public Response <AuthResponse> DangNhap(SignInRequest request)
{
var taiKhoan = _taiKhoanRepo.GetTaiKhoanByUsername(request.Username);
ISimpleHash simpleHash = new SimpleHash();
if (taiKhoan == null || !simpleHash.Verify(request.MatKhau, taiKhoan.MatKhau))
{
return new Response <AuthResponse>
{
Success = false,
StatusCode = 400,
Errors = new[] { "Sai tài khoản hoặc mật khẩu" }
}
}
;
var jwtService = new JwtService(_config);
var token = jwtService.GenerateSecurityToken(taiKhoan);
var data = new AuthResponse(token, taiKhoan);
return(new Response <AuthResponse>
{
Success = true,
StatusCode = 200,
Errors = null,
Data = data
});
}
}
public async Task Signin_with_invalid_user_should_return_a_valid_token_response()
{
SignInRequest request = new SignInRequest {
Email = "invalid.user", Password = "******"
};
await Task.Run(() => _userService.SignInAsync(request).ShouldThrow <StackException>());
}
public ServiceResult <IdentityResultCode> SignIn(SignInRequest request)
{
var isRequestValid = ValidateSignInRequest(request);
if (!isRequestValid)
{
return(BuildResult(false, IdentityResultCode.IncompleteArgument, ArgumentNullMsg));
}
var account = _accountRepo.GetUniqueAccountByEmail(request.Email);
if (account == null)
{
return(BuildResult(false, IdentityResultCode.AccountNotExist, AccountNotExistMsg));
}
var password = IdentityHelper.HashPassword(request.Password);
if (password != account.Password)
{
return(BuildResult(false, IdentityResultCode.PasswordError, PasswordErrorMsg));
}
var authToken = GenerateAuthenticatedToken(account);
var resultObject = new SignInResult {
Identity = account.Id, Username = account.UserName, AuthenticatedToken = authToken
};
if ((AccountStatus)account.Status == AccountStatus.Inactive)
{
return(BuildResult(true, IdentityResultCode.InactivatedAccount, InactivatedAccountMsg, resultObject));
}
return(BuildResult(true, IdentityResultCode.Success, resultObj: resultObject));
}
public async Task Login_Valid_Returns_True()
{
// Arrange
var userList = new List <User>();
userList.Add(new User {
Id = 1
});
var mockUser = userList.AsQueryable().BuildMock();
_Repo.Setup(x => x.Get(It.IsAny <Expression <Func <User, bool> > >())).Returns(mockUser.Object);
var request = new SignInRequest {
Username = "******", Password = "******"
};
var token = new AuthToken {
token = ""
};
var tokenBuilder = new Mock <ITokenBuilderService>();
tokenBuilder.Setup(x => x.GetToken(It.IsAny <int>())).Returns(token);
var passwordService = new Mock <IPasswordService>();
passwordService.Setup(x => x.ValidatePassword(It.IsAny <string>(), It.IsAny <string>())).Returns(true);
var authService = new AuthenticateService(_Repo.Object, tokenBuilder.Object, passwordService.Object);
// Act
var results = await authService.Authenticate(request);
// Assert
Assert.IsTrue(results.Success);
}
public override async Task <SignInResponse> SignIn(SignInRequest request, ServerCallContext context)
{
var signInModel = new SignInModel
{
UserName = request.UserName,
Password = request.Password
};
var signInCommand = new SignInCommand(signInModel);
var result = await _commandBus.SendAsync(signInCommand);
if (result.IsOk)
{
var response = result.Value as dynamic;
return(new SignInResponse
{
AccessToken = response.AccessToken,
RefreshToken = response.RefreshToken,
ExpiresIn = response.ExpiresIn,
TokenType = response.TokenType,
});
}
var statusCode = (StatusCode)result.StatusCode;
throw new RpcException(new Status(statusCode, result.Value?.ToString()));
}
public async Task SignInAsync(SignInRequest request)
{
var principal = _mapper.Map <ClaimsPrincipal>(request);
var properties = _mapper.Map <AuthenticationProperties>(request);
await _httpContextAccessor.HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme, principal, properties);
}
public async Task <SignInResponse> SignIn(SignInRequest request)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
