/// <summary> /// 更新登录凭证 /// </summary> /// <param name="model"></param> public void Update(UserTokenDto model) { UserTokenEntity entity = _userTokenRepository.Table.Where(a => a.UserID == model.UserID).FirstOrDefault(); entity = model.ToEntity(entity); _userTokenRepository.Update(entity); }
public async Task <ActionResult <UserTokenDto> > Login([FromBody] LoginDto model) { var user = await _tokenService.VerifyUserCredentials(model); var claims = new[] { new Claim("id", user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, user.Role.Name) }; var jwt = _tokenService.GenerateJWT(claims); var refreshToken = await _tokenService.GenerateRefreshToken(user); UserTokenDto userTokenDto = new UserTokenDto { Id = user.Id, FirstName = user.FirstName, LastName = user.LastName, Token = new TokenDto() { JWT = jwt, RefreshToken = refreshToken } }; return(Ok(userTokenDto)); }
private IActionResult DoPassword(UserDto userDto) { var user = _userService.Authenticate(userDto.Username, userDto.Password); if (user == null) { return(BadRequest("Email i/lub hasło są nie poprawne")); } if (user.EmailConfirmed == false) { return(BadRequest("W celu zalogowania wymagana jest aktywacja konta")); } var refreshToken = GenerateRefreshToken(); var rToken = new UserTokenDto { Token = refreshToken, UserId = user.Id, IsStop = 0 }; var mappedRefreshToken = _mapper.Map <UserToken>(rToken); if (_userService.AddToken(mappedRefreshToken)) { return(Ok(GetJwt(user, refreshToken))); } return(BadRequest()); }
private UserTokenDto GenerateToken(GetUserDto user) { Claim[] claims = new[] { new Claim(nameof(User.Id), user.Id), new Claim(nameof(User.Email), user.Email), new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()), new Claim(JwtRegisteredClaimNames.Exp, new DateTimeOffset(DateTime.Now.AddDays(_configuration.TokenExpirationPeriodInDay)).ToUnixTimeSeconds().ToString()), }; JwtSecurityToken token = new JwtSecurityToken( new JwtHeader(new SigningCredentials(_configuration.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)), new JwtPayload(claims)); string tokenValue = new JwtSecurityTokenHandler().WriteToken(token); UserTokenDto tokenResponse = new UserTokenDto { User = user, AccessToken = tokenValue, ExpiresIn = (int)TimeSpan.FromDays(_configuration.TokenExpirationPeriodInDay).TotalSeconds }; return(tokenResponse); }
public void InsertUserToken(UserTokenDto userTokenDto) { var userToken = Mapper.Map <UserToken>(userTokenDto); ToDoUnitOfWork.UserTokenRepository.Insert(userToken); ToDoUnitOfWork.Save(); }
public async Task <GenericResponse> Put(long id, UserTokenDto dto) { if (id != dto.Id) { return(GenericResponse.Error(ResultType.Error, "Ids are mismatch!", "RT_PT_01", StatusCodes.Status500InternalServerError)); } try { UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto); ServiceResult serviceResult = await serviceManager.UserToken_Service.UpdateAsync(id, bo); if (serviceResult.Success) { await serviceManager.CommitAsync(); return(GenericResponse.Ok()); } else { return(GenericResponse.Error(ResultType.Error, serviceResult.Error, "RT_PT_02", StatusCodes.Status500InternalServerError)); } } catch (Exception ex) { Log(ex.Message, LogLevel.Error, this.ControllerContext.RouteData.Values); return(GenericResponse.Error(ResultType.Error, ex.Message, "RT_PT_03", StatusCodes.Status500InternalServerError)); } }
private async Task <OperationResult> Login(string userName, string registKey, LoginDevice loginDevice, string clientVersion) { //更新最后一次登录的RegistKey var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName); if (theUser == null) { return(new OperationResult(OperationResultType.ValidError, "数据错误", null)); } if (theUser.RegistKey != registKey) { theUser.RegistKey = registKey; await UserInfoRepo.UpdateAsync(theUser); } //变更登录信息 await ResetToken(theUser, loginDevice, clientVersion); var loginInfo = new UserTokenDto() { Id = theUser.Id, NickName = theUser.SysUser.NickName, HeadPic = theUser.HeadPic, Sex = theUser.Sex, Token = theUser.Token }; return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo)); }
