public async Task <TokensCortage> Login(string email, string password) { var user = await _userManager.FindByNameAsync(email); if (user == null) { throw new AuthenticationException(); } var checkResult = await _userManager.CheckPasswordAsync(user, password); if (!checkResult) { throw new AuthenticationException(); } var refreshToken = _tokenGenerator.GenerateRefreshToken(); await _tokenService.AddRefreshToken(refreshToken, user); return(new TokensCortage() { Token = _tokenGenerator.GenerateAccessToken(user), RefreshToken = refreshToken }); }
private TokenResponse GetTokenResponse(User user) { var accessTokenExpiry = DateTime.UtcNow.AddMinutes(_config.JWT_EXPIRE_MINUTES); var principal = ClaimsPrincipalHelper.Create <User>(user); var identity = (ClaimsIdentity)principal.Identity; var securityTokenDescriptor = new SecurityTokenDescriptor { SigningCredentials = _signingCredentials, Subject = identity, Expires = accessTokenExpiry }; var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(securityTokenDescriptor); var accessToken = handler.WriteToken(securityToken); Logger.Info("User login: {0}", user.UserName); var refreshToken = _tokenGenerator.GenerateRefreshToken(); var expiration = DateTime.UtcNow.AddDays(_config.JWT_REFRESH_TOKEN_EXPIRE_IN_DAYS); _usersService.UpdateRefreshToken(user, refreshToken, expiration); return(new TokenResponse() { access_token = accessToken, refresh_token = refreshToken, token_type = "Bearer", expires_in = (int)TimeSpan.FromMinutes(_config.JWT_EXPIRE_MINUTES).TotalSeconds, user_id = user.Id, user_name = user.Name, user_role = user.Role }); }
public async Task <ApiResponse> Login([FromBody] LoginModel model) { if (!ModelState.IsValid) { throw new ApiException(ModelState.AllErrors(), StatusCodes.Status401Unauthorized); } var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, false); if (!result.Succeeded) { ModelState.AddModelError(string.Empty, "Invalid email or password"); throw new ApiException(ModelState.AllErrors(), StatusCodes.Status401Unauthorized); } var user = await _userManager.FindByNameAsync(model.Email); var token = _tokenGenerator.GenerateJwtToken(user.AppUserId); var refreshToken = _tokenGenerator.GenerateRefreshToken(); user.RefreshTokens.Add(refreshToken); _dbContext.Set <AuthUser>().Update(user); await _dbContext.SaveChangesAsync(); var refreshTokenByteArray = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(refreshToken)); try { var jwtToken = new JwtSecurityTokenHandler().WriteToken(token); return(new ApiResponse(new { token = jwtToken, expires = token.ValidTo, refreshToken = Convert.ToBase64String(refreshTokenByteArray) })); } catch (Exception ex) { throw new ApiException(ex); } }
public TokenDTO ValidateCredentials(UserDTO userDTO) { string encryptesdPassword = ComputeHash(userDTO.password, new SHA256CryptoServiceProvider()); var user = _userRepository.GetAll() .Where(u => u.Email.Equals(userDTO.email) && u.Password == encryptesdPassword) .FirstOrDefault(); if (user == null) { return(null); } var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, user.Email) }; var accessToken = _tokenService.GenerateAccessToken(claims); var refreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = refreshToken; user.RefreshTokenExpiryDate = DateTime.Now.AddDays(_configuration.DaysToExpiry); _userRepository.Update(user); DateTime createDate = DateTime.Now; DateTime expirationDate = createDate.AddMinutes(_configuration.Minutes); return(new TokenDTO( true, createDate.ToString(DATE_FORMAT), expirationDate.ToString(DATE_FORMAT), accessToken, refreshToken )); }
public async Task <TokensCortage> RefreshToken(string token, string refreshToken) { var principal = GetPrincipalFromExpiredToken(token); var userId = principal.GetUserId(); var savedToken = await _context.RefreshTokens.ByUser(userId).FirstAsync(); if (savedToken == null || savedToken.Token != refreshToken) { throw new SecurityTokenException("Invalid refresh token"); } var newToken = _tokenGenerator.GenerateAccessToken(principal.Claims); var newRefreshToken = _tokenGenerator.GenerateRefreshToken(); await UpdateRefreshToken(userId, newRefreshToken); return(new TokensCortage() { Token = newToken, RefreshToken = newRefreshToken }); }
public async Task <IActionResult> TokenAsync( string grant_type, string code, string redirect_uri, string client_id, string code_verifier, string client_secret ) { var clientid = Guid.Parse(client_id); var clientsecret = Guid.Parse(client_secret); var client = await dataContext.OAuthClients.Where(x => x.ClientId == clientid && x.ClientSecret == clientsecret).AsNoTracking().FirstOrDefaultAsync(); if (client is not null) { var user = await dataContext.Users.Where(x => x.UserName == StaticData.CurrentUserName).AsNoTracking().FirstOrDefaultAsync(); var access_token = await tokenGenerator.GenerateAccessToken(user); var refresh_token = tokenGenerator.GenerateRefreshToken(user); var responseObject = new { access_token, refresh_token, token_type = "bearer" }; var responseJson = JsonConvert.SerializeObject(responseObject); var responseBytes = Encoding.UTF8.GetBytes(responseJson); await Response.Body.WriteAsync(responseBytes, 0, responseBytes.Length); return(Redirect(redirect_uri)); } return(View()); }