forked from ddrilling/AsbCloudServer
Fixed Login. Users with State == 0 will not be authenticated
This commit is contained in:
KharchenkoVladimir
parent
16e17c0559
commit
9fea1c94a6
@ -45,7 +45,7 @@ namespace AsbCloudInfrastructure.Services
|
||||
var identity = await GetClaimsUserAsync(login, password, token)
|
||||
.ConfigureAwait(false);
|
||||
|
||||
if (identity == default)
|
||||
if (identity == default || identity.User.State == 0)
|
||||
return null;
|
||||
|
||||
return new UserTokenDto
|
||||
@ -89,7 +89,8 @@ namespace AsbCloudInfrastructure.Services
|
||||
var user = new User
|
||||
{
|
||||
IdCompany = userDto.IdCompany,
|
||||
IdRole = userDto.IdRole,
|
||||
IdRole = 2, // simple user
|
||||
State = 0,
|
||||
Name = userDto.Name,
|
||||
Surname = userDto.Surname,
|
||||
Patronymic = userDto.Patronymic,
|
||||
@ -98,7 +99,7 @@ namespace AsbCloudInfrastructure.Services
|
||||
Position = userDto.Position,
|
||||
Level = userDto.Level,
|
||||
Login = userDto.Login,
|
||||
PasswordHash = salt + ComputeHash(salt, userDto.Password)
|
||||
PasswordHash = salt + ComputeHash(salt, userDto.Password),
|
||||
};
|
||||
|
||||
db.Users.Add(user);
|
||||
|
||||
@ -36,7 +36,7 @@ namespace AsbCloudWebApi.Controllers
|
||||
auth.Password, token).ConfigureAwait(false);
|
||||
|
||||
if (userToken is null)
|
||||
BadRequest();//"wrong login or password"
|
||||
Forbid();
|
||||
|
||||
return Ok(userToken);
|
||||
}
|
||||
@ -57,14 +57,9 @@ namespace AsbCloudWebApi.Controllers
|
||||
/// Регистрация пользователя. Доступна администратору
|
||||
/// </summary>
|
||||
/// <returns code="200">Ок</returns>
|
||||
[Authorize]
|
||||
[HttpPost]
|
||||
public IActionResult Register(UserDto user)
|
||||
{
|
||||
const string roleName = "Администратор";
|
||||
if (!User.IsInRole(roleName))
|
||||
return Forbid($"You must be an {roleName}.");
|
||||
|
||||
var code = authService.Register(user);
|
||||
return code switch
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user