throw new Exception("Invalid credentials.");
}
var result = await _signInManager.PasswordSignInAsync(user, request.Password, false, false);
if (!result.Succeeded)
{
throw new Exception("Invalid credentials.");
}
List <Claim> userClaims = await GetUserClaims(user);
var accessToken = _tokenService.GenerateAccessToken(user.Id, user.UserName, userClaims);
var refreshToken = _tokenService.GenerateRefreshToken();
user.RefreshToken = refreshToken;
user.RefreshTokenExpiryTime = DateTime.Now.AddDays(7);
await _userManager.UpdateAsync(user);
var response = new SignInResponse
{
Username = user.UserName,
AccessToken = new JwtSecurityTokenHandler().WriteToken(accessToken),
RefreshToken = refreshToken
};
return(response);
}
public void TestSignInValid()
{
IRestResponse <object> mockedSingInResponse = new RestResponse <object>()
{
StatusCode = HttpStatusCode.Created
};
mockedSingInResponse.Headers.Add(new Parameter()
{
Name = "Location",
Value = "http://localhost:8080/cms/api/v3/sessions/123123123"
});
var mockedGetSessionInformationResponse = new RestResponse <Session>()
{
StatusCode = HttpStatusCode.OK
};
var mockedSesionResponse = new Session()
{
AccountID = Guid.NewGuid(),
SessionToken = "123123123"
};
mockedGetSessionInformationResponse.Data = mockedSesionResponse;
mockedClient.Setup(c => c.Execute <object>(It.IsAny <JSONRestRequest>())).Returns(mockedSingInResponse);
mockedClient.Setup <IRestResponse>(c => c.Execute <Session>(It.IsAny <JSONRestRequest>())).Returns(mockedGetSessionInformationResponse);
var signInrequest = new SignInRequest()
{
};
var resutl = provider.SignIn(signInrequest);
Assert.AreEqual(resutl.SessionToken, mockedSesionResponse.SessionToken);
mockedClient.Verify(c => c.Execute <object>(It.IsAny <JSONRestRequest>()), Times.Once);
mockedClient.Verify(c => c.Execute <Session>(It.IsAny <JSONRestRequest>()), Times.Once);
}
public BaseResponse SignIn(SignInRequest credentials)
{
//TODO SignInValidator
//ValidationResult validation = new SignInValidator().Validate(user);
//if (!validation.IsValid)
//{
// return DefaultValidationFailure(validation.Errors);
//}
var user = _userRepository.GetUserByEmail(credentials.Email);
if (user == null)
{
return(CreateValidationFailure("email or password", "Invalid username or password"));
}
if (!VerifyPasswordHash(credentials.Password, user.PasswordHash, user.PasswordSalt))
{
return(CreateValidationFailure("email or password", "Invalid username or password"));
}
var response = _mapper.Map <User, SignInResponse>(user);
response.Token = BuildToken(response).Token;
return(DefaultSuccess(response));
}
public IActionResult SignIn([FromBody] SignInRequest request)
{
//Validazione argomenti
if (request == null)
{
return(BadRequest());
}
//Validazione del modello
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//Tento il sign-in con il service layer
var result = Layer.SignIn(request.UserName, request.Password);
//Se non ho ricevuto il risultato
if (result == null)
{
return(Unauthorized());
}
//Ritorno il risultato
return(Ok(result));
}
public void ReturnsFailResponseWhenPasswordDoesNotMatch()
{
const string email = "[email protected]";
const string password = "******";
const string validationToken = "validation token";
var request = new SignInRequest
{
Email = email,
Password = password,
ValidationToken = validationToken
};
var user = new User();
_mock.Mock <IUserManager>()
.Setup(manager => manager.FindByEmailAsync(email))
.ReturnsAsync(user);
_mock.Mock <IUserManager>()
.Setup(provider => provider.CheckPasswordAsync(user, password))
.ReturnsAsync(false);
_mock.Mock <ICaptchaValidationService>()
.Setup(provider => provider.IsValidAsync(validationToken))
.ReturnsAsync(true);
var controller = _mock.Create <AuthController>();
var expected = new BadRequestException("LOGIN_FAILED");
ExceptionAssert.ThrowsAsync(expected, () => controller.SignIn(request));
