public async Task <IActionResult> SignIn(UserAuthenticateRequest request)
{
var response = await _userAuthenticateService.Execute(request);
if (!response.notification.Success())
{
return(BadRequest(response.notification.GetNotifications()));
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, new NduCrypto(Settings.CRYPTO_KEY).Encrypt(response.user.Id.ToString()))
}),
Expires = DateTime.UtcNow.AddHours(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Settings.TOKEN_SECRET)),
SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
string token = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
return(Ok(new { token }));
}
public UserAuthenticateResponse UserAuthenticate(UserAuthenticateRequest request)
{
if (request == null)
{
throw new Exception("UserAuthenticateRequest object is required");
}
var email = new Email(request.Email);
var user = new User(email, request.Password);
if (this.IsInvalid())
{
return(null);
}
user = _repositoryUser.Get(user.Email.Address, user.Password);
if (user == null)
{
throw new Exception("User, User data not found");
}
var response = (UserAuthenticateResponse)user;
return(response);
}
public UserAuthenticateResponse Get(UserAuthenticateRequest request)
{
UserAuthenticateResponse response = new UserAuthenticateResponse();
try
{
//build the token from the user authentication request remote machine for additional security
//this will then be passed in from calling domains via the header for validation
string securityToken = BuildSecurityToken();
request.UserName = Request.Headers["UserName"];
request.Password = Request.Headers["Password"];
request.APIKey = Request.Headers["APIKey"];
request.Context = Request.Headers["Context"];
// validate user against apiuser datastore
response = SecurityManager.ValidateCredentials(request.UserName, request.Password, securityToken, request.APIKey, request.Context, request.ContractNumber);
return(response);
}
catch (Exception ex)
{
//TODO: Log this to the SQL database via ASE
CommonFormatter.FormatExceptionResponse(response, base.Response, ex);
return(response);
}
}
public async Task <IActionResult> Login([FromBody] UserAuthenticateRequest request)
{
//User login success gibi düşünelim.
var user = await _userService.Authenticate(request);
return(Ok(user));
}
public IActionResult AuthenticateUser([FromBody] UserAuthenticateRequest model)
{
var response = this._userAuthService.AuthenticateUser(model);
if (response == null)
{
Log.Information("email or password incorrect");
return(new BadRequestObjectResult(new { message = "email or password is incorrect" }));
}
return(Ok(response));
}
public UserServiceTests()
{
_mapper = new Mock <IMapper>();
_repository = new Mock <IGenericRepository <User> >();
_userAuthenticateRequest = new UserAuthenticateRequest();
_user = new User();
_userResponse = new UserListResponse();
_userListResponses = new List <UserListResponse>();
_users = new List <User>();
_configuration = new ConfigurationBuilder().AddJsonFile("appsettings.json").Build();
sut = new UserService(_configuration, _repository.Object, _mapper.Object);
}
public UserAuthenticateResponse AuthenticateUser(UserAuthenticateRequest model)
{
var user = this._users.SingleOrDefault(user => user.Email == model.Email && user.Password == model.Password); //return only one element if its matched other wise default value of model
if (user == null) //return null if user not found or wrong credentials
{
return(null);
}
var token = GenerateJwtToken(user);
return(new UserAuthenticateResponse(user, token));
}
/// <summary>
/// User Signin
/// </summary>
/// <param name="user">User Email</param>
/// <param name="options">Authentication Type</param>
/// <param name="authManager">Authentication Manager</param>
/// <returns></returns>
public string SignIn(UserAuthenticateRequest user, OAuthAuthorizationServerOptions options, IAuthenticationManager authManager)
{
ClaimsIdentity identity = new ClaimsIdentity(options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Email, user.Username));
identity.AddClaim(new Claim("UserID", user.UserID.ToString()));
identity.AddClaim(new Claim("StudyID", user.StudyID));
AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(60));
authManager.SignIn(identity);
return(options.AccessTokenFormat.Protect(ticket));
}
public void User_Not_Found_Return_As_Expected()
{
UserAuthenticateRequest userRequest = new UserAuthenticateRequest
{
Password = "******",
UserName = "******"
};
_repository.Setup(c => c.Get(x => x.UserName == userRequest.UserName && x.Password == userRequest.Password)).Returns(Task.FromResult(_user));
_mapper.Setup(c => c.Map(_user, _userResponse)).Returns(_userResponse);
Action action = () =>
{
var result = sut.Authenticate(_userAuthenticateRequest).GetAwaiter().GetResult();
};
action.Should().NotThrow <Exception>();
}
public virtual UserGetResponse Authenticate(UserAuthenticateRequest source)
{
if (source != null && !string.IsNullOrWhiteSpace(source.Username) &&
!string.IsNullOrWhiteSpace(source.Password))
{
var userAuthorized = this._thermoDataContext.Users.Where(x => x.Username == source.Username).FirstOrDefault();
if (userAuthorized != null)
