Beispiel #1
0
        public async Task <AuthResponse> Handle(OTPLoginCommand request, CancellationToken cancellationToken)
        {
            var response = new AuthResponse {
                Status = new APIResponseStatus {
                    IsSuccessful = true, Message = new APIResponseMessage()
                }
            };

            try
            {
                var lockoutSetting = new List <ScrewIdentifierGrid>();

                var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings);

                if (!string.IsNullOrEmpty(cachedSetting))
                {
                    lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting);
                }
                else
                {
                    lockoutSetting = await _dataContext.ScrewIdentifierGrid.ToListAsync();
                }

                await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(3600));

                var user = await _userManager.FindByEmailAsync(request.Email);

                await _measure.RemoveOtpAsync(request.OTP);

                var result = await _service.LoginAsync(user);

                var measure = Measures.CollectAsMuchAsPossible(user, result, request);
                await _measure.GetMeasuresAsync(measure);


                var session = _dataContext.SessionChecker.Find(user.Id);
                if (session != null)
                {
                    session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout);
                    session.Userid        = user.Id;
                    session.Module        = (int)Modules.CENTRAL;
                    _dataContext.Entry(session).CurrentValues.SetValues(session);
                    await _dataContext.SaveChangesAsync();
                }

                response.Token        = result.Token;
                response.RefreshToken = result.RefreshToken;
                return(response);
            }
            catch (Exception ex)
            {
                response.Status.Message.FriendlyMessage  = ex?.Message ?? ex?.InnerException?.Message;
                response.Status.Message.TechnicalMessage = ex.ToString();
                return(response);
            }
        }
Beispiel #2
0
        public async Task <AuthResponse> Handle(LoginCommand request, CancellationToken cancellationToken)
        {
            var response = new AuthResponse {
                Status = new APIResponseStatus {
                    IsSuccessful = true, Message = new APIResponseMessage()
                }
            };

            try
            {
                if (!await _measure.ReturnStatusAsync(request.UserName))
                {
                    response.Status.IsSuccessful = false;
                    return(response);
                }
                var lockoutSetting = new List <ScrewIdentifierGrid>();

                var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings);

                if (!string.IsNullOrEmpty(cachedSetting))
                {
                    lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting);
                }
                else
                {
                    lockoutSetting = await _securityContext.ScrewIdentifierGrid.ToListAsync();
                }

                await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(86400));

                if (!await IsPasswordCharactersValid(request.Password))
                {
                    response.Status.IsSuccessful            = false;
                    response.Status.Message.FriendlyMessage = "Invalid Password";
                    return(response);
                }
                if (!await UserExist(request))
                {
                    response.Status.IsSuccessful            = false;
                    response.Status.Message.FriendlyMessage = "User does not exist";
                    return(response);
                }
                if (!await IsValidPassword(request))
                {
                    response.Status.IsSuccessful            = false;
                    response.Status.Message.FriendlyMessage = "User/Password Combination is wrong";
                    return(response);
                }

                var user = await _userManager.FindByNameAsync(request.UserName);

                var otp = await OTPOptionsAsync(user.Id);

                if (otp.Status.IsSuccessful)
                {
                    otp.Status.Message.MessageId = user.Email;
                    return(otp);
                }

                var result = await _service.LoginAsync(user);

                var measure = Measures.CollectAsMuchAsPossible(user, result, _detectionService);
                var res     = await _measure.GetMeasuresAsync(measure);

                await ReplaceDeviceAsync(user.Id, measure.Token);

                var session = _securityContext.SessionChecker.Find(user.Id);
                if (session != null)
                {
                    session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout);
                    session.Userid        = user.Id;
                    session.Module        = (int)Modules.CENTRAL;
                    _securityContext.Entry(session).CurrentValues.SetValues(session);
                    await _securityContext.SaveChangesAsync();
                }

                response.Token        = result.Token;
                response.RefreshToken = result.RefreshToken;
                return(response);
            }
            catch (Exception ex)
            {
                response.Status.Message.FriendlyMessage  = ex?.Message ?? ex?.InnerException?.Message;
                response.Status.Message.TechnicalMessage = ex.ToString();
                return(response);
            }
        }