/// <summary> /// 用户登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="password">密码</param> /// <param name="registKey">极光registKey</param> /// <param name="loginDevice">登录设备</param> /// <param name="clientVersion">客户端版本</param> /// <param name="type">登录方式</param> /// <returns></returns> public async Task <OperationResult> Login(string userName, string password, string registKey, LoginDevice loginDevice, string clientVersion, int type) { userName.CheckNotNullOrEmpty("userName"); password.CheckNotNullOrEmpty("password"); SysUser sUser = await UserManager.FindByNameAsync(userName); if (sUser == null) { return(new OperationResult(OperationResultType.ValidError, "用户不存在", 0)); } if (sUser.IsLocked) { return(new OperationResult(OperationResultType.ValidError, "您的账号已被冻结,请联系客服", 0)); } if (type == 2) { //验证码 var severCode = GetValidateCode(userName, CodeType.临时密码); if (severCode == null || severCode.Code != password) { return(new OperationResult(OperationResultType.ValidError, "临时密码错误", 0)); } } else { if (!await UserManager.CheckPasswordAsync(sUser, password)) { return(new OperationResult(OperationResultType.ValidError, "用户名或密码错误", null)); } } if (sUser.UserType != UserType.App用户) { return(new OperationResult(OperationResultType.QueryNull, "用户不存在", null)); } //更新最后一次登录的RegistKey var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName); if (theUser.RegistKey != registKey) { theUser.RegistKey = registKey; await UserInfoRepo.UpdateAsync(theUser); } //变更登录信息 await ResetToken(theUser, loginDevice, clientVersion); var loginInfo = new UserTokenDto() { Id = theUser.Id, NickName = theUser.SysUser.NickName, HeadPic = theUser.HeadPic, Sex = theUser.Sex, PhoneNo = theUser.SysUser.PhoneNumber, Token = theUser.Token }; //return new OperationResult(OperationResultType.Success, "登录成功", sUser); return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo)); }
public async Task <UserTokenDto> RefreshToken(UserTokenDto userToken) { if (userToken == null) { throw new ArgumentNullException(nameof(userToken), ExceptionStrings.NullArgumentException); } var user = await GetUserFromExpiredToken(userToken.AccessToken); if (user.RefreshToken != userToken.RefreshToken) { throw new SecurityTokenException(ExceptionStrings.InvalidRefreshTokenException); } var newAccessToken = await GenerateAccessToken(user); var newRefreshToken = GenerateRefreshToken(); user.RefreshToken = newRefreshToken; user.LastActive = DateTime.UtcNow; var updateResult = await _userManager.UpdateAsync(user); if (!updateResult.Succeeded) { throw new ObjectUpdateException(ExceptionStrings.RefreshException, user.Email, newRefreshToken); } return(new UserTokenDto() { AccessToken = newAccessToken, RefreshToken = newRefreshToken }); }
public async Task <IActionResult> UpdateTokens([FromBody] UpdateTokensRequest updateTokensRequest) { UserTokenDto userToken = await _accountService.UpdateTokens(updateTokensRequest.RefreshToken); await _unitOfWork.CommitAsync(); return(Ok(userToken)); }
public async Task <IActionResult> Auth([FromBody] AuthRequestDto authRequestDto) { UserTokenDto userToken = await _accountService.Auth(authRequestDto.Login, authRequestDto.Password); await _unitOfWork.CommitAsync(); return(Ok(userToken)); }
/// <summary> /// 三方登录 /// </summary> /// <param name="thirdKey">三方key</param> /// <param name="thirdProvider">微博?QQ?微信?</param> /// <param name="loginDevice">登录设备 IOS?Android?</param> /// <param name="clientVersion">客户端版本</param> /// <param name="registKey">极光推送Key</param> /// <returns></returns> public async Task <OperationResult> LoginByThird(string thirdKey, ThirdProvider thirdProvider, LoginDevice loginDevice, string clientVersion, string registKey = "") { var thirdUser = SysUserLoginRepo.Entities.SingleOrDefault(m => m.ProviderKey == thirdKey && m.ThridProvider == thirdProvider); if (thirdUser == null) { var userName = "******" + DateTime.Now.ToString("yyyyMMddhhffff"); SysUser sUser = new SysUser() { UserName = userName, NickName = userName, UserType = UserType.App用户, }; UserInfoRepo.UnitOfWork.TransactionEnabled = true; await UserManager.CreateAsync(sUser); var userInfo = new UserInfo() { SysUser = sUser, IsDeleted = false, Sex = Sex.限, }; await UserInfoRepo.InsertAsync(userInfo); thirdUser = new SysUserLogin() { ProviderKey = thirdKey, ThridProvider = thirdProvider, User = sUser, }; await SysUserLoginRepo.InsertAsync(thirdUser); await UserInfoRepo.UnitOfWork.SaveChangesAsync(); } var theUser = UserInfoRepo.Entities.SingleOrDefault(m => m.SysUser.Id == thirdUser.User.Id); if (theUser.RegistKey != registKey) { theUser.RegistKey = registKey; await UserInfoRepo.UpdateAsync(theUser); } //变更登录信息 await ResetToken(theUser, loginDevice, clientVersion); var loginInfo = new UserTokenDto() { Id = theUser.Id, NickName = theUser.SysUser.NickName, HeadPic = theUser.HeadPic, Sex = theUser.Sex, Token = theUser.Token }; return(CdkxResult.Success(loginInfo)); }
