public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); var userManager = context.OwinContext.GetUserManager <ApplicationUserManager>(); var loginVM = new LoginAC(); loginVM.Email = context.UserName.Trim().ToLower(); loginVM.Password = context.Password.Trim(); AccountRepository _accountRepository = new AccountRepository(); var currentUser = await Task.Run(() => { return(_accountRepository.ValidateUserAsync(loginVM)); }); if (currentUser.StatusCode == (int)EnumList.ResponseType.Success) { UserTokenAC userData = (UserTokenAC)currentUser.Data; var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userData.Id.ToString())); identity.AddClaim(new Claim("FullName", userData.FullName)); identity.AddClaim(new Claim("Email", userData.Email)); AuthenticationProperties properties = CreateProperties(userData.Id.ToString(), userData.FullName, userData.Email); AuthenticationTicket ticket = new AuthenticationTicket(identity, properties); context.Validated(ticket); } else { context.SetError("invalid_grant", currentUser.Message); } }
public async Task <BaseResponseModel> ValidateUserAsync(LoginAC loginAC) { BaseResponseModel baseResponseModel = new BaseResponseModel(); UserTokenAC userTokenAC = new UserTokenAC(); using (IDbConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString)) { try { var existingUserQuery = "select * from AspNetUsers where Email='" + loginAC.Email + "'"; var userData = connection.Query(existingUserQuery).FirstOrDefault(); if (userData != null) { if (PasswordHashUtill.VerifyHashedPassword(userData.PasswordHash, loginAC.Password)) { userTokenAC.Id = userData.Id; userTokenAC.FullName = userData.UserName; userTokenAC.Email = userData.Email; baseResponseModel.StatusCode = (int)EnumList.ResponseType.Success; baseResponseModel.Data = userTokenAC; } else { baseResponseModel.Message = StringConstant.InvalidPassword; baseResponseModel.StatusCode = (int)EnumList.ResponseType.Error; baseResponseModel.Data = null; } } else { baseResponseModel.Message = StringConstant.LoginCredentailWrong; baseResponseModel.StatusCode = (int)EnumList.ResponseType.Error; baseResponseModel.Data = null; } return(baseResponseModel); } catch (Exception ex) { throw; } } }
public async Task <IActionResult> Login(LoginAC model) { if (ModelState.IsValid) { var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password , model.RememberMe , false); if (result.Succeeded) { return(RedirectToAction("Index")); } ModelState.AddModelError("", "Invalid Login Attempt"); } return(View(model)); }
public async Task <IActionResult> Post([FromBody] LoginAC loginAC) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await unitOfWork.User.GetClaimsIdentity(loginAC.Email, loginAC.Password); var userEmail = await _userManager.FindByEmailAsync(loginAC.Email); var y = await _userManager.GetRolesAsync(userEmail); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid email or password.", ModelState))); } var jwt = await Tokens.GenerateJwt(userEmail, y, identity, _jwtFactory, loginAC.Email, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); }
public async Task <IActionResult> Login([FromBody] LoginAC loginAC) { LoginReponseAC loginResponseAc = new LoginReponseAC(); try { var userexists = await _iAccountRepository.checkEmployeeIsActive(loginAC.EmailOrPfNumber); if (userexists != null) { if (userexists.IsActive) { var user = await _iAccountRepository.GetEmployeeBy(loginAC.EmailOrPfNumber); if (user != null) { if (await _iAccountRepository.CheckUserCredentail(user.EmailId, user.EmpPfnumber, loginAC.Password)) { var claims = new[] { new Claim("user_id", user.UserId.ToString()), new Claim("role_id", user.RoleId.ToString()), new Claim("fullname", user.FullName), }; var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SigninKey"])); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var tokeOptions = new JwtSecurityToken( issuer: Configuration["Issuer"], audience: Configuration["Audience"], claims: claims, expires: DateTime.Now.AddMinutes(60), signingCredentials: signinCredentials ); await _iLogManagement.SaveAuditActionLog((int)EnumList.AuditLogActionType.Login, user.FullName, user.UserId, "", (int)EnumList.ActionTemplateTypes.Login, user.UserId); loginResponseAc.RoleId = user.RoleId; loginResponseAc.AccessToken = new JwtSecurityTokenHandler().WriteToken(tokeOptions); loginResponseAc.StatusCode = Convert.ToInt32(EnumList.ResponseType.Success); } else { loginResponseAc.StatusCode = Convert.ToInt32(EnumList.ResponseType.Error); loginResponseAc.Message = _iStringConstant.LoginCredentailWrong; } } else { loginResponseAc.StatusCode = Convert.ToInt32(EnumList.ResponseType.NotFound); loginResponseAc.Message = _iStringConstant.EmailOrPfNumberNotValid; } } else { loginResponseAc.StatusCode = Convert.ToInt32(EnumList.ResponseType.NotFound); loginResponseAc.Message = _iStringConstant.UserAccountDeactivated; } } else { loginResponseAc.StatusCode = Convert.ToInt32(EnumList.ResponseType.NotFound); loginResponseAc.Message = _iStringConstant.EmailOrPfNumberNotValid; } } catch (Exception e) { throw e; } return(Ok(loginResponseAc)); }