public ActionResult Login(SignInDTO model)
{
try
{
if (!ModelState.IsValid)
{
return(View("Welcome", model));
}
if (Account.LoginSL(model.Login.EmailOrUsername, model.Login.Password))
{
Session["MiniBirdAccount"] = Account.CreateSessionSL(model.Login.EmailOrUsername);
if (model.Login.RememberMe)
{
LoginCookie(model.Login.EmailOrUsername);
}
return(RedirectToAction("Timeline", "Account"));
}
else
{
ViewBag.Message = "Datos incorrectos. Vuelva a iniciar sesión.";
return(View("Welcome", model));
}
}
catch (Exception ex)
{
return(ProcessError(ex));
}
}
public User UserName(SignInDTO userLogIn)
{
var userName = _context.Users.Where(u => u.userName.CompareTo(userLogIn.UserName) == 0 &&
u.password.CompareTo(userLogIn.password) == 0).FirstOrDefault();
return(userName);
}
public ActionResult Register(SignInDTO model)
{
try
{
if (!ModelState.IsValid)
{
return(View("Welcome", model));
}
if (Account.RegisterSL(model.Register.UserName, model.Register.Email, model.Register.Password))
{
Session["MiniBirdAccount"] = Account.CreateSessionSL(model.Register.Email);
return(RedirectToAction("Timeline", "Account"));
}
else
{
ViewBag.Message = "El usuario/correo ya está registrado.";
return(View(model));
}
}
catch (Exception ex)
{
return(ProcessError(ex));
}
}
public UserModel Map(SignInDTO signInDTO)
{
return(new UserModel {
Username = signInDTO.Username,
Password = signInDTO.Password
});
}
public async Task <AuthenticationDTO> Authenticate(SignInDTO credentials)
{
User user = await _userManager.FindByEmailAsync(credentials.Login)
?? await _userManager.FindByNameAsync(credentials.Login);
if (user == null)
{
throw new NotFoundException("A user with the provided login does not exist.");
}
if (!await _userManager.CheckPasswordAsync(user, credentials.Password))
{
throw new UnauthorizedException("Failed to sign in with the provided login/password combination. Try again.");
}
JwtSecurityToken token = await GenerateToken(user);
string tokenString =
new JwtSecurityTokenHandler().WriteToken(token);
AuthenticationDTO userInfo = new AuthenticationDTO()
{
Id = Int32.Parse(token.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value),
Username = token.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name).Value,
Roles = token.Claims.Where(c => c.Type == ClaimTypes.Role)
.Select(r => r.Value).ToArray(),
Token = tokenString,
RefreshToken = await GenerateRefreshToken(user)
};
return(userInfo);
}
public void SignInTest_ReturnAuthCorrect()
{
#region Arrange
SignInDTO signInDTO = new SignInDTO
{
Email = "*****@*****.**",
Password = "******",
};
User user = new User(1, "Name1", "Email1", "Pass1");
model = new Mock <IRepository>();
model.Setup(repo => repo.GetUserByEmailAndPassword(
signInDTO.Email, signInDTO.Password))
.Returns(Task.FromResult(user));
controller = new AccountController(model.Object);
#endregion
// Act
var result = controller.SignIn(signInDTO);
// Assert
Assert.IsType <OkObjectResult>(result.Result);
}
public async Task ChangePassword(SignInDTO credentials, string newPassword)
{
User user = await _userManager.FindByEmailAsync(credentials.Login);
if (user == null)
{
throw new NotFoundException("A user with the provided login does not exist.");
}
if (!await _userManager.CheckPasswordAsync(user, credentials.Password))
{
throw new BadRequestException("Failed to auhenticate with the provided password.");
}
IdentityResult result = await _userManager.ChangePasswordAsync(user,
credentials.Password, newPassword);
if (!result.Succeeded)
{
StringBuilder errMessage = new StringBuilder();
foreach (IdentityError err in result.Errors)
{
errMessage.Append($"{err.Code} {err.Description}/n");
}
throw new ServerErrorException(errMessage.ToString());
}
}
public async Task <IActionResult> SignIn([FromBody] SignInDTO loginModel)
{
var user = await UserManager.GetByCredentialsAsync(loginModel.Email, loginModel.Password);
if (user == null)
{
//...
