public Task <Result <AuthenticateResponseModel> > Authenticate(AuthenticateRequestModel model, string ipAddress)
{
try
{
var user = _userLoginService.Authenticate(model);
if (user == null)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Error(Constants.NotFoundUserLogin)));
}
var employee = _employeeService.GetEmployee(user.FkEmpId ?? 0);
var jwtToken = GenerateJwtToken(user);
var refreshToken = GenerateRefreshToken(ipAddress, model.Username);
_refreshTokenService.CreateRefreshToken(refreshToken);
var resultAuthentication = new AuthenticateResponseModel(employee, jwtToken, refreshToken.Token, user.Role);
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Success(resultAuthentication)));
}
catch (Exception ex)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .ExceptionError(ex)));
}
}
private async void ExecuteLoginCommand()
{
if (GlobalVariables.ServerIsOnline)
{
RequestIsWorking = true;
HttpResponseMessage resp = await Client.PostAsJsonAsync(GlobalVariables.BackendServer_URL + "/api/Users/authenticate", authenticate);
RequestIsWorking = false;
if (resp.IsSuccessStatusCode)
{
AuthenticateResponseModel Response = await resp.Content.ReadAsAsync <AuthenticateResponseModel>();
GlobalVariables.Token = Response.Token;
await LoadingVorbelegung(Response.Id);
Messenger.Default.Send(new AktualisiereBerechtigungenMessage());
Messenger.Default.Send(new OpenViewMessage {
ViewType = ViewType.viewWertpapierUebersicht
});
Messenger.Default.Send(new CloseViewMessage(), "Login");
}
else if (resp.StatusCode == System.Net.HttpStatusCode.BadRequest)
{
SendExceptionMessage("User oder Passwort ist falsch");
}
}
}
public async Task <AuthenticateResponseModel> GetUserByAccessTokenAsync(string token)
{
AuthenticateResponseModel request = new AuthenticateResponseModel();
request.Token = token;
string responseString = await CallAsync(GetByTokenServiceName, JsonConvert.SerializeObject(request), MethodTypeEnum.POST, token);
AuthenticateResponseModel response = JsonConvert.DeserializeObject <AuthenticateResponseModel>(responseString);
return(response);
}
public async Task MarkUserAsAuthenticated(AuthenticateResponseModel user)
{
await _localStorageService.SetItemAsync("accessToken", user.Token);
await _localStorageService.SetItemAsync("refreshToken", user.Token);
_state.userState = user;
var identity = GetClaimsIdentity(user);
var claimsPrincipal = new ClaimsPrincipal(identity);
NotifyAuthenticationStateChanged(Task.FromResult(new AuthenticationState(claimsPrincipal)));
}
private ClaimsIdentity GetClaimsIdentity(AuthenticateResponseModel user)
{
var claimsIdentity = new ClaimsIdentity();
if (user.Username != null)
{
claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, user.Username)
}, "apiauth_type");
}
return(claimsIdentity);
}
public IActionResult GetByToken(AuthenticateResponseModel userRequest)
{
User user = _userService.GetById(Convert.ToInt32(HttpContext.User.Identity.Name));
return(Ok(new AuthenticateResponseModel {
ID = user.ID,
FirstName = user.FirstName,
LastName = user.LastName,
Result = "",
Token = userRequest.Token,
Username = user.Email,
TeamList = GetTeams(user)
}));
}
public async Task <AuthenticateResponseModel> Authenticate(AuthenticateModel user)
{
AuthenticateModel request = new AuthenticateModel {
Email = user.Email, Remember = user.Remember
};
using (var hmac = new System.Security.Cryptography.HMACSHA512(Convert.FromBase64String(AppSettings.HashKey)))
{
request.Password = Convert.ToBase64String(hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(user.Password)));
}
string responseString = await CallAsync(AuthenticationServiceName, JsonConvert.SerializeObject(request), MethodTypeEnum.POST, null);
AuthenticateResponseModel response = JsonConvert.DeserializeObject <AuthenticateResponseModel>(responseString);
return(response);
}
public async Task <IActionResult> Authenticate(AuthenticateModel model)
{
AuthenticateResponseModel response = await _userService.AuthenticateAsync(new AuthenticateRequestModel
{
Secret = _configuration["Security:Secret"],
Username = model.UserName,
Password = model.Password,
});
if (response == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(response));
}
public async Task <AuthenticateResponseModel> Login(AuthenticateRequestModel model)
{
var user = _dataContext.AppUsers.Where(x => x.Username == model.Username).FirstOrDefault();
if (user == null)
{
throw new Exception(IUserService.Message_UserOrPasswordIsWrong);
}
bool verified = false;
var passwordHasher = new PasswordHasher <User>();
var result = passwordHasher.VerifyHashedPassword(user, user.Password, model.Password);
if (result == PasswordVerificationResult.Success)
{
verified = true;
}
else if (result == PasswordVerificationResult.SuccessRehashNeeded)
{
verified = true;
}
else if (result == PasswordVerificationResult.Failed)
{
verified = false;
}
if (verified == false)
{
throw new Exception(IUserService.Message_UserOrPasswordIsWrong);
}
// authentication successful so generate jwt token
var token = generateJwtToken(user);
var authenResponse = new AuthenticateResponseModel(user, token);
var query = (from ur in _dataContext.UserRoles
join rp in _dataContext.RolePermissons on ur.RoleId equals rp.RoleId
join p in _dataContext.Permissons on rp.PermissionId equals p.Id
select p.Key).Distinct();
authenResponse.Rights = query.ToList();
return(authenResponse);
}
public override async Task <AuthenticationState> GetAuthenticationStateAsync()
{
var accessToken = await _localStorageService.GetItemAsync <string>("accessToken");
ClaimsIdentity identity = new ClaimsIdentity();
var claimsPrincipal = new ClaimsPrincipal();
if (accessToken != null && accessToken != string.Empty)
{
AuthenticateResponseModel user = await _service.GetUserByAccessTokenAsync(accessToken);
if (user != null)
{
_state.userState = user;
identity = GetClaimsIdentity(user);
claimsPrincipal = new ClaimsPrincipal(identity);
}
}
return(await Task.FromResult(new AuthenticationState(claimsPrincipal)));
}
public Task <Result <AuthenticateResponseModel> > RefreshToken(string token, string ipAddress)
{
try
{
var refreshToken = _refreshTokenService.GetRefreshTokenByToken(token);
if (refreshToken == null)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Error(Constants.InvalidToken)));
}
if (!refreshToken.IsActive && !refreshToken.IsExpired)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Error(Constants.TokenExpired)));
}
var user = _userLoginService.GetAllUser().FirstOrDefault(f => f.Username == refreshToken.CreateByUser);
if (user == null)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Error(Constants.NotFoundUserLogin)));
}
var employee = _employeeService.GetEmployee(user.FkEmpId ?? 0);
var jwtToken = GenerateJwtToken(user);
var resultAuthentication = new AuthenticateResponseModel(employee, jwtToken, refreshToken.Token, user.Role);
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .Success(resultAuthentication)));
}
catch (Exception ex)
{
return(Task.FromResult(ResultMessage <AuthenticateResponseModel> .ExceptionError(ex)));
}
}
