public async Task <Response> AuthenticateAsync(AuthenticateUserRequest request)
{
var user = await _userRepository.GetById(request.Id);
if (user == null)
{
return new Response {
Succeeded = false, Message = "Пользователь не найден!"
}
}
;
var newMessage = GenerateHMac(user.UserId, user.SecretWord);
if (newMessage != request.Message)
{
return new Response {
Succeeded = false, Message = "Неправильный MessageDigest"
}
}
;
return(new Response {
Succeeded = true, Message = default
});
public AuthenticateUserResponse AuthenticateUser(AuthenticateUserRequest request)
{
try
{
var response = new AuthenticateUserResponse();
if (string.IsNullOrEmpty(request.UserName) || string.IsNullOrEmpty(request.Password))
{
response.Success = false;
response.FailureInformation = "Invalid username or password.";
return(response);
}
response.Id = Guid.NewGuid();
response.Email = "*****@*****.**";
response.Firstname = "Test";
response.Lastname = "User";
// pass-through success and set Auth cookie in controller override
response.Success = true;
return(response);
}
catch (Exception ex)
{
return(ServiceHelper.GetPopulatedFailureResponse <AuthenticateUserResponse>(ex));
}
}
public IActionResult Post([FromBody] AuthenticateUserRequest request)
{
if (request.Username == "test" && request.Password == "test")
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_jwtSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new []
{
new Claim(JwtRegisteredClaimNames.Email, "*****@*****.**")
}),
Expires = DateTime.UtcNow.AddHours(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(tokenHandler.WriteToken(token)));
}
return(BadRequest("Uh Oh"));
}
public bool AuthenticateUser(string userName, string password)
{
AuthenticateUserRequest request = new AuthenticateUserRequest(userName, password);
AuthenticateUserResponse response = this.AuthenticateUser(request);
return(response.AuthenticateUserResult);
}
public async Task <AuthenticateUserResponse> AuthenticateUser(AuthenticateUserRequest request)
{
var response = new AuthenticateUserResponse();
try
{
var command = this.userSqlCommandFactory.AuthenticateUser(request);
var result = await this.dataAccess.ExecuteReader(command);
if (result.DataTable.Rows.Count == 1)
{
response.Message = "Successfully authenticated user.";
response.Success = true;
response.Data = new UserAuthenticationModel();
response.Data.User = BuildUserFromDataRow(result.DataTable.Rows[0]);
}
else
{
response.Message = "Incorrect authentication details.";
response.Success = false;
}
}
catch (Exception ex)
{
response.Errors.Add(ex.Message);
response.Message = "Failed to authenticate user.";
}
return(response);
}
public async Task <IActionResult> Create([FromBody] AuthenticateUserRequest user)
{
var command = new AuthenticateUserCommand(user);
var result = await Mediator.Send(command);
return(await ResponseBase(result));
}
public AuthenticateUserResponse AuthenticateUser(AuthenticateUserRequest request)
{
try
{
var response = new AuthenticateUserResponse();
if (string.IsNullOrEmpty(request.UserName) || string.IsNullOrEmpty(request.Password))
{
response.SetError("Invalid username or password.");
return(response);
}
response.Id = Guid.NewGuid();
response.Email = "*****@*****.**";
response.Firstname = "Test";
response.Lastname = "User";
// passthrough success and set Auth cooki in controller override
response.Success = true;
return(response);
}
catch (Exception ex)
{
return(new AuthenticateUserResponse {
Success = false, FailureInformation = "Generic error in UserService::AuthenticateUser"
});
}
}
public async Task <ApiResponseModel> Login(AuthenticateUserRequest user)
{
try
