public IActionResult Login([FromBody]JObject submitObj) { string email = (string)submitObj["email"]; string password = (string)submitObj["password"]; bool rememberMe = (bool)submitObj["rememberMe"]; SecurityManager secMan = new SecurityManager(service); var user = secMan.GetUser(email, password); var responseObj = new ResponseModel(); if (user != null) { if (user.Enabled == false) { responseObj.Success = false; responseObj.Message = "Error while user authentication."; var errorMsg = new ErrorModel(); errorMsg.Key = "Email"; errorMsg.Value = email; errorMsg.Message = "User account is disabled."; responseObj.Errors.Add(errorMsg); responseObj.Object = new { token = "" }; } else { responseObj.Object = null; responseObj.Success = true; responseObj.Timestamp = DateTime.UtcNow; responseObj.Object = new { token = WebSecurityUtil.Login(HttpContext, user.Id, user.ModifiedOn, rememberMe, service) }; } } else { responseObj.Success = false; responseObj.Message = "Login failed"; var errorMsg = new ErrorModel(); errorMsg.Key = "Email"; errorMsg.Value = email; errorMsg.Message = "Invalid email or password"; responseObj.Errors.Add(errorMsg); responseObj.Object = new { token = "" }; } return DoResponse(responseObj); }
internal static ErpIdentity CreateIdentity(Guid? userId) { SecurityManager secMan = new SecurityManager(); ErpUser user = secMan.GetUser(userId.Value); if (user == null || !user.Enabled) return null; return new ErpIdentity { User = user }; }