public AppUserAuth ValidateUser(UserLoginVM user)
{
AppUserAuth ret = new AppUserAuth();
LoginActivity authUser = null;
var result = false;
// Attempt to validate user
authUser = (from u in context.LoginActivity
where u.UserName.ToLower() == user.userName.ToLower()
select(u)).FirstOrDefault();
if (authUser == null)
{
throw new Exception("User not registered!");
}
result = VerifyPasswordHash(user.password, authUser.PasswordHash, authUser.PasswordSalt);
if (result == false)
{
throw new Exception("Username or password incorrect not registered!");
}
ret.BearerToken = CreateToken(authUser.UserName);
return(ret);
}
protected string BuildJwtToken(AppUserAuth authUser)
{
SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.Key));
// Create standard JWT claims
List <Claim> jwtclaims = new List <Claim>();
jwtclaims.Add(new Claim(JwtRegisteredClaimNames.Sub, authUser.UserName));
jwtclaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
// Custom claims
jwtclaims.Add(new Claim("isAuthenticated", authUser.IsAuthenticated.ToString().ToLower()));
// Add Custom claims from the Claim array
foreach (var claim in authUser.Claims)
{
jwtclaims.Add(new Claim(claim.ClaimType, claim.ClaimValue));
}
// Create the JwtSecurityToken object
var token = new JwtSecurityToken(
issuer: _settings.Issuer,
audience: _settings.Audience,
claims: jwtclaims,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(_settings.MinutesToExpiration),
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
// Create a string representation of the Jwt token
return(new JwtSecurityTokenHandler().WriteToken(token));
}
protected AppUserAuth BuildUserAuthObject(AppUser authUser)
{
AppUserAuth ret = new AppUserAuth();
//List<AppUserClaim> claims = new List<AppUserClaim>();
// Set User Properties
ret.UserName = authUser.UserName;
ret.IsAuthenticated = true;
ret.BearerToken = BuildJwtToken(ret);
// Get all claims for this user
ret.Claims = GetUserClaims(authUser);
//// Loop through all claims and
//// set properties of user object
//foreach (AppUserClaim claim in claims)
//{
// try
// {
// typeof(AppUserAuth).GetProperty(claim.ClaimType)
// .SetValue(ret, Convert.ToBoolean(claim.ClaimValue), null);
// }
// catch
// {
// }
//}
return(ret);
}
public AppUserAuth ValidateUser()
{
AppUserAuth ret = new AppUserAuth();
ret = BuildUserAuthObject();
return(ret);
}
public async Task <IActionResult> Login([FromBody] LoginDots user)
{
AppUserAuth appuserAuth = new AppUserAuth();
IActionResult ret = null;
if (user == null)
{
return(BadRequest("Invalid client request"));
}
var userToLogin = _mapper.Map <LoginUser>(user);
var userObject = await _repo.SignIn(userToLogin);
if (userObject == null)
{
ret = StatusCode(StatusCodes.Status404NotFound, "Invalid User Name/Password.");
}
else
{
// Build User Security Object
appuserAuth = BuildUserAuthObject(userObject);
ret = StatusCode(StatusCodes.Status200OK, appuserAuth);
}
return(ret);
}
public IActionResult LogIn([FromBody] AppUser user)
{
IActionResult ret = null;
AppUserAuth auth = new AppUserAuth();
SecurityManager securityManager = new SecurityManager(Settings);
try
{
auth = securityManager.ValidateUser(user);
if (auth != null)
{
ret = StatusCode(StatusCodes.Status200OK, auth);
}
else
{
ret = StatusCode(StatusCodes.Status404NotFound,
"InValid UserName/Password");
}
}
catch (Exception ex)
{
ret = HandleException(ex,
"Exception trying to get all Categories");
}
return(ret);
}
protected string BuildJwtToken(AppUserAuth authUser)
{
SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.Key));
// Creates standard JWT claims
List <Claim> jwtClaims = new List <Claim>();
jwtClaims.Add(new Claim(JwtRegisteredClaimNames.Sub, authUser.UserName));
jwtClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
// Add custom claims
jwtClaims.Add(new Claim("isAuthenticated", authUser.IsAuthenticated.ToString().ToLower()));
jwtClaims.Add(new Claim("canAccessProducts", authUser.CanAccessProducts.ToString().ToLower()));
jwtClaims.Add(new Claim("canAddProduct", authUser.CanAddProduct.ToString().ToLower()));
jwtClaims.Add(new Claim("canSaveProduct", authUser.CanSaveProduct.ToString().ToLower()));
jwtClaims.Add(new Claim("canAccessCategories", authUser.CanAccessCategories.ToString().ToLower()));
jwtClaims.Add(new Claim("canAddCategory", authUser.CanAddCategory.ToString().ToLower()));
var token = new JwtSecurityToken
(
issuer: _settings.Issuer,
audience: _settings.Audience,
claims: jwtClaims,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(_settings.MinutesToExpiration),
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
);
// Create a string representation of the Jwt token
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public AppUserAuth BuildUserAuthObject(AppUser authUser)
{
AppUserAuth ret = new AppUserAuth();
List <AppUserClaim> claims = new List <AppUserClaim>();
// Set User Properties
ret.UserName = authUser.UserName;
ret.IsAuthenticated = true;
ret.BearerToken = new Guid().ToString();
// Get all claims for this user
claims = GetUserClaims(authUser);
// Loop through all claims and
// set properties of user object
foreach (AppUserClaim claim in claims)
{
try
{
// TODO: check data type of ClaimValue
typeof(AppUserAuth).GetProperty(claim.ClaimType)
.SetValue(ret, Convert.ToBoolean(claim.ClaimValue), null);
}
catch
{
}
}
ret.BearerToken = BuildJwtToken(ret);
return(ret);
}
public IActionResult Login([FromBody] User user)
{
IActionResult ret = null;
try
{
AppUserAuth auth = new AppUserAuth();
SecurityManager mgr = new SecurityManager(_context, _settings);
auth = mgr.ValidateUser(user);
if (auth.IsAuthenticated)
{
ret = StatusCode(StatusCodes.Status200OK, auth);
}
else
{
ret = StatusCode(StatusCodes.Status404NotFound,
"Invalid User Name/Password.");
}
} catch (Exception ex)
{
ret = StatusCode(StatusCodes.Status404NotFound,
"Error with Login " + ex.Message);
}
return(ret);
}
public IActionResult Login([FromBody] AppUser user)
{
AppUserAuth auth = new AppUserAuth();
AuthManager mgr = new AuthManager(_configuraton);
return(Ok(mgr.ValidateUser(user)));
}
protected string BuildJwtToken(AppUserAuth authUser)
{
JWTSettings settings = new JWTSettings();
//settings.Key = configuration["JWTSettings:key"];
//settings.MinutesToExpiration = Convert.ToInt32(configuration["JWTSettings:minutesToExpiration"]);
SymmetricSecurityKey key = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes("1233skyline"));
// Create standard JWT claims
List <Claim> jwtClaims = new List <Claim>();
jwtClaims.Add(new Claim(Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames.Sub, authUser.UserName));
jwtClaims.Add(new Claim(Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
jwtClaims.Add(new Claim("isAuthenticated", authUser.IsAuthenticated.ToString().ToLower()));
jwtClaims.Add(new Claim("Email", authUser.Email.ToString().ToLower()));
jwtClaims.Add(new Claim("UserName", authUser.UserName.ToString()));
// Create the JwtSecurityToken object
