public IActionResult RefreshToken([FromBody] JToken jsonBody)
{
var response = new LoginResponse {
Result = ResultType.Error
};
var refreshTokenValue = jsonBody.Value <string>("refreshToken");
if (string.IsNullOrWhiteSpace(refreshTokenValue))
{
response.Messages.Add(_localizationService.GetResource("account.token.refreshtoken.nullrefreshtoken"));
return(BadRequest(response));
}
var token = _tokenStoreService.FindToken(refreshTokenValue);
if (token == null)
{
response.Messages.Add(_localizationService.GetResource("account.token.refreshtoken.nulltoken"));
return(Unauthorized(response));
}
var jwtToken = _tokenFactoryService.CreateJwtTokens(token.Customer);
_tokenStoreService.AddCustomerToken(token.Customer, jwtToken.RefreshTokenSerial, jwtToken.AccessToken, _tokenFactoryService.GetRefreshTokenSerial(refreshTokenValue));
response.Result = ResultType.Success;
response.AccessToken = jwtToken.AccessToken;
response.RefreshToken = jwtToken.RefreshToken;
return(Ok(response));
}
public async Task <UserItem> Handle(Query request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
throw new Exception("The username or password is wrong.");
}
if (!user.IsActive)
{
throw new Exception("Your account has been deactivated.");
}
if (_siteSettings.Value.EnableEmailConfirmation &&
!await _userManager.IsEmailConfirmedAsync(user))
{
throw new Exception("Please check your email and confirm the sent link.");
}
var result = await _signInManager.CheckPasswordSignInAsync(
user,
request.Password,
request.RememberMe
);
if (result.Succeeded)
{
var token = _tokenFactory.CreateJwtTokens(user);
return(new UserItem
{
DisplayName = user.DisplayName,
Token = token.AccessToken,
RefreshToken = token.RefreshToken,
Username = user.UserName,
ProfileImage = null, //user.UserPhotos.FirstOrDefault(c => c.ImageType == ImageType.Profile)?.Path,
HeaderImage = null, //user.UserPhotos.FirstOrDefault(c => c.ImageType == ImageType.Header)?.Path
});
}
if (result.IsLockedOut)
{
throw new Exception("This Account has been locked.");
}
if (result.IsNotAllowed)
{
throw new Exception("!!!");
}
throw new Exception("You do not have permission.");
}
public async Task <UserItem> Handle(Query request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
var token = _tokenFactoryService.CreateJwtTokens(user);
return(new UserItem
{
DisplayName = user.DisplayName,
Email = user.Email,
HeaderImage = null,
ProfileImage = null,
RefreshToken = token.RefreshToken,
Token = token.AccessToken,
});
}
public async Task <UserItem> Handle(Command request, CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user != null && string.IsNullOrEmpty(request.Email))
{
throw new Exception("Email already exists.");
}
user = await _userManager.FindByNameAsync(request.Username);
if (user != null && string.IsNullOrEmpty(request.Username))
{
throw new Exception("Username already exists.");
}
var appuser = new AppUser
{
DisplayName = request.DisplayName,
Bio = request.Bio,
Email = request.Email,
UserName = request.Username,
IsActive = true,
IsPublicProfile = request.IsPublicProfile,
};
var result = await _userManager.CreateAsync(appuser, request.Password);
if (result.Succeeded)
{
var token = _tokenFactoryService.CreateJwtTokens(user);
return(new UserItem
{
DisplayName = request.DisplayName,
RefreshToken = token.RefreshToken,
Token = token.AccessToken,
Username = request.Username,
Email = request.Email
});
}
throw new Exception("Problem saving changes");
}
public IActionResult Login([FromBody] LoginRequest model)
{
var response = new LoginResponse {
Result = ResultType.Error
};
if (ModelState.IsValid)
{
model.Mobile = model.Mobile;
var loginResult = _customerRegistrationService.ValidateCustomer(model.Mobile, model.Password);
switch (loginResult)
{
case CustomerLoginResults.Successful:
{
var customer = _customerService.GetCustomerByPhone(model.Mobile);
//sign in new customer
var token = _tokenFactoryService.CreateJwtTokens(customer);
_tokenStoreService.AddCustomerToken(customer, token.RefreshTokenSerial, token.AccessToken, null);
//raise event
_eventPublisher.Publish(new CustomerLoggedinEvent(customer));
response.Result = ResultType.Success;
response.AccessToken = token.AccessToken;
response.RefreshToken = token.RefreshToken;
return(Ok(response));
}
case CustomerLoginResults.CustomerNotExist:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.customernotexist"));
break;
case CustomerLoginResults.Deleted:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.deleted"));
break;
case CustomerLoginResults.NotActive:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.notactive"));
break;
case CustomerLoginResults.NotRegistered:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.notregistered"));
break;
case CustomerLoginResults.LockedOut:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.lockedout"));
break;
case CustomerLoginResults.WrongPassword:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials.wrongcustomernameorpassword"));
break;
default:
response.Messages.Add(
_localizationService.GetResource("account.login.wrongcredentials"));
break;
}
}
response.Messages.AddRange(ModelState.Values.SelectMany(v => v.Errors).Select(e => e.ErrorMessage));
return(Unauthorized(response));
}
