public async Task <AuthenticatedDto> Handle(AuthenticateCommand request, CancellationToken cancellationToken) { var user = userManager.Users.SingleOrDefault(u => u.UserName == request.Email); if (user is null) { throw new ApiException("Incorrect Email and/or password."); } var userSigninResult = await userManager.CheckPasswordAsync(user, request.Password); if (userSigninResult) { var token = await tokenClaimsService.GetTokenAsync(user, jwtSettings.Secret); return(new AuthenticatedDto { Token = token, UserId = user.Id, UserEmail = user.Email }); } throw new ApiException("Incorrect Email and/or password."); }
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync(AuthenticateRequest request) { var response = new AuthenticateResponse(request.CorrelationId()); var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true); response.Result = result.Succeeded; response.Token = await _tokenClaimsService.GetTokenAsync(request.Username); return(response); }
public async Task <IActionResult> Login(AuthenticateRequest request) { string response = string.Empty; // Sign user using the ASP.NET Identity platform. Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true); if (result.Succeeded) { response = await _tokenClaimsService.GetTokenAsync(request.Username); } return(Ok(response)); }
public async Task <ActionResult <UserToken> > CreateUser([FromBody] UserInfo model) { var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); string token; if (result.Succeeded) { token = await _tokenClaimsService.GetTokenAsync(model.Email); return(new UserToken() { Token = token }); } else { return(BadRequest(result.Errors)); } }
public async Task <string> LoginAsync(LoginCommand command) { var user = await _userManager.FindByNameAsync(command.Username); var result = await _signInManager.CheckPasswordSignInAsync(user, command.Password, false); if (result.Succeeded) { var token = await _tokenClaimsService.GetTokenAsync(command.Username); return(token); } return(null); }
private async Task <UserInfo> CreateUserInfo(ClaimsPrincipal claimsPrincipal) { if (!claimsPrincipal.Identity.IsAuthenticated) { return(UserInfo.Anonymous); } var userInfo = new UserInfo { IsAuthenticated = true }; if (claimsPrincipal.Identity is ClaimsIdentity claimsIdentity) { userInfo.NameClaimType = claimsIdentity.NameClaimType; userInfo.RoleClaimType = claimsIdentity.RoleClaimType; } else { userInfo.NameClaimType = "name"; userInfo.RoleClaimType = "role"; } if (claimsPrincipal.Claims.Any()) { var claims = new List <ClaimValue>(); var nameClaims = claimsPrincipal.FindAll(userInfo.NameClaimType); foreach (var claim in nameClaims) { claims.Add(new ClaimValue(userInfo.NameClaimType, claim.Value)); } foreach (var claim in claimsPrincipal.Claims.Except(nameClaims)) { claims.Add(new ClaimValue(claim.Type, claim.Value)); } userInfo.Claims = claims; } var token = await _tokenClaimsService.GetTokenAsync(claimsPrincipal.Identity.Name); userInfo.Token = token; return(userInfo); }
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync(AuthenticateRequest request) { var response = new AuthenticateResponse(request.CorrelationId()); // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true //var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true); var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true); response.Result = result.Succeeded; response.IsLockedOut = result.IsLockedOut; response.IsNotAllowed = result.IsNotAllowed; response.RequiresTwoFactor = result.RequiresTwoFactor; response.Username = request.Username; response.Token = await _tokenClaimsService.GetTokenAsync(request.Username); return(response); }
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync([FromForm] AuthenticateRequest request) { var response = new AuthenticateResponse(); var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true); if (!result.Succeeded) { return(Unauthorized()); } response.Result = result.Succeeded; response.Token = await _tokenClaimsService.GetTokenAsync(request.Username); response.Username = request.Username; return(response); }
public override async Task <ActionResult <AuthResponse> > HandleAsync(AuthRequest request, CancellationToken cancellationToken = default) { var response = new AuthResponse(request.CorrelationId()); var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, false); response.Result = result.Succeeded; response.IsLockedOut = result.IsLockedOut; response.IsNotAllowed = result.IsNotAllowed; response.RequiresTwoFactor = result.RequiresTwoFactor; response.Username = request.Username; if (result.Succeeded) { response.Token = await _tokenClaimsService.GetTokenAsync(request.Username); } return(response); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true //var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true); var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, false, true); if (result.Succeeded) { var token = await _tokenClaimsService.GetTokenAsync(Input.Email); CreateAuthCookie(Input.Email, token, Startup.InDocker); _logger.LogInformation("User logged in."); await TransferAnonymousBasketToUserAsync(Input.Email); return(LocalRedirect(returnUrl)); } if (result.RequiresTwoFactor) { return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToPage("./Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Page()); } } // If we got this far, something failed, redisplay form return(Page()); }