}
public ActionResult Index(SignInRequest model, string returnUrl)
{
string redirectUrl = string.Empty;
if (ModelState.IsValid)
{
try
{
var ip = Request.UserHostAddress;
using (var authService = new AuthenticationSrv())
{
var user = authService.AuthenticateUser(model);
authService.SetAuthCookie();
var browser = Request.Browser.Browser + Request.Browser.Version;
var sessionId = HttpContext.Session.SessionID;
LogSessionAsync(browser, ip, user, sessionId);
}
return(SafeRedirect(returnUrl, true));
}
catch (SimpleException ex)
{
ModelState.AddModelError("", ex.Message);
}
}
return(View(model));
}
private async void OnSignInClicked(object sender, EventArgs e)
{
var request = new SignInRequest()
{
Name = usernameEntry.Text, Password = passwordEntry.Text
};
try
{
var response = await authService.SignIn(request);
if (response.Session != null)
{
messageLabel.Text = $"Logged in as {response.Session.UserId}";
}
else
{
messageLabel.Text = "Not logged in";
}
} catch (Exception ex)
{
messageLabel.Text = ex.Message;
}
}
public async Task Get_with_authorized_user_should_retrieve_the_right_user(string url)
{
HttpClient client = _factory.CreateClient();
SignInRequest signInRequest = new SignInRequest {
Email = "*****@*****.**", Password = "******"
};
StringContent httpContent =
new StringContent(JsonConvert.SerializeObject(signInRequest), Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(url + "/auth?api-version=1.0", httpContent);
string responseContent = await response.Content.ReadAsStringAsync();
response.EnsureSuccessStatusCode();
RespContainer <TokenResponse> tokenResponse = JsonConvert.DeserializeObject <RespContainer <TokenResponse> >(responseContent);
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", tokenResponse.Data.Token);
HttpResponseMessage restrictedResponse = await client.GetAsync(url + "?api-version=1.0");
restrictedResponse.EnsureSuccessStatusCode();
restrictedResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
}
public IActionResult SignIn(SignInRequest loginRequest)
{
Result result = _dispatcher.Dispatch(new SignInCommand(loginRequest.Email, loginRequest.Password));
return(FromResult(result));
/*
* var userModel = _identityService.SignIn(userLoginRequest);
*
* if (userModel == null)
* {
* return BadRequest(new AuthFailedResponse { Errors = new[] { "Email Et/Ou password incorrect" } });
* }
*
* var userFeatures = _featureService.GetByUser(userModel.Id);
*
* var authResult = GenerateAuthenticationResultForUser(userModel);
*
* return Ok(new UserFeatureResponse
* {
* Token = authResult.Token,
* RefreshToken = authResult.RefreshToken,
* Email = userModel.Email,
* FirstName = userModel.FirstName,
* LastName = userModel.LastName,
* UserFeatures = userFeatures
* });*/
}
public async Task Get_with_authorized_user_should_retrieve_the_right_user(string url)
{
// Arrange - authorization
HttpClient client = _factory.CreateClient();
SignInRequest signInRequest = new SignInRequest
{
Email = "*****@*****.**",
Password = "******"
};
HttpContent httpContent = new StringContent(JsonConvert.SerializeObject(signInRequest),
Encoding.UTF8, "application/json");
// Act - authorization
HttpResponseMessage response = await client.PostAsync(url + "/auth", httpContent);
string responseContent = await response.Content.ReadAsStringAsync();
// Assert - authorization
response.EnsureSuccessStatusCode();
// Arrange - get user
TokenResponse tokenResponse = JsonConvert.DeserializeObject <TokenResponse>(responseContent);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokenResponse.Token);
// Act - - get user
HttpResponseMessage restrictedResponse = await client.GetAsync(url);
// Assert - get user
restrictedResponse.EnsureSuccessStatusCode();
restrictedResponse.StatusCode.Should().Be(HttpStatusCode.OK);
}
public ActionResult <SignInResponse> SignIn(SignInRequest item)
{
try {
