public UserProviderResult Provide(int userId)
{
var user = _activeUserProvider.Provide(x => x.IsBrowseable && x.UserId == userId);
if (user == null)
{
return(null);
}
return(new UserProviderResult
{
Login = user.Login,
Permissions = user.UserPermissions.Select(x => x.Permission).ToArray()
});
}
public CommandResult Execute(AuthenticateUserCommand command, CommandContext context)
{
if (command.Pin.IsNullOrEmpty() && command.Password.IsNullOrEmpty())
{
return(CommandResult.WithValidationError(Localization.ValidationMessage.PinOrPasswordRequired));
}
var user = _activeUserProvider.Provide(x => x.Login == command.Login);
if (user == null ||
(!command.Pin.IsNullOrEmpty() && user.QuickLoginPinHash != command.Pin.CalculateHash()) ||
(!command.Password.IsNullOrEmpty() && user.PasswordHash != command.Password.CalculateHash()))
{
return(CommandResult.WithValidationError(Localization.ValidationMessage.UnknownUserOrWrongPassword));
}
_userUpdater.Update(new UserLastLogonUpdaterInput
{
UserId = user.UserId,
LastLogonDate = DateTime.UtcNow,
LastSeenIpAddress = command.IpAddress
});
var signingCredentials = new SigningCredentials(JwtSigningKey, SecurityAlgorithms.HmacSha256);
var issuer = _configuration["Jwt:Issuer"];
var claims = new List <Claim> {
new Claim(JwtRegisteredClaimNames.Sub, user.UserId.ToString())
};
claims.AddRange(user.UserPermissions.Select(x => new Claim(ClaimTypes.Role, x.Permission.ToString())));
var token = new JwtSecurityToken(issuer,
issuer,
claims,
expires: DateTime.UtcNow.AddMinutes(TokenLifetimeMinutes),
signingCredentials: signingCredentials);
var response = new AuthenticateUserCommandResult
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
Permissions = user.UserPermissions.Select(x => x.Permission).ToArray()
};
return(CommandResult.WithResponse(response));
}