var token = new JwtSecurityToken(issuer: settings.Issuer, audience: settings.Audience, claims: jwtClaims,
notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddMinutes(settings.MinutesToExpiration),
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256));
// Create a string representation of the Jwt token
return(new JwtSecurityTokenHandler().WriteToken(token));;
}
public IActionResult Index()
{
SecurityManager mgr = new SecurityManager(_settings);
AppUserAuth auth = mgr.ValidateUser();
return(View(auth));
}
private void BuildAndSaveRefreshToken(AppUser appUser, AppUserAuth appUserAuth)
{
var refreshToken = BuildRefreshToken();
appUserAuth.RefreshToken = refreshToken;
appUser.RefreshToken = refreshToken;
appUserDataService.UpdateRefreshToken(appUser.Id, refreshToken);
}
public IActionResult Login([FromBody] AppUser user)
{
IActionResult ret = null;
SecurityManager mgr = new SecurityManager(_settings);
AppUserAuth auth = mgr.ValidateUser(user);
ret = auth.IsAuthenticated
? StatusCode(StatusCodes.Status200OK, auth)
: StatusCode(StatusCodes.Status404NotFound, "Invalid User Name/Password");
return(ret);
}
public AppUserAuth ValidateUser(AppUser user)
{
AppUserAuth ret = new AppUserAuth();
AppUser usr = UserData.FetchUser().Find(t => t.UserName == user.UserName);
if (usr != null)
{
ret = BuildUserAuthObject(usr);
}
return(ret);
}
/// <summary>
/// used to validate if a user account provided by the user exists or not
/// </summary>
/// <param name="userQ"></param>
/// <returns>AppUserAuth</returns>
protected async Task <AppUserAuth> ValidateUser(AuthenticationQuery userQ)
{
AppUserAuth ret = new AppUserAuth();
ApplicationUser authUser = null;
authUser = await _Mediator.Send(userQ);
if (authUser != null)
{
ret = BuildUserAuthObject(authUser);
}
return(ret);
}
public async Task <IHttpActionResult> Login([FromBody] AppUser user)
{
SecurityManager manger = new SecurityManager();
AppUserAuth authUser = new AppUserAuth();
//IHttpActionResult res = null;
authUser = await manger.validateUser(user);
if (authUser.isAuthenticated)
{
return(Ok <AppUserAuth>(authUser));
}
return(BadRequest("Invalid username or password"));
}
protected AppUserAuth BuildUserAuthObject(AppUser authUser)
{
AppUserAuth ret = new AppUserAuth();
ret.UserName = authUser.UserName;
ret.IsAuthenticated = true;
ret.Claims = GetUserClaims(authUser);
ret.BearerToken = BuildJwtToken(ret);
return(ret);
}
private AppUserAuth BuildUserAuthObject(AppUser appUser)
{
var appUserAuth = new AppUserAuth
{
Name = appUser.Name,
IsAuthenticated = true,
Email = appUser.Email
};
appUserAuth.Token = BuildJwtToken(appUserAuth);
BuildAndSaveRefreshToken(appUser, appUserAuth);
return(appUserAuth);
}
protected AppUserAuth BuildUserAuthObject()
{
AppUserAuth ret = new AppUserAuth();
// Set User Properties
ret.UserName = "******";
ret.IsAuthenticated = true;
ret.BearerToken = new Guid().ToString();
// Set JWT bearer token
ret.BearerToken = BuildJwtToken(ret);
return(ret);
}
public AppUserAuth Login([FromBody] UserLoginDto userLogin)
{
AppUserAuth appUserAuth = new AppUserAuth
{
UserName = userLogin.Email,
CanAccessCustomers = true,
CanAccessOrders = true,
CanAddCustomer = true,
CanSaveCustomer = true
};
SecurityManager mgr = new SecurityManager(_settings);
return(mgr.BuildUserAuthObject(appUserAuth));
}
public AppUserAuth ValidateUser(User user)
{
AppUserAuth ret = new AppUserAuth();
User authUser = null;
using (var sec = new SecurityService(_context)) {
authUser = sec.GetUser(user);
if (authUser != null)
{