public async Task InvokeAsync(HttpContext context, IConfiguration configuration) { var cookieValue = context.Request.Cookies?[configuration["TokenCookieName"]]; if (!string.IsNullOrEmpty(cookieValue)) { UserTokenDto deserializedTokens = JsonConvert.DeserializeObject <UserTokenDto>(cookieValue); context.Request.Headers.Add("Authorization", "Bearer " + deserializedTokens.AccessToken); } await _next.Invoke(context); }
public IActionResult AddUpdateToken(UserTokenDto dto) { try { ResponseDto res = _userCommon.AddEditToken(dto); return(StatusCode(200, res)); } catch (Exception ex) { return(StatusCode(500, ex.Message.ToString())); } }
/// <summary> /// 用户登录 /// </summary> /// <param name="userName">用户名</param> /// <param name="password">密码</param> /// <param name="registKey">极光registKey</param> /// <param name="loginDevice">登录设备</param> /// <param name="clientVersion">客户端版本</param> /// <returns></returns> public async Task <OperationResult> Login(string userName, string password, string registKey, LoginDevice loginDevice, string clientVersion) { userName.CheckNotNullOrEmpty("userName"); password.CheckNotNullOrEmpty("password"); SysUser sUser = await UserManager.FindByNameAsync(userName); var result = await UserManager.CheckPasswordAsync(sUser, password); if (sUser == null || sUser.UserType != UserType.App用户) { return(new OperationResult(OperationResultType.QueryNull, "用户不存在", null)); } else if (sUser.IsLocked) { return(new OperationResult(OperationResultType.ValidError, "该账号已被冻结,请联系客服。", null)); } else if (!await UserManager.CheckPasswordAsync(sUser, password)) { return(new OperationResult(OperationResultType.ValidError, "用户名或密码错误", null)); } else { //更新最后一次登录的RegistKey var theUser = await UserInfos.SingleOrDefaultAsync(p => p.SysUser.UserName == userName); if (theUser == null) { return(new OperationResult(OperationResultType.ValidError, "数据错误", null)); } if (theUser.RegistKey != registKey) { theUser.RegistKey = registKey; await UserInfoRepo.UpdateAsync(theUser); } //变更登录信息 await ResetToken(theUser, loginDevice, clientVersion); var loginInfo = new UserTokenDto() { Id = theUser.Id, NickName = theUser.SysUser.NickName, HeadPic = theUser.HeadPic, Sex = theUser.Sex, Token = theUser.Token }; return(new OperationResult(OperationResultType.Success, "登录成功", loginInfo)); } }
public IViewComponentResult Invoke() { if (!string.IsNullOrEmpty(HttpContext.Session.GetString("USER_INFO"))) { HeaderComponentDto headerComponentDto = new HeaderComponentDto(); var userInfo = HttpContext.Session.GetString("USER_INFO"); UserTokenDto userTokenDto = JsonConvert.DeserializeObject <UserTokenDto>(userInfo); headerComponentDto.UserTokenDto = userTokenDto; headerComponentDto.CategoryList = CategoryService.Instance.GetCategoryList(); return(View("HeaderComponentView", headerComponentDto)); } return(Content(string.Empty)); //return View("HeaderComponentView"); }
public ActionResult <UserTokenDto> Post() { _logger.LogInformation("refresh token!"); _logger.LogDebug("refresh token!"); var dateTime = DateTime.Now.AddDays(1); var token = GeneratorToken(dateTime); var result = new UserTokenDto { Token = token, Seconds = (long)TimeSpan.FromDays(1).TotalSeconds }; _logger.LogDebug($"new token info:[{result}]"); _logger.LogInformation("refresh token success!"); return(result); }