if (IsValidUser(item))
{
//
var claims = new[]
{
new Claim(ClaimTypes.Name, item.Username),
new Claim("luckeyNumber", "3214"),
new Claim("lat", "92.111")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config["JWT:SecurityKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: config["JWT:Issuer"],
audience: config["JWT:Audience"],
claims: claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return(Ok(new SignInResponse {
Token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
return(Unauthorized());
} catch (Exception ex) {
string messages = ex.InnerException != null ? ex.InnerException.Message : ex.Message;
return(StatusCode(StatusCodes.Status500InternalServerError, messages));
}
}
public async Task <IActionResult> SignIn(SignInRequest request)
{
var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress);
if (userProfile == null)
{
return(NotFound());
}
var passwordValid = PasswordHasher.CompareSecurePassword(request.Password, userProfile.Password);
if (!passwordValid)
{
return(BadRequest("Invalid credentials"));
}
var authenticationToken = _authenticationTokenProvider.Generate(request.EmailAddress, userProfile.Id.ToString());
var response = new SignInResponse
{
Token = authenticationToken.Token,
Expiration = authenticationToken.ExpirationDateTime
};
return(Ok(response));
}
public ActionResult Login(LoginModel model)
{
string viewName = "Index";
if (ModelState.IsValid)
{
// Check the user's credentials against the database
AccountConnection accountConnection = new AccountConnection();
SignInRequest request = new SignInRequest()
{
Username = model.Username,
Password = model.Password
};
SignInResponse response = accountConnection.SignIn(request);
if (response.UserId != -1)
{
// Redirect the user to home and store the user id as a session variable. Helps for account tracking.
viewName = "Home";
Session["UserId"] = response.UserId;
Session["UserType"] = response.UserType;
Session["Username"] = model.Username;
}
}
return(RedirectToAction(viewName));
}
public async Task get_with_authorized_user_should_retrieve_the_right_user(string url)
{
var client = _factory.CreateClient();
var signInRequest = new SignInRequest
{
Email = "*****@*****.**",
Password = "******",
Role = "Admin"
};
var httpContent = new StringContent(
JsonConvert.SerializeObject(signInRequest), Encoding.UTF8, "application/json");
var response = await client.PostAsync($"{url}/auth", httpContent);
var responseContent = await response.Content.ReadAsStringAsync();
response.EnsureSuccessStatusCode();
var tokenResponse = JsonConvert.DeserializeObject <TokenResponse>(responseContent);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(
"Bearer", tokenResponse.Token);
var restrictedResponse = await client.GetAsync(url);
restrictedResponse.EnsureSuccessStatusCode();
restrictedResponse.StatusCode.ShouldBe(HttpStatusCode.OK);
}
public Response SignIn(SignInRequest request)
{
try
{
var ds = _dal.GetUser(request.Email);
SignInResponse retval = new SignInInvalidEmailResponse(request.Email);
if (ds.Tables.Count > 0)
{
var tbl = ds.Tables[0];
if (tbl.Rows.Count == 1)
{
if (request.Email == (string)tbl.Rows[0][0])
{
retval = new SignInResponseOK((string)tbl.Rows[0][0], (string)tbl.Rows[0][1]);
}
}
}
return(retval);
}
catch (Exception ex)
{
return(new AppResponseError(ex.Message));
}
}
static async Task <string> SignInAsync()
{
Console.WriteLine("Sign in");
Console.WriteLine("=======");
while (true)
{
var user = EnterUserName();
var password = EnterPassword();
try
{
var signInRequest = new SignInRequest
{
UserName = user,
Password = password
};
var response = await _client.SignInAsync(signInRequest);
return(response.Token);
}
catch (RpcException e) when(e.Status.StatusCode == StatusCode.Unauthenticated)
{
Console.WriteLine("Login incorrect.");
}
}
}
public IActionResult SignIn([FromBody] SignInRequest request)
{