}
var now = DateTime.Now;
var jwt = new JwtSecurityToken
(
issuer: AuthOptions.Issuer,
audience: AuthOptions.Audience,
notBefore: now,
expires: now.Add(TimeSpan.FromMinutes(AuthOptions.Lifetime)),
signingCredentials: new SigningCredentials(AuthOptions.Key, SecurityAlgorithms.HmacSha256),
claims: new List <Claim> {
new Claim(type: "user-id", value: user.Id.ToString())
}
);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(Ok(new
{
token = encodedJwt
}));
}
public async Task <IActionResult> SignIn([FromBody] SignInDTO UserData)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = new User
{
Email = UserData.Contact.Email,
UserName = UserData.Contact.UserName,
PhoneNumber = UserData.Contact.PhoneNumber
};
var result = await CreateUser(user, UserData.Password, "Manager");
if (result.Succeeded)
{
user = await _userManager.FindByEmailAsync(UserData.Contact.Email);
UserData.Id = user.Id;
UserData.Roles.Add("Manager");
return(Ok(UserData));
}
return(BadRequest(result.Errors));
}
public IActionResult username(SignInDTO signInDTO)
{
var findUser = _userRepo.UserName(signInDTO);
// var authenticate =_userRepo.CheckPassword(validate,username);
return(Ok(findUser));
}
public async Task CreateUserAsync(SignInDTO signInDto)
{
// var User = new User { UserName = viewModel.NickName };
await _appDbContext.Users.AddAsync(new User { UserName = signInDto.UserName });
await _appDbContext.SaveChangesAsync();
//var result = await _userManager.CreateAsync(User);
}
public async Task <IActionResult> SignIn([FromBody] SignInDTO signInDTO)
{
if (!ModelState.IsValid || signInDTO == null)
{
return(BadRequest("Error: Model state is not valid."));
}
// Email validation
if (signInDTO.Email == null || signInDTO.Email == String.Empty)
{
return(BadRequest("Error: Empty Email."));
}
if (!IsValidEmail(signInDTO.Email))
{
return(BadRequest("Error: Email is not valid."));
}
// Password validatition
if (signInDTO.Password == null || signInDTO.Password == String.Empty)
{
return(BadRequest("Error: Empty Password."));
}
User user = await _context
.GetUserByEmailAndPassword(signInDTO.Email, signInDTO.Password);
if (user == null)
{
return(NotFound("Error: Not correct email or password."));
}
// Create claims with data
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Role, "User")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Tokens:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(_configuration["Tokens:Issuer"],
_configuration["Tokens:Issuer"],
claims,
expires: DateTime.Now.AddHours(24),
signingCredentials: creds);
// Write token to memory
string resToken = new JwtSecurityTokenHandler().WriteToken(token);
// Create DTO for response
UserDTO userDTO = new UserDTO(resToken, DateTime.Now.AddHours(24), DateTime.Now, user);
return(Ok(userDTO));
}
public async Task <ActionResult <AuthenticationDTO> > SignIn([FromBody] SignInDTO signInModel)
{
if (!ModelState.IsValid)
{
return(BadRequest("The provided user model is not valid."));
}
return(Ok(await _accountService.Authenticate(signInModel)));
}
public async Task <ActionResult <TokenDTO> > SignIn([FromBody] SignInDTO credentials)
{
var result = await authenticationService.SignInAsync(credentials.Phone, credentials.Password);
if (result == null)
{
return(BadRequest());
}
return(result);
}
public async Task <ActionResult> Login([FromBody] SignInDTO model)
{
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, false);
if (result.Succeeded)
{
var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.Username);
return(Ok(new { title = await GenerateJwtToken(model.Username, appUser) }));
}
throw new ApplicationException("INVALID_LOGIN_ATTEMPT");
}
public async Task <IActionResult> SignIn([FromBody] SignInDTO dto)
{
var response = await _httpClient.PostAsJsonAsync(ApiRoutes.ApiSignIn, dto);
if (response.IsSuccessStatusCode)
{
var token = JsonSerializer.Deserialize <JwtTokenDTO>(await response.Content.ReadAsStringAsync(), _jsonOptions);
