = -2; // 서버오류시 } finally { try { if (conn != null) { conn.Dispose(); } } catch (Exception ex) { logger.Error("Error Closing DB Connection", ex); } } } return(level); // 에러 발생시 }