public async Task <BaseModel <UserModel> > Login(string email, string password)
{
BaseModel <UserModel> result = new BaseModel <UserModel>();
try
{
User user = await _users.Find(u => u.Email == email).FirstOrDefaultAsync();
if (user != null)
{
bool isVerified = VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt);
if (isVerified)
{
string refreshToken = _passwordHasher.HashPassword(user, Guid.NewGuid().ToString())
.Replace("+", string.Empty)
.Replace("=", string.Empty)
.Replace("/", string.Empty);
UserRefreshToken userRefreshToken = new UserRefreshToken()
{
UserId = user.Id,
RefreshToken = refreshToken
};
await _userRefreshTokens.InsertOneAsync(userRefreshToken);
result.Data = new UserModel
{
Id = user.Id,
Email = user.Email,
CreatedAt = user.CreatedAt,
Type = user.Type,
RefreshToken = refreshToken
};
string token = _jwtProvider.GenerateToken(result.Data);
result.Data.Token = token;
}
}
}
catch
{
throw new SystemException("Something went wrong while verifiying user.");
}
return(result);
}
public async Task <string> CreateDev(User dev, User creatingUser) //todo log out activities by devs
{
using (var trans = TransactionScopeFactory.Create())
{
dev.Cash = 1000000;
dev.IsActive = true;
dev.Salt = BCrypt.Net.BCrypt.GenerateSalt();
dev.Password = BCrypt.Net.BCrypt.HashPassword(dev.Password, dev.Salt);
dev.Id = await UserRepo.CreateDeveloper(dev);
trans.Complete();
}
dev = (await UserRepo.RetrieveUsersByIds(dev.Id)).First();
return(JwtProvider.GenerateToken(dev.Username, dev.EmailAddress, RoleTypes.Dev));
}
public string CreateAccount(User user)
{
using (var trans = new TransactionScope(TransactionScopeOption.Required))
{
//TODO validate incoming properties (Birthday, gender, email, username)
user.Cash = 500; //TODO economics
user.IsActive = true;
user.Salt = BCrypt.Net.BCrypt.GenerateSalt();
user.Password = BCrypt.Net.BCrypt.HashPassword(user.Password, user.Salt);
user.UserId = userRepo.CreateUser(user);
trans.Complete();
}
user = RetrieveUser(user.UserId);
return(jwtProvider.GenerateToken(user));
}
public HttpResponseMessage Authenticate(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "1.0/authenticate")]
HttpRequestMessage req)
{
return(ResponseBuilderHelper.BuildResponse(System.Net.HttpStatusCode.OK, new AuthenticateActivityResponse()
{
Token = _jwtProvider.GenerateToken(Settings.AuthorizationKey)
}));
}
public async Task <string> CreateAccount(User user)
{
bool conflictFound = await UserRepo.UserExistsByUsernameOrEmail(user.Username, user.EmailAddress);
if (conflictFound)
{
throw new CritterException($"Sorry, someone already exists with that name or email!", $"Duplicate account creation attempt on {user.Username} or {user.EmailAddress}", System.Net.HttpStatusCode.Conflict);
}
using (var trans = TransactionScopeFactory.Create())
{
user.Cash = 500; //TODO economics
user.IsActive = true;
user.Salt = BCrypt.Net.BCrypt.GenerateSalt();
user.Password = BCrypt.Net.BCrypt.HashPassword(user.Password, user.Salt);
user.Id = await UserRepo.CreateUser(user) ?? throw new CritterException("Could not create account, try again!", null, System.Net.HttpStatusCode.Conflict);
List <int> metaphones = new List <int>();
var doubles = new List <ShortDoubleMetaphone>();
doubles.Add(new ShortDoubleMetaphone(user.Username));
doubles.Add(new ShortDoubleMetaphone(user.FirstName));
doubles.Add(new ShortDoubleMetaphone(user.LastName));
doubles.ForEach(d => { metaphones.Add(d.PrimaryShortKey); metaphones.Add(d.AlternateShortKey); });
metaphones = metaphones.Distinct().AsList();
if (!await UserRepo.InsertMetaphone(user.Id, metaphones.ToArray()))
{
Log.Logger.Error($"Failed to create metaphone for {user.Id}");
}
if (!await UserRepo.CreateUserMeta(user.Id, ""))
{
throw new CritterException("Could not create account, try again!", $"Failed to create a user meta for user ID {user.Id}", System.Net.HttpStatusCode.InternalServerError);
}
trans.Complete();
}
user = await RetrieveUser(user.Id);
return(JWTProvider.GenerateToken(user));
}
public TokenResponse(int userId, object role, IJwtProvider jwtProvider)
{
IEnumerable <Claim> claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, $"{userId}"),
new Claim(ClaimsIdentity.DefaultRoleClaimType, $"{role}")
};
var claimsIdentity = new ClaimsIdentity(claims);
Token = jwtProvider.GenerateToken(claimsIdentity);
UserId = claimsIdentity.Claims.GetUserId();
}
public async Task <IActionResult> Login(UserView userView)
{
var user = await _userRepository.GetUserByLoginPassword(userView.Login, userView.Password);
if (user != null)
{
var options = new CookieOptions
{
Expires = DateTime.Now.AddHours(8),
IsEssential = true
};
HttpContext.Response.Cookies.Append("AuthToken", _jwtProvider.GenerateToken(user), options);;
return(RedirectToAction("Index", "Home"));
}
return(View("Index"));
}
public string Protect(AuthenticationTicket data, string purpose)
{
return(JWT.GenerateToken(data.Principal.Identity.Name, data.Principal.FindFirst(ClaimTypes.Email)?.Value));
}
public IActionResult Login([FromBody] AuthRequest request)
{
if (!ModelState.IsValid)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, new ApiResultModel <string>
{
Message = "登录失败。",
Error = new ApiError()
{
Code = "invalid",
Message = "用户名或密码错误。",
Field = "PasswordHash",
Resource = "login"
}
}));
}
var password = request.PasswordHash.DecodeBase64();
if (string.IsNullOrEmpty(password))
{
return(StatusCode((int)HttpStatusCode.Unauthorized, new ApiResultModel <string>
{
Message = "登录失败。",
Error = new ApiError()
{
Code = "invalid",
Message = "用户名或密码错误。",
Field = "PasswordHash",
Resource = "login"
}
}));
}
var login = _ar.Verify(request.Username, password);
if (login == null)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, new ApiResultModel <string>
{
Message = "登录失败。",
Error = new ApiError()
{
Code = "invalid",
Message = "用户名或密码错误。",
Field = "PasswordHash",
Resource = "login"
}
}));
}
try
{
var user = _mapper.Map <UserApiViewModel>(login);
user.Token = _jwtProvider.GenerateToken(login.Id, login.DefaultTenantId);
return(Ok(new ApiResultModel <UserApiViewModel>
{
Data = user
}));;
}
catch (Exception e)
{
_logger.LogError(e.Message);
_logger.LogError(e.StackTrace);
return(StatusCode((int)HttpStatusCode.Unauthorized, new ApiResultModel <string>
{
Message = "登录失败。",
Error = new ApiError()
{
Code = "invalid",
Message = "服务端错误。",
Field = "Server Error.",
Resource = "login"
}
}));
}
}
public string Protect(AuthenticationTicket data, string purpose)
{
return(jwt.GenerateToken(data.Principal.Identity.Name));
}
