public async Task <IActionResult> Register([FromBody] UserRegistrationRequest request)
{
if (ModelState.IsValid == false)
{
return(BadRequest
(
new AuthFailureResponse
{
Errors = ModelState.Values.SelectMany(v => v.Errors.Select(e => e.ErrorMessage))
}
));
}
var authResult = await _service.RegisterAsync(request.Email, request.Password);
if (authResult.IsSuccessful == false)
{
var failureResult = new AuthFailureResponse
{
Errors = authResult.Errors
};
return(BadRequest(failureResult));
}
var successResult = new AuthSuccessResponse
{
Token = authResult.Token,
RefreshToken = authResult.RefreshToken
};
return(Ok(successResult));
}
private AuthenticationResult GenerateAuthenticationResultForTheUser(ApplicationUser newUser)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(this._configuration.GetSection("Token").GetValue <string>("Secret"));
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim(JwtRegisteredClaimNames.Sub, newUser.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, newUser.Email),
new Claim("id", newUser.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var authResponse = new AuthSuccessResponse
{
Id = newUser.Id,
Email = newUser.Email,
FirstName = newUser.FirstName,
LastName = newUser.LastName,
Password = null,
Token = tokenHandler.WriteToken(token)
};
return(new AuthenticationResult
{
Success = true,
authSuccessResponse = authResponse
});
}
public async Task <AuthenticationResult> GetUserByIdAsync(int id)
{
var user = await this._userManager.FindByIdAsync(id.ToString());
if (user == null)
{
return(new AuthenticationResult
{
Errors = new[] { "User does not exists!" }
});
}
var authResponse = new AuthSuccessResponse
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName
};
return(new AuthenticationResult
{
Success = true,
authSuccessResponse = authResponse
});
}
private async void SaveDataInLocalStorage(AuthSuccessResponse data, string email)
{
await _localStorageService.SetItem("accessToken", data.AccessToken);
await _localStorageService.SetItem("refreshToken", data.RefreshToken);
await _localStorageService.SetItem("email", email);
}
public async Task <AuthenticationResult> UpdateUserByIdAsync(User user)
{
var _user = await this._userManager.FindByIdAsync(user.Id.ToString());
if (_user == null)
{
return(new AuthenticationResult
{
Errors = new[] { "User Does Not Exist!" }
});
}
var updateThisUser = new ApplicationUser
{
Id = user.Id,
Email = user.Email,
UserName = user.Email,
LastName = user.LastName,
FirstName = user.FirstName
};
var updatedUser = await this._userManager.UpdateAsync(updateThisUser);
if (!updatedUser.Succeeded)
{
return(new AuthenticationResult
{
Errors = updatedUser.Errors.Select(x => x.Description).ToList()
});
}
var authResponse = new AuthSuccessResponse
{
Id = user.Id,
Email = user.Email,
LastName = user.LastName,
FirstName = user.FirstName
};
return(new AuthenticationResult
{
Success = true,
authSuccessResponse = authResponse
});
//this will be need for future use!
//if(!await this._userManager.CheckPasswordAsync(_user, user.Password))
//{
// return new AuthenticationResult
// {
// Errors = new[] { "Update Cannot Succeed! Only the correct user can update this record." }
// };
//}
//this needs to be used when changing passwords
//var newPasswordHash = this._userManager.PasswordHasher.HashPassword(_user, user.Password);
}
public async Task <IActionResult> Authenticate([FromBody] UserAuthenticationRequest request)
{
var token = await _authService.AuthenticateAsync(request.Email, request.Password);
var response = new AuthSuccessResponse {
Token = token
};
return(token != null?Ok(response) : Unauthorized());
}
protected async Task <AuthSuccessResponse> GenerateAuthResponse(string userId, string userName,
CancellationToken cancellationToken)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(this.options.Secret);
var userRoles = await this.UserManager.GetUserRolesAsync(userId);
var claims = new ClaimsIdentity(new[]
{
new Claim("id", userId),
new Claim(Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Email, userName),
});
foreach (var role in userRoles)
{
claims.AddClaim(new Claim(ClaimTypes.Role, role));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = claims,
Expires = this.DateTime.UtcNow.Add(this.options.TokenLifetime),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var encryptedToken = tokenHandler.WriteToken(token);
var refreshToken = new RefreshToken
{
JwtId = token.Id,
UserId = userId,
CreationDate = this.DateTime.UtcNow,
ExpiryDate = this.DateTime.UtcNow.AddMonths(AppConstants.RefreshTokenExpirationTimeInMonths),
};
await this.Context.RefreshTokens.AddAsync(refreshToken, cancellationToken);
await this.Context.SaveChangesAsync(cancellationToken);
var result = new AuthSuccessResponse
{
Token = encryptedToken,
RefreshToken = refreshToken.Token,
};
return(result);
}
public async Task <IActionResult> Login([FromBody] UserLoginRequest request)
{
var authResponse = await _identityService.LoginAsync(request.Email, request.Password);
if (!authResponse.Success)
{
return(BadRequest(new AuthFailedResponse
{
Errors = authResponse.Errors
}));
}
var response = new AuthSuccessResponse
{
Token = authResponse.Token
};
return(Ok(response));
}
public async Task <IActionResult> Register(RegisterUserRequest request)
{
var authResponse = await _userManager.RegisterAsync(request.Email, request.Password);
if (!authResponse.Success)
{
return(BadRequest(new AuthFailedResponse
{
Errors = authResponse.Errors
}));
}
var response = new AuthSuccessResponse
{
Token = authResponse.Token,
RefreshToken = authResponse.RefreshToken,
ExpiresIn = authResponse.ExpiresIn
};
return(Ok(new AuthResponse <AuthSuccessResponse>(response)));
}
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequest request)
{
var authResult = await _service.RefreshTokenAsync(request.Token, request.RefreshToken);
if (authResult.IsSuccessful == false)
{
var failureResult = new AuthFailureResponse
{
Errors = authResult.Errors
};
return(BadRequest(failureResult));
}
var successResult = new AuthSuccessResponse
{
Token = authResult.Token,
RefreshToken = authResult.RefreshToken
};
return(Ok(successResult));
}
public IActionResult Post([FromBody] AuthRequest model)
{
try
{
if (AppSettings.Username.Equals(model.Username, StringComparison.OrdinalIgnoreCase) && AppSettings.Password.Equals(model.Password))
{
var _response = new AuthSuccessResponse
{
Token = Token.CreateToken(AppSettings.AccessTokenKey, model.Username, "Administrator", AppSettings.AccessTokenExpire),
Type = "Bearer",
ExpiresIn = AppSettings.AccessTokenExpire
};
return(Ok(_response));
}
return(Unauthorized());
}
catch (Exception)
{
return(StatusCode(500));
}
}
public UserHasBeenLogged(object sender, AuthSuccessResponse user) : base(sender)
{
User = user;
}