public UserTokenDto GenerateToken(User user) { UserTokenDto userToken = new UserTokenDto(); // var tokenHandler = new JwtSecurityTokenHandler(); // var jwtConfig = _configuration.GetSection("jwt"); string secretKey = jwtConfig.GetValue <string>("SecretKey"); string issuerName = jwtConfig.GetValue <string>("IssuerName"); int tokenValidity = jwtConfig.GetValue <int>("Validity"); // var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); List <Claim> claims = new List <Claim>(); claims.Add(new Claim("Id", user.Id.ToString())); claims.Add(new Claim(ClaimTypes.Email, user.Email)); claims.Add(new Claim(ClaimTypes.Name, user.Email)); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Email)); foreach (var userRole in user.UserRoles) { if (userRole.Role != null) { claims.Add(new Claim(ClaimTypes.Role, userRole.Role.Name)); } } ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims); var tokenDescriptor = new SecurityTokenDescriptor { Issuer = issuerName, Subject = claimsIdentity, Expires = DateTime.UtcNow.AddMinutes(tokenValidity), SigningCredentials = credentials }; var securityToken = tokenHandler.CreateToken(tokenDescriptor); string token = tokenHandler.WriteToken(securityToken); // userToken.Email = user.Email; userToken.AccessToken = token; userToken.Expiry = tokenValidity; // return(userToken); }
public async Task <ActionResult <UserTokenDto> > Login([FromBody] UserLoginDto loginData) { var user = await authenticationService.Authenticate(loginData.Name, loginData.Password); if (user == null) { return(Unauthorized("Invalid credential")); } var userToken = new UserTokenDto() { Bearer = user.GetJwtToken() }; return(Ok(userToken)); }
public UserTokenDto Auth(CredentialDto model) { var user = _userService.GetUserAuth(model.Email, EncryptHelper.Sha256(model.Password)); if (user == null) { return(null); } var token = TokenHelper.GenerateJwtToken(user.Email, user.Password); var userToken = new UserTokenDto(user.UserId, user.Name, token); return(userToken); }
public IActionResult LogOut(UserTokenDto userTokenDto) { try { this.userConfiguration.LogOut(userTokenDto); return(Ok(new { message = "Sesion cerrada correctamente" })); } catch (BussinessException e) { return(Problem(e.ReasonPhrase ?? e.Message, null, (int?)e.StatusCode, null, null)); } catch (Exception) { throw; } }
public IDataResult <UserTokenDto> CreateAccessToken(User user) { var claims = _userOperationClaimService.GetClaims(user).Data; if (claims != null) { var accessToken = _tokenHelper.CreateToken(user, claims); UserTokenDto userDto = new UserTokenDto { Token = accessToken.Token, Expiration = accessToken.Expiration, UserID = user.UserID }; return(new SuccessDataResult <UserTokenDto>(userDto, Messages.AccessTokenCreated)); } return(new ErrorDataResult <UserTokenDto>(Messages.NotHaveAnyClaim)); }
public async Task <IActionResult> Registrate([FromBody] RegistrationRequestDto registrationRequest) { bool isSuccessfulRegistration = await _accountService.RegistrateAsync(registrationRequest); if (!isSuccessfulRegistration) { return(null); } await _unitOfWork.CommitAsync(); UserTokenDto userToken = await _accountService.Auth(registrationRequest.Login, registrationRequest.Password); await _unitOfWork.CommitAsync(); return(Ok(userToken)); }
public override void OnActionExecuting(ActionExecutingContext context) { IUnitOfWork unitOfWork = (IUnitOfWork)context.HttpContext.RequestServices.GetService(typeof(IUnitOfWork)); ITokenProcessor tokenProcessor = (ITokenProcessor)context.HttpContext.RequestServices.GetService(typeof(ITokenProcessor)); string token = context.HttpContext.Request.Headers["authentication"]; if (!token.IsSet()) { context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Result = new JsonResult("Access token is not sent with the request. Check your request headers!"); } else { bool addClaimsToHttpContext = true; //ToDo :: encrypt whole jwt token with hardcoded key UserTokenDto user = unitOfWork.UserRepository.GetByAccessToken(token); if (user == null) { context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; context.Result = new JsonResult("User doesn't exists. Check Access Token!"); addClaimsToHttpContext = false; } else if (DateTime.Now > user.TokenExpirationDateTime) { context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Result = new JsonResult("Bad access token!"); addClaimsToHttpContext = false; } if (addClaimsToHttpContext) { IEnumerable <Claim> claims = tokenProcessor.GetTokenClaims(token); if (claims != null) { ClaimsIdentity appIdentity = new ClaimsIdentity(claims); context.HttpContext.User.AddIdentity(appIdentity); } } } base.OnActionExecuting(context); }