{
if (EncryptionUtil.IsPasswordAMatch(source.Password.Trim(), userAuthorized.Password.Trim()))
{
return(userAuthorized.MapTo());
}
}
}
return(null);
}
/// <summary>
/// Create Session token object
/// </summary>
/// <param name="userId">UserId</param>
/// <param name="email">Email</param>
/// <param name="studyId">StudyId</param>
/// <returns>Session token</returns>
public UserSessionToken CreateSessionTokenObject(long userId, string email, string studyId)
{
var response = new UserSessionToken();
try
{
if (Helper.IsValidEmail(email) == false)
{
email = string.Empty;
}
string token = string.Empty;
IAuthenticationManager authentication = HttpContext.Current.GetOwinContext().Authentication;
UserAuthenticateRequest userRequest = new UserAuthenticateRequest
{
UserID = userId,
Username = email,
StudyID = studyId
};
token = SignIn(userRequest, Startup.OAuthOptions, authentication);
User user = _UnitOfWork.IUserRepository.GetById(userId);
if (user != null)
{
user.SessionToken = token;
_UnitOfWork.IUserRepository.Update(user);
_UnitOfWork.Commit();
response = new UserSessionToken
{
SessionToken = token,
ErrorCode = LAMPConstants.API_SUCCESS_CODE
};
}
}
catch (Exception ex)
{
LogUtil.Error(ex);
response = new UserSessionToken
{
ErrorCode = LAMPConstants.API_UNEXPECTED_ERROR,
ErrorMessage = ResourceHelper.GetStringResource(LAMPConstants.API_UNEXPECTED_ERROR)
};
}
return(response);
}
public IActionResult Authenticate([FromBody] UserAuthenticateRequest model)
{
if (model == null)
{
return(BadRequest());
}
var user = _personDataService.Authenticate(model);
if (user != null)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.Role, (user.Role ?? DefaultUserRole))
}),
Expires = DateTime.UtcNow.AddDays(DefaultTokenExpirationDays),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
// return basic user info and authentication token
return(Ok(new
{
Id = user.Nid,
Username = user.Username,
Email = user.Email,
Role = user.Role,
FirebaseToken = user.FirebaseToken,
Token = tokenString
}));
}
return(NotFound());
}
public AuthenticateResponse AuthenticateLogin(AuthenticateRequest model)
{
AuthenticateResponse resp = _AccountManagementService.AuthenticateLogin(model);
UserAuthenticateRequest ureq = new UserAuthenticateRequest();
try
{
string responseInString = "";
if (resp.series != "")
{
using (var wb = new WebClient())
{
//string url = "https://usermgtservices.azurewebsites.net/api/UserManagement/AuthenticateLogin";
string url = "http://localhost:1008/api/UserManagement/AuthenticateLogin";
//string url = "http://localhost:63620/api/UserManagement/AuthenticateLogin";
ureq.username = model.username;
ureq.password = model.password;
ureq.company_code = model.company_code;
ureq.series_code = resp.series;
wb.Headers[HttpRequestHeader.ContentType] = "application/json";
string Stringdata = JsonConvert.SerializeObject(ureq);
responseInString = wb.UploadString(url, Stringdata);
//string HtmlResult = wb.UploadValues(url, data);
//var response = wb.UploadValues(url, "POST", data);
//responseInString = Encoding.UTF8.GetString(response);
}
resp = JsonConvert.DeserializeObject <AuthenticateResponse>(responseInString);
}
}
catch (Exception e)
{
resp.routing = "Error: " + e.Message;
}
return(resp);
}
public async Task <ActionResult> Login(UserAuthenticateRequest userAuthenticateRequest, string returnUrl)
{
User _user = null;
if (ModelState.IsValid)
{
using (HttpClient client = new HttpClient())
{
string endpoint = "https://localhost:44335/Auth/Authenticate";
StringContent content = new StringContent(JsonConvert.SerializeObject(userAuthenticateRequest), Encoding.UTF8, "application/json");
using (var Response = await client.PostAsync(endpoint, content))
{
if (Response.StatusCode == System.Net.HttpStatusCode.OK)
{
using (HttpContent _content = Response.Content)
{
Task <string> result = _content.ReadAsStringAsync();
Result deserialized = JsonConvert.DeserializeObject <Result>(result.Result);
_user = deserialized.result;
TempData["user"] = JsonConvert.SerializeObject(_user);
ViewBag.Name = _user.firstName + " " + _user.lastName;
}
var userToken = _user.Token;
HttpContext.Session.SetString("JWToken", userToken);
return(RedirectToAction("UserDetials", "Dashboard", new { area = "Admin" }));
}
else
{
ModelState.Clear();
ModelState.AddModelError(string.Empty, "Username or Password is Incorrect");
return(View());
}
}
}
}
return(View());
}
public async Task <UserAuthenticateResponse> Authenticate(UserAuthenticateRequest userAuthenticateRequest)
{
var secretKey = _configuration["AppSettings:Secret"].ToString();
//TODO:Add Hash operations
var user = await _repository.Get(x => x.UserName == userAuthenticateRequest.UserName && x.Password == userAuthenticateRequest.Password);
if (user == null)
{
return(new UserAuthenticateResponse
{
Message = "User Not Found",
Success = false
});
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(secretKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var response = new UserAuthenticateResponse
{
UserName = user.UserName,
Token = tokenHandler.WriteToken(token)
};
return(_mapper.Map <UserAuthenticateResponse>(response));
}