{
HttpClient client = new HttpClient();
client.BaseAddress = new Uri(BASE_URL);
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
HttpResponseMessage response = client.PostAsync("users/authenticate", new StringContent(JsonConvert.SerializeObject(user), Encoding.UTF8, "application/json")).Result;
if (response.IsSuccessStatusCode)
{
string body = await response.Content.ReadAsStringAsync();
ApiResponseModel responseModel = DeserializeJson <ApiResponseModel>(body);
return(responseModel);
}
else
{
return(new ApiResponseModel()
{
Status = false
});
}
}
catch (Exception ex) { Console.WriteLine(ex.Message); }
return(new ApiResponseModel()
{
Status = false
});
}
public AuthenticateUserResponse AuthenticateUser(AuthenticateUserRequest request)
{
if (request == null)
{
AddNotification("AuthenticateUserRequest", "Requisição inválida");
return(null);
}
var user = new User(request.Email, request.Password);
AddNotifications(user);
if (user.IsInvalid())
{
return(null);
}
if (!_repositoryUser.Existe(x => x.Email == user.Email && x.Password == user.Password))
{
AddNotification("User", "Usuário ou senha inválidos");
return(null);
}
else
{
user = _repositoryUser.ObterPor(x => x.Email == user.Email && x.Password == user.Password);
}
return((AuthenticateUserResponse)user);
}
public AuthenticateUserResponse AuthenticateUser(AuthenticateUserRequest request)
{
User user = Repository.UserRepository.GetUserByFacebookUserId(request.FacebookUserId);
if (user == null)
{
Guid userId = Guid.NewGuid();
string imageId = UploadImageToFtpByUrlAndGetImageId(request, userId);
user = new User()
{
ProfileImageId = imageId,
Id = userId,
FacebookUserId = request.FacebookUserId,
Email = request.Email,
Name = request.UserName
};
Repository.UserRepository.AddUser(user);
}
return(new AuthenticateUserResponse()
{
UserId = user.Id,
ProfileIconId = user.ProfileImageId,
Email = user.Email,
FacebookUserId = user.FacebookUserId,
Name = user.Name
});
}
public AuthenticateUserResponse AuthenticateUser(AuthenticateUserRequest request)
{
if (request == null)
{
AddNotification("AuthenticateUserRequest",
MSG.OBJETO_X0_E_OBRIGATORIO.ToFormat("AuthenticateUserRequest"));
return(null);
}
var email = new Email(request.Email);
var user = new User(email, request.Password);
AddNotifications(user);
if (this.IsInvalid())
{
return(null);
}
user = _repositoryUser.Get(user.Email.Address, user.Password);
if (user == null)
{
AddNotification("User", MSG.DADOS_NAO_ENCONTRADOS);
return(null);
}
var response = (AuthenticateUserResponse)user;
return(response);
}
public JsonResult AuthenticateLogin(AuthenticateUserRequest request)
{
bool isSuccess = false;
var authenticateLoginResult = _userServices.AuthenticateLogin(request);
if (authenticateLoginResult == null)
{
return(Json(new
{
isSucess = isSuccess,
messageAlert = "Invalid User Details"
}, JsonRequestBehavior.AllowGet));
}
isSuccess = true;
Session[LookupKey.SessionVariables.UserId] = authenticateLoginResult.UserId;
HttpCookie userFullName = new HttpCookie(LookupKey.SessionVariables.UserFullName, authenticateLoginResult.FullName);
HttpCookie userRoleName = new HttpCookie(LookupKey.SessionVariables.UserRoleName, authenticateLoginResult.UserRoleDetails.UserRoleName);
Response.Cookies.Add(userFullName);
Response.Cookies.Add(userRoleName);
var response = new
{
userDetailResult = authenticateLoginResult,
isSuccess = isSuccess
};
return(Json(response, JsonRequestBehavior.AllowGet));
}
public ActionResult AuthenticateLogin(AuthenticateUserRequest request)
{
bool isSuccess = false;
var authenticateLoginResult = _userService.AuthenticateLogin(request);
