153 lines
7.3 KiB
C#
153 lines
7.3 KiB
C#
using ApiSoftway.Models;
|
|
using ApiSoftway.Models.Gesa_DbContext;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Text;
|
|
|
|
namespace ApiSoftway.Controllers
|
|
{
|
|
[Route("api/[controller]")]
|
|
[ApiController]
|
|
public class LoginController : ControllerBase
|
|
{
|
|
private readonly ILogger<LoginController> _logger;
|
|
private readonly GESA_PERSONALE_DbContext _personale_context;
|
|
private DbSet<Personale>? _personale;
|
|
private readonly IConfiguration? _configuration;
|
|
public LoginController(ILogger<LoginController> logger, GESA_PERSONALE_DbContext personale_context, IConfiguration? configuration)
|
|
{
|
|
_logger = logger;
|
|
_personale_context = personale_context;
|
|
_configuration = configuration;
|
|
}
|
|
|
|
/// <summary>Login iniziale return:ActionResult</summary>
|
|
[HttpPost("loginPersonale")]
|
|
public async Task<ActionResult<Login_out>> loginPersonale([FromBody] Login model)
|
|
{
|
|
Login_out o = new Login_out();
|
|
try
|
|
{
|
|
if (string.IsNullOrEmpty(model.Username) || string.IsNullOrEmpty(model.Password))
|
|
{
|
|
o.err_detail = "Username e Password non possono essere vuoti.";
|
|
o.err_title = "Username e Password non possono essere vuoti.";
|
|
o.err_status_code = "200";
|
|
return StatusCode(StatusCodes.Status200OK, o);
|
|
}
|
|
else
|
|
{
|
|
_personale = _personale_context.Personale;
|
|
var pers = await _personale.Where(t => t.Tcuser != null && t.Tcuser.Equals(model.Username) && t.Tcpwd != null && t.Tcpwd.Equals(model.Password)).Take(1).ToListAsync();
|
|
|
|
if (pers == null || (pers != null && pers.Count == 0))
|
|
{
|
|
o.err_detail = "Username o Password non trovati.";
|
|
o.err_title = "Username o Password non trovati.";
|
|
o.err_status_code = "404";
|
|
return StatusCode(StatusCodes.Status404NotFound, o);
|
|
}
|
|
else
|
|
{
|
|
var authClaims = new List<Claim>
|
|
{
|
|
//new Claim(ClaimTypes.Name, model.Username),
|
|
new Claim(ClaimTypes.Name,pers.First().Tcuser),
|
|
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
|
|
new Claim("user", pers.First().Tcuser),
|
|
new Claim("codice", pers.First().Catcodice),
|
|
new Claim("nome", pers.First().Catnome),
|
|
};
|
|
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
|
|
var token = new JwtSecurityToken(
|
|
issuer: _configuration["JWT:ValidIssuer"],
|
|
audience: _configuration["JWT:ValidAudience"],
|
|
expires: DateTime.Now.AddMonths(3),
|
|
claims: authClaims,
|
|
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
|
|
);
|
|
string tok = new JwtSecurityTokenHandler().WriteToken(token);
|
|
o.Tok = tok;
|
|
o.Tccodice = pers.First().Catcodice;
|
|
o.Tcruolo = pers.First().Tcruolo;
|
|
o.Tcdescri = pers.First().Catnome;
|
|
return StatusCode(StatusCodes.Status200OK, o);
|
|
}
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
string err = "Errore: " + ex.Message;
|
|
o.err_detail = err;
|
|
o.err_title = err;
|
|
o.err_status_code = "200";
|
|
return StatusCode(StatusCodes.Status500InternalServerError, o);
|
|
}
|
|
|
|
}
|
|
[HttpPost("loginMagazzino")]
|
|
public async Task<ActionResult<Login_out>> loginMagazzino([FromBody] Login model)
|
|
{
|
|
Login_out o = new Login_out();
|
|
try
|
|
{
|
|
if (string.IsNullOrEmpty(model.Username) || string.IsNullOrEmpty(model.Password))
|
|
{
|
|
o.err_detail = "Username e Password non possono essere vuoti.";
|
|
o.err_title = "Username e Password non possono essere vuoti.";
|
|
o.err_status_code = "200";
|
|
return StatusCode(StatusCodes.Status200OK, o);
|
|
}
|
|
_personale = _personale_context.Personale;
|
|
var pers = await _personale.Where(t => t.Tcuser != null && t.Tcuser.Equals(model.Username) && t.Tcpwd != null && t.Tcpwd.Equals(model.Password) && t.Tcruolo != null && t.Tcruolo.Equals("MAG")).Take(1).ToListAsync();
|
|
|
|
if (pers == null || (pers != null && pers.Count == 0))
|
|
{
|
|
o.err_detail = "Username o Password non trovati.";
|
|
o.err_title = "Username o Password non trovati.";
|
|
o.err_status_code = "404";
|
|
return StatusCode(StatusCodes.Status404NotFound, o);
|
|
}
|
|
else
|
|
{
|
|
var authClaims = new List<Claim>
|
|
{
|
|
//new Claim(ClaimTypes.Name, model.Username),
|
|
new Claim(ClaimTypes.Name,pers.First().Tcuser),
|
|
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
|
|
new Claim("user", pers.First().Tcuser),
|
|
new Claim("codice", pers.First().Catcodice),
|
|
new Claim("nome", pers.First().Catnome),
|
|
};
|
|
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
|
|
var token = new JwtSecurityToken(
|
|
issuer: _configuration["JWT:ValidIssuer"],
|
|
audience: _configuration["JWT:ValidAudience"],
|
|
expires: DateTime.Now.AddMonths(3),
|
|
claims: authClaims,
|
|
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
|
|
);
|
|
string tok = new JwtSecurityTokenHandler().WriteToken(token);
|
|
o.Tok = tok;
|
|
o.Tccodice = pers.First().Catcodice;
|
|
o.Tcruolo = pers.First().Tcruolo;
|
|
o.Tcdescri = pers.First().Catnome;
|
|
return StatusCode(StatusCodes.Status200OK, o);
|
|
}
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
string err = "Errore: " + ex.Message;
|
|
o.err_detail = err;
|
|
o.err_title = err;
|
|
o.err_status_code = "200";
|
|
return StatusCode(StatusCodes.Status500InternalServerError, o);
|
|
}
|
|
}
|
|
}
|
|
}
|