// Build User Security Object
ret = BuildUserAuthObject(authUser);
}
return(ret);
}
}
public IActionResult Login([FromBody] AppUser user)
{
IActionResult actionResult = null;
AppUserAuth auth = new AppUserAuth();
SecurityManager mgr = new SecurityManager(_settings);
auth = mgr.ValidateUser(user);
if (auth.IsAuthenticated)
{
actionResult = StatusCode(StatusCodes.Status200OK, auth);
}
else
{
actionResult = StatusCode(StatusCodes.Status404NotFound, "Invalid User Name/Password");
}
return(actionResult);
}
public IActionResult Login([FromBody] AppUser user)
{
IActionResult result = null;
AppUserAuth userAuth = new AppUserAuth();
SecurityManager securityManager = new SecurityManager();
userAuth = securityManager.ValidateUser(user);
if (userAuth.IsAuthenticated)
{
result = StatusCode(StatusCodes.Status200OK, userAuth);
}
else
{
result = StatusCode(StatusCodes.Status404NotFound, "Invalid username or password.");
}
return(result);
}
protected AppUserAuth BuildUserAuthObject(AppUser authUser)
{
AppUserAuth ret = new AppUserAuth();
List <AppUserClaim> claims = new List <AppUserClaim>();
// Set User Properties
ret.UserName = authUser.UserName;
ret.IsAuthenticated = true;
ret.BearerToken = new Guid().ToString();
// Get all claims for this user
ret.Claims = GetUserClaims(authUser);
ret.BearerToken = BuildJwtToken(ret);
return(ret);
}
public IActionResult Login([FromBody] AppUser user)
{
IActionResult ret = null;
AppUserAuth auth = new AppUserAuth();
SecurityManager mgr = new SecurityManager();
auth = mgr.AuthenticateUser(user);
if (auth.IsAuthenticated)
{
ret = StatusCode(StatusCodes.Status200OK, auth);
}
else
{
ret = StatusCode(StatusCodes.Status401Unauthorized, "Invalid User Name/Password.");
}
return(ret);
}
public IActionResult Login([FromBody] AppUser user)
{
IActionResult ret = null;
AppUserAuth auth = new AppUserAuth();
SecurityManager mgr = new SecurityManager(_settings);
auth = mgr.ValidateUser(user);
if (auth.IsAuthenticated)
{
ret = StatusCode(200, auth);
}
else
{
ret = StatusCode(404, "Invalid User Name/Password.");
}
return(ret);
}
protected AppUserAuth BuildUserAuthObject(AppUser authUser)
{
AppUserAuth ret = new AppUserAuth();
List <AppUserClaim> claims = new List <AppUserClaim>();
// Set User Properties
ret.UserName = authUser.UserName;
ret.IsAuthenticated = true;
ret.BearerToken = new Guid().ToString();
// Get all claims for this user
ret.Claims = UserData.FetchUserClaim().FindAll(t => t.UserId == authUser.UserId);
// Set JWT bearer token
ret.BearerToken = BuildJwtToken(ret);
return(ret);
}
public IActionResult Post([FromBody] AppUser user)
{
AppUserAuth returnData = new AppUserAuth();
var a = schoolContext.AspNetUsers.FirstOrDefault();
returnData.UserName = "******";
returnData.IsAuthenticated = true;
returnData.BearerToken = "eyJhbGciOiJIUzI1NiIs";
returnData.Claims = new List <AppUserClaim>();
AppUserClaim cliam = new AppUserClaim();
cliam.ClaimId = new Guid();
cliam.ClaimType = "CanAccessProducts";
cliam.ClaimValue = "true";
returnData.Claims.Add(cliam);
return(StatusCode(StatusCodes.Status200OK, returnData));
}
public AppUserAuth ValidateUser(AppUser user)
{
AppUserAuth ret = new AppUserAuth();
AppUser authUser = null;
// Attempt to validate user
authUser = _entityRepository.GetUsers().Where(
u => u.UserName.ToLower() == user.UserName.ToLower() &&
u.Password == user.Password).FirstOrDefault();
if (authUser != null)
{
// Build User Security Object
ret = BuildUserAuthObject(authUser);
}
return(ret);
}