public IHttpActionResult Login([FromBody] UserLoginDto model) { var result = userService.Login(model.username, model.password); if (result.code == 0) { //userService.SignIn(result.data); var userId = result.data.UserID; var token = Guid.NewGuid().ToString(); var dtNow = DateTime.Now; #region 将身份信息保存票据表中,验证当前请求是否是有效请求 //判断此用户是否存在票据信息 var userToken = tokenService.GetTicketByUserId(userId); if (userToken != null) { //清空重置 tokenService.DeleteByUserId(userId); } UserTokenDto ticket = new UserTokenDto(); ticket.UserID = userId; ticket.Token = token; ticket.CreateDate = dtNow; ticket.ExpireDate = dtNow.AddDays(2); //30分钟过期 tokenService.Insert(ticket); #endregion return(Ok(new { code = 0, msg = "success", data = token })); } else { return(Ok(new { code = result.code, msg = result.msg })); } }
public async Task <ActionResult <UserTokenDto> > Refresh([FromBody] TokenDto refreshTokenModel) { var refresh = await _tokenService.VerifyRefreshToken(refreshTokenModel.RefreshToken); var claims = _tokenService.GetPrincipalFromExpiredToken(refreshTokenModel.JWT); var jwt = _tokenService.GenerateJWT(claims.Claims); var refreshToken = await _tokenService.UpdateRefreshRecord(refresh); UserTokenDto userToken = new UserTokenDto { Id = refresh.User.Id, FirstName = refresh.User.FirstName, LastName = refresh.User.LastName, Token = new TokenDto { JWT = jwt, RefreshToken = refreshToken } }; return(Ok(userToken)); }
private async Task <UserTokenDto> BuildToken(UserInfoDto dto) { var user = await _userManager.FindByEmailAsync(dto.Email); var claims = await _userManager.GetClaimsAsync(user); var userRoles = await _userManager.GetRolesAsync(user); claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64)); foreach (var userRole in userRoles) { claims.Add(new Claim("role", userRole)); } var identityClaims = new ClaimsIdentity(); identityClaims.AddClaims(claims); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_configuration["jwt:key"]); var token = tokenHandler.CreateToken(new SecurityTokenDescriptor { Subject = identityClaims, Expires = DateTime.UtcNow.AddHours(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }); var encodedToken = tokenHandler.WriteToken(token); var response = new UserTokenDto { Expiration = DateTime.UtcNow.AddHours(1), Token = encodedToken }; return(response); }
public static UserTokenDto ConvertToDto(UserTokenBo bo) { if (bo == null) { return(null); } UserTokenDto dto = new UserTokenDto(); dto.Id = bo.Id; dto.UserId = bo.UserId; dto.AccessToken = bo.AccessToken; dto.RefreshToken = bo.RefreshToken; dto.ExpiryDate = bo.ExpiryDate; dto.IsLogout = bo.IsLogout; dto.LoginTime = bo.LoginTime; dto.LogoutTime = bo.LogoutTime; dto.User = UserBo.ConvertToDto(bo.User); return(dto); }
public async Task <IActionResult> ResetPassword(UserTokenDto userTokenDto) { if (userTokenDto?.User == null || string.IsNullOrWhiteSpace(userTokenDto.VerificationToken) || string.IsNullOrWhiteSpace(userTokenDto.User.Email) || string.IsNullOrWhiteSpace(userTokenDto.User.Password)) { return(BadRequest(new BadRequestError("Verification token, Email and Password have to be set"))); } try { var user = await _userService.ResetPasswordAsync(userTokenDto.User.Email, userTokenDto.User.Password, userTokenDto.VerificationToken); return(Ok(user)); } catch (IdentityUserServiceException exception) { return(BadRequest(new BadRequestError(exception.ToString()))); } }
/// <summary> /// 创建Jwt Token /// </summary> /// <param name="userInfo"></param> /// <param name="roles"></param> /// <returns></returns> public string CreateAccessToken(UserTokenDto userInfo, List <string> roles) { // 用户基本信息 var claims = new List <Claim> { new Claim("Uid", userInfo.Id.ToString()), new Claim("Name", userInfo.RealName.SafeString()), new Claim("MobilePhone", userInfo.Mobile.SafeString()), new Claim("Email", userInfo.Email.SafeString()) }; // 角色数据 foreach (var info in roles) { claims.Add(new Claim("scope", info)); } var expires = _config.StringGet("TokenExpires", "4"); var token = _tokenBuilder.BuildJwtToken(claims, DateTime.UtcNow, DateTime.Now.AddHours(Convert.ToInt32(expires))); // accessToken return(token.TokenValue); }