await UpdateServerStateAsync(accessToken : token.Token, loggedIn : true);
return(Ok());
}
return(Unauthorized(await response.Content.ReadAsStringAsync()));
}
public async Task <IActionResult> ChangePassword([FromQuery] string oldPassword, string newPassword)
{
SignInDTO credentials = new SignInDTO()
{
Login = User.Claims.FirstOrDefault
(c => c.Type == ClaimTypes.Email).Value,
Password = oldPassword
};
await _accountService.ChangePassword(credentials, newPassword);
return(NoContent());
}
public async void Test_Login()
{
string action = "/account/login?returnUrl=http://localhost:50995/";
SignInDTO model = new SignInDTO
{
UserName = "******",
Password = "******",
};
var result = await _client.PostAsJsonAsync(action, model);
result.EnsureSuccessStatusCode();
var data = await result.Content.ReadAsStringAsync();
}
public async Task <ActionResult> SignIn(SignInDTO signInDto)
{
if (ModelState.IsValid)
{
await UserService.CreateUserAsync(signInDto);
var User = await UserService.FindUserByNameAsync(signInDto.UserName);
await CardService.NewGameAsync(User.UserId);
return(Ok(signInDto));
}
return(BadRequest());
}
public IActionResult Login(SignInDTO signIn)
{
IActionResult response = Unauthorized();
var user = _userFromRepo.UserName(signIn);
// var result = _service.PasswordChecker(user, signIn);
if (user != null)
{
var tokenString = _service.generateToken(user);
response = Ok(new { token = tokenString,
user });
}
return(response);
}
public async Task <bool> SignInAsync(SignInDTO signInDTO)
{
var tokenPair = await _tokenProvider.GetNewTokensAsync(signInDTO.Username, signInDTO.Password);
await _tokenStorageService.SetTokensAsync(tokenPair);
if (!await _tokenProvider.ValidateTokenAsync(tokenPair.AccessToken))
{
return(false);
}
var claims = _tokenProvider.ParseToken(tokenPair.AccessToken);
_jwtAuthStateProvider.MarkUserAsAuthenticated(claims);
return(true);
}
public void SignInTest_ReturnModelStateIsNotValid()
{
#region Arrange
SignInDTO signInDTO = null;
model = new Mock <IRepository>();
controller = new AccountController(model.Object);
#endregion
// Act
var result = controller.SignIn(signInDTO);
// Assert
Assert.IsType <BadRequestObjectResult>(result.Result);
}
public async Task <ActionResult <UserDTO> > LoginEndUser(SignInDTO signInDTO)
{
var user = await _userManager.FindByEmailAsync(signInDTO.Email);
if (user == null)
{
return(BadRequest("Invalid Email"));
}
var result = await _signInManager.CheckPasswordSignInAsync(user, signInDTO.Password, false);
if (result.Succeeded)
{
return(Ok(returnRTO(user)));
}
return(Unauthorized());
}
public async Task <ApiResponse> SignIn([FromBody] SignInDTO arg)
{
try
{
var ip = httpService.IpAddress(Request, HttpContext);
var token = await userService.SignInAsync(arg, ip);
return(new ApiResponse(InfoMessages.SuccesfullySignedIn, token, HttpStatusCode.OK.ToInt()));
}
catch (CustomException ex)
{
throw new ApiException(ex, ex.StatusCode);
}
catch (Exception ex)
{
throw new ApiException(ex);
}
}
public async Task <UserTokenDTO> SignInAsync(SignInDTO arg, string ip)
{
try
{
var user = await FindUser(arg.Username);
if (user == null)
{
throw new WrongCredentialsException();
}
if (user != null && !user.PhoneNumberConfirmed)
{
throw new AccountNotVerifiedException();
}
var result = await signInManager.CheckPasswordSignInAsync(user, arg.Password, true);
if (result.Succeeded)
{
var refreshToken = jwtService.GenerateRefreshToken(ip);
user.RefreshTokens.Add(refreshToken);
await db.SaveChangesAsync();
var roles = await userManager.GetRolesAsync(user);
return(new UserTokenDTO(jwtService.GenerateAuthorizationToken(user, roles),
refreshToken.Token));
}
else
{
if (result.IsLockedOut)
{
throw new AccountLockedException();
}
throw new WrongCredentialsException();
}
}
catch (System.Exception ex)
{
throw;
}
}
public async Task <ResultDTO> SignIn([FromBody] SignInDTO model)
{
var result = default(ResultDTO);
if (!ModelState.IsValid)
{
