Added new validation in user login to verify if user is active or not and if user's email is confirmed or not

2025-04-02 15:31:41 +05:30 · 2025-04-02 15:31:41 +05:30 · a42a924884
commit a42a924884
parent bec60cd24e
1 changed files with 14 additions and 6 deletions
--- a/Marco.Pms.Services/Controllers/AuthController.cs
+++ b/Marco.Pms.Services/Controllers/AuthController.cs
@ -1,4 +1,5 @@
-using Marco.Pms.Model.Authentication;
+using Marco.Pms.DataAccess.Data;
+using Marco.Pms.Model.Authentication;
 using Marco.Pms.Model.Dtos;
 using Marco.Pms.Model.Dtos.Util;
 using Marco.Pms.Model.Employees;
@ -21,13 +22,14 @@ namespace MarcoBMS.Services.Controllers
    public class AuthController : ControllerBase
    {
        private readonly UserManager<IdentityUser> _userManager;
+        private readonly ApplicationDbContext _context;
        private readonly JwtSettings _jwtSettings;
        private readonly RefreshTokenService _refreshTokenService;
        private readonly IEmailSender _emailSender;
        private readonly IConfiguration _configuration;
        private readonly EmployeeHelper _employeeHelper;
        //string tenentId = "1";
-        public AuthController(UserManager<IdentityUser> userManager, JwtSettings jwtSettings, RefreshTokenService refreshTokenService, 
+        public AuthController(UserManager<IdentityUser> userManager,ApplicationDbContext context, JwtSettings jwtSettings, RefreshTokenService refreshTokenService, 
            IEmailSender emailSender, IConfiguration configuration, EmployeeHelper employeeHelper)
        {
            _userManager = userManager;
@ -36,21 +38,27 @@ namespace MarcoBMS.Services.Controllers
            _emailSender = emailSender;
            _configuration = configuration;
            _employeeHelper = employeeHelper;
+            _context = context;
        }

        [HttpPost("login")]
        public async Task<IActionResult> Login([FromBody] LoginDto loginDto)
        {
-            var user = await _userManager.FindByEmailAsync(loginDto.Username);
-            var user1 = await _userManager.Users.FirstOrDefaultAsync(u => u.Email == loginDto.Username || u.PhoneNumber == loginDto.Username);
-
+            var user = await _context.ApplicationUsers.FirstOrDefaultAsync(u => u.Email == loginDto.Username || u.PhoneNumber == loginDto.Username);
            
            if (user == null || !await _userManager.CheckPasswordAsync(user, loginDto.Password))
            {
                return Unauthorized("Invalid username or password.");
            }

-
+            if (!user.IsActive)
+            {
+                return BadRequest("User is In Active");
+            }
+            if (!user.EmailConfirmed)
+            {
+                return BadRequest("Your email is not verified, Please verify your email");
+            }
           Employee emp = await _employeeHelper.GetEmployeeByApplicationUserID(user.Id);
            //var refreshToken = GenerateRefreshToken();