if (authenticateLoginResult == null)
{
return(Ok(new
{
isSucess = isSuccess,
messageAlert = "Invalid User Details"
}));
}
isSuccess = true;
HttpContext.Session.SetString(LookupKey.SessionVariables.UserId, authenticateLoginResult.UserId.ToString());
HttpContext.Response.Cookies.Append(LookupKey.SessionVariables.UserName, authenticateLoginResult.UserName);
HttpContext.Response.Cookies.Append(LookupKey.SessionVariables.UserRoleName, authenticateLoginResult.UserRoleName);
var response = new
{
userDetailResult = authenticateLoginResult,
isSuccess = isSuccess
};
return(Ok(response));
}
public bool TryAuthentifcate(AuthenticateUserRequest request, out IUserIdentity identity)
{
using (var database = DatabaseFactory.GetDatabase())
{
identity = null;
User user = database.Query <User>().FirstOrDefault(x => x.Name == request.UserName);
if (user == null)
{
return(false);
}
if (user.PasswordHash != cryptoService.ComputeHash(request.Password, user.PasswordSalt))
{
return(false);
}
IList <string> claims = database.Fetch <string>(@"
select c.*
from auth.user u
inner join auth.user_claim uc on u.user_id = uc.user_id
inner join auth.claim c on uc.claim_id = c.claim_id
where u.user_id = @0", user.Id);
identity = new DefaultUserIdentity(user.Name, claims);
return(true);
}
}
public ActionResult <AuthenticateUserResponse> Login(AuthenticateUserRequest authCreds)
{
var response = _service.Authenticate(authCreds, ipAddress());
setTokenCookie(response.RefreshToken);
return(Ok(response));
}
public async Task <IActionResult> AuthenticateUser(AuthenticateUserRequest request)
{
try
{
var result = await _mediator.Send(new AuthenticateUserCommand
{
Email = request.Email,
Password = request.Password
});
var model = (UserAuthenticationApiResponse)result;
if (model == null)
{
return(NotFound());
}
return(Ok(model));
}
catch (HttpRequestContentException e)
{
return(StatusCode((int)e.StatusCode, e.ErrorContent));
}
catch (Exception e)
{
_logger.LogError(e, "Unable to get user");
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
}
public static string AuthenticateUser(LoginViewModel model)
{
try
{
using (_certonaService = new CertonaServiceClient())
{
try
{
var user = new UserDTO
{
UserID = model.UserName,
Password = Encryption.GetMd5Sum(model.Password)
};
var request = new AuthenticateUserRequest {
User = user
};
AuthenticateUserResponse response = _certonaService.AuthenticateUser(request);
if (!response.Success)
{
return(Utilities.ParseServiceErrors(response.Errors));
}
if (response.User == null || response.User.UserID == null)
{
return("Invalid user account.");
}
var userDetailsRequest = new GetUserAccountApplicationFeaturesRequest {
User = response.User
};
var userDetailsResponse = _certonaService.GetUserAccountApplicationFeatures(userDetailsRequest);
if (userDetailsResponse.Success)
{
response.User.Accounts = userDetailsResponse.Accounts;
}
FormsAuth.SetAuthCookie(response.User, false);
ReportingStartDate = DateTime.Now.AddDays(-30);
ReportingEndDate = DateTime.Now;
}
catch (TimeoutException exception)
{
_certonaService.Abort();
throw;
}
catch (CommunicationException exception)
{
_certonaService.Abort();
throw;
}
}
}
catch (Exception ex)
{
}
return("");
}
public async Task <IActionResult> AuthenticateUser([FromBody] AuthenticateUserRequest request)
{
var response = await _repository.AuthenticateUser(request);
response.Token = response.Data != null?_tokenService.GenerateToken(request.Username) : null;
return(Ok(response));
}
public async Task <ActionResult <AuthenticateUserResponse> > Authenticate
(
[FromServices] IUsersService usersService,
[FromBody] AuthenticateUserRequest request
)
{