var user = UserService.FindByPhoneNumber(request.PhoneNumber);
if (user == null)
{
return(NotFound(new ResponseModel
{
Success = false,
Message = "Номер телефона не зарегистрирован"
}));
}
if (UserSessionService.GetUserActiveSession(user) != null)
{
UserSessionService.CloseUserActiveSession(user);
}
var session = UserSessionService.CreateSession(user);
SmscHelper.SendSms(user.PhoneNumber, $"Код для входа: {session.AuthCode}");
return(Ok(new SignInResponse
{
UserID = user.ID
}));
}
public SignUpInResult SignIn(SignInRequest request)
{
return(BaseInvokeCheckModel(request, () =>
{
User dataUser = _dbContext.Users
.Include(x => x.AuthToken)
.FirstOrDefault(x => x.Email == request.Email);
if (dataUser == null ||
!_crypto.IsValid(dataUser.PasswordHash, dataUser.PasswordSalt, request.Password))
{
return ResponseBuilder <SignUpInResult> .Fail().SetInfoAndBuild("Email or password is incorrect");
}
UpdateAuthToken(dataUser.AuthToken);
_dbContext.SaveChanges();
return ResponseBuilder <SignUpInResult> .SuccessBuild(new SignUpInResult
{
User = UserMapper.ToApi.FromData(dataUser),
AuthToken = AuthTokenMapper.ToApi.FromData(dataUser.AuthToken)
});
}));
}
public void OnSignButtonClick(object sender, EventArgs e)
{
string login = loginTextBox.Text;
string password = passwordTextBox.Text;
SignInRequest.Invoke(sender, new SignInRequestEventArgs(login, password));
}
public async Task <R <TokensResponse> > SignIn(SignInRequest request)
{
var uri = $"{endpoint}/api/v1/Login/";
var response = await http.Post <SignInRequest, TokensResponse>(uri, request);
return(response);
}
public async Task <ActionResult> SignIn([FromBody] SignInRequest request)
{
var query = new SignInQuery(request.Email, request.Password);
var result = await _dispatcher.QueryAsync(query);
return(Ok(result));
}
public DataSet GetUser(SignInRequest request)
{
var email = _infraDal.GetParameter("P_EMAIL", request.LoginDto.Email);
var outParam = _infraDal.GetOutParameter("retval");
return(_infraDal.ExecuteSpQuery(_connection, "GET_USER", email, outParam));
}
public async Task <IActionResult> SignIn([FromBody] SignInRequest request)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var account = _mapper.Map <Account>(request);
account = await _accountRepository.SignInAsync(account);
if (account == null)
{
return(Unauthorized());
}
return(Ok(_tokenHelper.GenerateToken(account)));
}
catch (Exception e)
{
ModelState.AddModelError("Exception", e.Message);
}
return(BadRequest(ModelState));
}
public async Task <ActionResult <SignInResponse> > SignIn(SignInRequest request)
{
var authAttempt = await _userAuthService.AuthenticateAsync(request.Username, request.Password);
if (!authAttempt.IsSuccess)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, new SignInResponse
{
ResultCode = authAttempt.Code.ToString("G"),
}));
}
Response.Cookies.Append(
JwtBearerAuthenticationOptions.JwtBearerAuthentication,
_jwtTokenGenerator.CreateToken(authAttempt.User),
new CookieOptions
{
Expires = DateTimeOffset.Now.AddDays(7),
HttpOnly = false,
Secure = false,
}
);
return(Ok(new SignInResponse
{
ResultCode = authAttempt.Code.ToString("G"),
}));
}
public async Task<SignInResponse> SignInAsync (SignInRequest request)
{
await Task.Delay (2000);
return new SignInResponse {
Succeeded = true,
Result = true
};
}
public void SignInTest()
{
SignInRequest request = new SignInRequest("ipon", "gild4MAX19", "127.0.0.1");
HttpResponseMessage response = CreateHttpClient().PostAsJsonAsync("Visitor/SignIn", request).Result;
if (response.IsSuccessStatusCode)
{
CompanyGroup.Dto.PartnerModule.Visitor visitor = response.Content.ReadAsAsync<CompanyGroup.Dto.PartnerModule.Visitor>().Result;
Assert.IsNotNull(visitor);
}
else
{
TestContext.WriteLine("{0} ({1})", (int)response.StatusCode, response.ReasonPhrase);
}
}
public SignInOrRegisterRequest(SignInRequest request)
{
SignInRequest = request;
}
