/// <inheritdoc/>
        public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
        {
            var user = await _usersService.GetUser(context.Principal.GetId());

            if (user?.IsBlocked != false)
            {
                context.RejectPrincipal();

                return;
            }

            if (!string.Equals(user.DetailsStamp, context.Principal.GetDetailsStamp()))
            {
                var newPrincipal = ClaimsProvider.GenerateClaimsPrincipal(user, context.Principal.Identity.AuthenticationType);
                context.ReplacePrincipal(newPrincipal);
                context.ShouldRenew = true;

                return;
            }

            await base.ValidatePrincipal(context);
        }
Beispiel #2
0
        public async Task <SignInResult> SignIn(string email, string password)
        {
            var user = await _userRepository.GetUser(email);

            if (user == null)
            {
                return(new SignInResult(ErrorCodes.InvalidCredentials));
            }

            if (user.IsBlocked)
            {
                return(new SignInResult(ErrorCodes.UserBlocked));
            }

            if (!PasswordHasher.VerifyHashedPassword(user.Password, password))
            {
                return(new SignInResult(ErrorCodes.InvalidCredentials));
            }

            var principal = ClaimsProvider.GenerateClaimsPrincipal(user, "login");

            return(new SignInResult(principal));
        }