Beispiel #1
0
        public async Task <IActionResult> LogIn([FromForm] AuthorizationGrantModel model)
        {
            var validationResult = _service.ValidateLogin(User, model);

            if (!validationResult.Valid)
            {
                return(BadRequest(validationResult.Result));
            }
            AppUser entity = null;

            switch (model.grant_type)
            {
            case "password":
            case null:
            {
                entity = await
                         _service.AuthenticateAsync(model.username, model.password);

                if (entity == null)
                {
                    return(Unauthorized(new AppResultBuilder()
                                        .Unauthorized(mess: "Invalid username or password")));
                }
            }
            break;

            case "refresh_token":
            {
                var validResult = _service.ValidateRefreshToken(model.refresh_token);
                if (validResult == null)
                {
                    return(Unauthorized(new AppResultBuilder()
                                        .Unauthorized(mess: "Invalid refresh token")));
                }
                entity = await _service.GetUserByIdAsync(validResult.Identity.Name);

                if (entity == null)
                {
                    return(Unauthorized(new AppResultBuilder()
                                        .Unauthorized(mess: "Invalid user identity")));
                }
            }
            break;

            default:
                return(BadRequest(new AppResultBuilder()
                                  .Unsupported("Unsupported grant type")));
            }
            var identity =
                await _service.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme);

            var principal = new ClaimsPrincipal(identity);
            var utcNow    = DateTime.UtcNow;
            var props     = new AuthenticationProperties()
            {
                IssuedUtc  = utcNow,
                ExpiresUtc = utcNow.AddHours(WebApi.Settings.Instance.TokenValidHours)
            };

            props.Parameters["refresh_expires"] = utcNow.AddHours(
                WebApi.Settings.Instance.RefreshTokenValidHours);
            var resp = _service.GenerateTokenResponse(principal, props, model.scope);

            _logger.CustomProperties(entity).Info("Login user");
            if (principal.IsInRole(RoleName.Device))
            {
                if (model.fcm_token == null)
                {
                    return(BadRequest(new AppResultBuilder()
                                      .FailValidation(mess: "FCM Token is required for device login")));
                }
                using (var trans = context.Database.BeginTransaction())
                {
                    var device      = _deviceService.Devices.Id(entity.Id).FirstOrDefault();
                    var oldFcmToken = device.CurrentFcmToken;
                    _deviceService.ChangeDeviceToken(device, model.fcm_token, resp.access_token);
                    context.SaveChanges();
                    _service.LoginDevice(device, oldFcmToken, model.fcm_token);
                    trans.Commit();
                }
            }
            return(Ok(resp));
        }