return(await usersService.AuthenticateUser(request));
}
public async Task <IActionResult> AuthenticateUser(AuthenticateUserRequest request)
{
await InvalidateExistingAccessToken();
var authInput = new AuthenticateUserInput(request.Username, request.Password);
await _authInputHandler.HandleAsync(authInput, _authOutputHandler);
return(_authOutputHandler.Result());
}
public object Authenticate(
[FromBody] AuthenticateUserRequest request,
[FromServices] SigningConfigurations signingConfigurations,
[FromServices] TokenConfigurations tokenConfigurations)
{
bool credenciaisValidas = false;
AuthenticateUserResponse response = _serviceUser.AuthenticateUser(request);
credenciaisValidas = response != null;
if (credenciaisValidas)
{
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(response.Id.ToString(), "Id"),
new[] {
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
//new Claim(JwtRegisteredClaimNames.UniqueName, response.Usuario)
new Claim("User", JsonConvert.SerializeObject(response))
}
);
DateTime dataCriacao = DateTime.Now;
DateTime dataExpiracao = dataCriacao +
TimeSpan.FromSeconds(tokenConfigurations.Seconds);
var handler = new JwtSecurityTokenHandler();
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = tokenConfigurations.Issuer,
Audience = tokenConfigurations.Audience,
SigningCredentials = signingConfigurations.SigningCredentials,
Subject = identity,
NotBefore = dataCriacao,
Expires = dataExpiracao
});
var token = handler.WriteToken(securityToken);
return(new
{
authenticated = true,
created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"),
expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"),
accessToken = token,
message = "OK",
FirstName = response.FirstName
});
}
else
{
return(new
{
authenticated = false,
_serviceUser.Notifications
});
}
}
private async Task <ClaimsIdentity> GetClaimsIdentity(AuthenticateUserRequest request)
{
if (string.IsNullOrEmpty(request.UniqueId))
{
var userInfo = await _mediator.Send(new NgoAdminApplicationUser
{
Password = request.Password,
UserName = request.User,
UserType = UserType.NgoAdmin
});
if (userInfo == null)
{
return(null);
}
// Get the generic claims + the user specific one (the organizer flag)
return(new ClaimsIdentity(await GetGenericIdentity(request.User, userInfo.IdNgo.ToString(), UserType.NgoAdmin.ToString()),
new[]
{
new Claim(ClaimsHelper.Organizer, userInfo.Organizer.ToString(), ClaimValueTypes.Boolean)
}));
}
else
{
// verific daca userul exista si daca nu are asociat un alt device, il returneaza din baza
var userInfo = await _mediator.Send(new ObserverApplicationUser
{
Phone = request.User,
Pin = request.Password,
UDID = request.UniqueId
});
if (!userInfo.IsAuthenticated)
{
return(await Task.FromResult <ClaimsIdentity>(null));
}
if (userInfo.FirstAuthentication && _mobileSecurityOptions.LockDevice)
{
await
_mediator.Send(new RegisterDeviceId
{
MobileDeviceId = request.UniqueId,
ObserverId = userInfo.ObserverId
});
}
// Get the generic claims + the user specific one (the organizer flag)
return(new ClaimsIdentity(await GetGenericIdentity(request.User, userInfo.IdNgo.ToString(), UserType.Observer.ToString()),
new[]
{
new Claim(ClaimsHelper.ObserverIdProperty, userInfo.ObserverId.ToString(), ClaimValueTypes.Boolean)
}));
}
}
protected virtual AuthenticateUserRequest BuildAuthenticateRequest()
{
var request = new AuthenticateUserRequest();
request.MaxAttempts = this.MaxAttempts;
request.TimeoutInSeconds = this.TimeoutInSeconds;
request.Type = this.Type;
this.Attributes.For(attr => request[attr.Key] = attr.Value);
return(request);
}
private IUserIdentity GetUserIdentity(AuthenticateUserRequest request)