var errors = ModelStateCustomValidator.GetErrorsFromModel(ModelState);
result = new ErrorResultDTO
{
Status = 403,
Message = "Invalid sign in attempt",
Errors = errors
};
}
else
{
var loginResult = await signInManager.PasswordSignInAsync(model.Email, model.Password, false, false);
if (!loginResult.Succeeded)
{
result = new ErrorResultDTO
{
Status = 403,
Message = "Sign in error",
Errors = new string[] { "Incorrect email or password" }
};
}
else
{
var user = await userManager.FindByEmailAsync(model.Email);
await signInManager.SignInAsync(user, false);
result = new AuthResultDTO
{
Status = 200,
Message = "Ok",
Token = JWTTokenService.GenerateToken(user)
};
}
}
return(result);
}
public async Task <ActionResult <RequestResultDTO> > Authenticate([FromForm] SignInDTO signInDTO)
{
var userModel = _mapService.Map(signInDTO);
var result = await _authService.Authenticate(userModel);
var resultDTO = _mapService.Map(result);
if (!resultDTO.IsSuccess)
{
return(BadRequest(resultDTO));
}
Response.Cookies.Append("authToken", result.Token, new CookieOptions {
Path = "/", HttpOnly = true, Expires = DateTime.UtcNow.AddMinutes(5), Secure = true, SameSite = SameSiteMode.Strict
});
Response.Cookies.Append("user", result.UserId.ToString(), new CookieOptions {
Path = "/", HttpOnly = false, Expires = DateTime.UtcNow.AddMinutes(5), SameSite = SameSiteMode.Strict
});
return(Ok(resultDTO));
}
public async Task <IActionResult> PutCalendar(IFormFile file)
{
//file is a csv
var reader = new StreamReader(file.OpenReadStream());
await reader.ReadLineAsync();//discard column names
string v = "";
while ((v = await reader.ReadLineAsync()) != null)
{
v = v.Trim('"');
var split = v.Split("\",\"");//get signInDTO from each line
string signInJSON = string.Format(
"{{\"StartTime\":{0},\"EndTime\":{1},"
+ "\"StudentId\":{2},\"MachineName\":{4}}}",
$"\"{split[0]}\"",
$"\"{split[1]}\"",
$"\"{split[3]}\"",
$"\"{split[2]}\"");
SignInDTO signInDto
= JsonSerializer.Deserialize <SignInDTO>(signInJSON);
//make SignIn from SignInDTO
var machine = await
_context.Machines.FindAsync(signInDto.Machine.Name);
var student = await
_context.Students.FindAsync(signInDto.StudentId.Value);
if (machine == null || student == null)
{
return(NotFound());
}
SignIn signIn = new SignIn();
signIn.Student = student;
signIn.Machine = machine;
signIn.StartTime = signInDto.StartTime;
signIn.EndTime = signInDto.EndTime;
//add current record to db
_context.SignIns.Add(signIn);
await _context.SaveChangesAsync();
}
return(NoContent());
}
public object SignIn([FromBody] SignInDTO requestUser)
{
try
{
using (var context = new TodoAppContext())
{
using (MD5 md5Hash = MD5.Create())
{
var user = context.users.Where(u => (u.email == requestUser.credential || u.username == requestUser.credential)).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
string currPassword = GetMd5Hash(md5Hash, requestUser.password);
if (!VerifyMd5Hash(md5Hash, requestUser.password, user.password))
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
var BASIC = CryptographyService.EncryptValue($"{user.username}:{user.password}");
var result = new
{
username = user.username,
name = user.name,
lastName = user.lastName,
email = user.email,
basicTkn = BASIC
};
//HttpContext.Current.Response.AppendHeader("Basic", BASIC);
//Request.Headers.Add("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes($"{user.username}:{user.password}")));
return(Request.CreateResponse(HttpStatusCode.OK, result));
}
};
}
catch (Exception e)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, e));
}
}
public IHttpActionResult SignIn(SignInDTO signInData)
{
try
{
var result = _userService.ValidateUser(signInData.Email, signInData.Password);
if (result != null)
{
return(Ok(result));
}
else
{
return(Content(HttpStatusCode.Forbidden, "Wrong credentials."));
}
}
catch (Exception ex)
{
return(Content(HttpStatusCode.InternalServerError, "An error occured. Please try again."));
}
}