{
IUserIdentity userIdentity;
if (!authService.TryAuthentifcate(request, out userIdentity))
{
throw new UnauthorizedException();
}
return(userIdentity);
}
public static AuthenticateUserRequest ToRequest(this AuthenticateUserWebRequest webRequest)
{
var request = new AuthenticateUserRequest()
{
Username = webRequest.Username,
Password = webRequest.Password
};
return(request);
}
public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateUserRequest model)
{
try {
var user = await _userBusiness.AuthenticateAsync(model);
return(Ok(user));
} catch (CannotAuthenticateException) {
return(BadRequest(new { message = "Username or password is incorrect" }));
}
}
public async Task <IActionResult> Authenticate(AuthenticateUserRequest request)
{
RemoteAuthToken authToken = await _repository.GetRemoteAuthTokenAsync(request.Token);
if (authToken == null || authToken.ValidUntil < DateTime.Now)
{
return(NotFound());
}
return(Json(new CrossConnectionUser(authToken.User)));
}
public async Task GivenEmailAddress_WhenCreatingAuthenticationToken_ItAddsEmailAddress(string validEmail)
{
SetEmailWhitelist($"[email protected];{validEmail.ToUpper()};[email protected]");
AuthenticateUserRequest request = CreateUseCaseRequestForEmail(validEmail);
StubTokenCreator(validEmail, "stub");
AuthenticateUserResponse response = await _classUnderTest.ExecuteAsync(request, CancellationToken.None);
response.Authorised.Should().BeTrue();
}
public async Task GivenEmailAddressIsNotAllowed_ItDoesNotCallTheTokenCreator(
string invalidEmail)
{
SetEmailWhitelist($"mark-as-invalid-{invalidEmail}");
AuthenticateUserRequest request = CreateUseCaseRequestForEmail(invalidEmail);
await _classUnderTest.ExecuteAsync(request, CancellationToken.None);
_tokenCreatorSpy.Verify(s => s.CreateAsync(It.IsAny <IAuthenticationToken>(), It.IsAny <CancellationToken>()),
Times.Never());
}
public async Task <ApiResponseModel> Authenticate([FromBody] AuthenticateUserRequest authenticationRequest)
{
if (ModelState.IsValid)
{
// TODO: perform authentication
SHA256 newSHA = SHA256Managed.Create();
string username = authenticationRequest.Username;
string password = System.Text.Encoding.Unicode.GetString(
newSHA.ComputeHash(System.Text.Encoding.Unicode.GetBytes(
authenticationRequest.Password)));
var result = await _signInManager.PasswordSignInAsync(username, authenticationRequest.Password, false, false);
if (result.Succeeded)
{
//Assign token to user
String token = Guid.NewGuid().ToString();
var user = _dbContext.Users.FirstOrDefault(p => p.UserName == username);
user.UuidV4Token = token;
_dbContext.Users.Update(user);
if (_dbContext.SaveChanges() > 0)
{
return(new ApiResponseModel()
{
Status = true,
Result = new AuthenticateUserResultModel()
{
Token = token
}
});
}
else
{
return(new ApiResponseModel()
{
Status = false,
Error = "Database Error!"
});
}
}
else
{
return(new ApiResponseModel()
{
Status = false,
Error = "Failed to authenticate User!"
});
}
}
return(new ApiResponseModel()
{
Status = false
});
}
/// <remarks/>
public void AuthenticateUserAsync(AuthenticateUserRequest AuthenticateUserRequest, object userState) {
if ((this.AuthenticateUserOperationCompleted == null)) {
this.AuthenticateUserOperationCompleted = new System.Threading.SendOrPostCallback(this.OnAuthenticateUserOperationCompleted);
}
this.InvokeAsync("AuthenticateUser", new object[] {
AuthenticateUserRequest}, this.AuthenticateUserOperationCompleted, userState);
}
/// <remarks/>
public void AuthenticateUserAsync(AuthenticateUserRequest AuthenticateUserRequest) {
this.AuthenticateUserAsync(AuthenticateUserRequest, null);
}
