public async Task <AuthenticateResponseDto> Authenticate(AuthenticateDto model)
{
var user = await _context.Users.SingleOrDefaultAsync(x => x.Email == model.Email);
if (user is null)
{
throw new LaprTrackrException(LaprTrackrStatusCodes.NotFound, "Email or password not match.");
}
if (!BCrypt.Net.BCrypt.EnhancedVerify(model.Password, user.Password))
{
throw new LaprTrackrException(LaprTrackrStatusCodes.NotFound, "Email or password not match.");
}
var(token, refreshToken) = GenerateJSONWebToken(user);
var authenticateResponseDto = new AuthenticateResponseDto
{
Token = token,
RefreshToken = refreshToken,
User = user
};
await SaveRefreshToken(user, token, refreshToken);
return(authenticateResponseDto);
}
public async Task <AuthenticateResponseDto> RefreshToken(RefreshTokenDto model)
{
var refreshTokenEntity = await _context.RefreshTokens.Where(x => x.Email == model.Email).Include(x => x.User).SingleOrDefaultAsync();
if (refreshTokenEntity is null)
{
throw new LaprTrackrException(LaprTrackrStatusCodes.AuthNotAuhenticated, "Refresh token is not valid.");
}
if ((DateTime.Now - refreshTokenEntity.CreatedAt).TotalDays > 7)
{
throw new LaprTrackrException(LaprTrackrStatusCodes.AuthNotAuhenticated, "Refresh token is expired.");
}
var(token, refreshToken) = GenerateJSONWebToken(refreshTokenEntity.User);
var authenticateResponseDto = new AuthenticateResponseDto
{
Token = token,
RefreshToken = refreshToken,
User = refreshTokenEntity.User
};
await SaveRefreshToken(refreshTokenEntity.User, token, refreshToken);
return(authenticateResponseDto);
}
public async Task <AuthenticateResponseDto> Authenticate(AuthenticateRequestDto model)
{
var user = await _context.Users.Include(user => user.Role).FirstOrDefaultAsync(u => u.Username == model.Username && u.Password == _hashingManager.GetHashedPassword(model.Password));
if (user == null)
{
throw new AuthenticationException("Username or password is incorrect");
}
if (!user.IsActivated)
{
throw new AuthenticationException("Please activate your account first!");
}
if ((user.WasPasswordChanged && user.WasPasswordForgotten) || (!user.WasPasswordChanged && !user.WasPasswordForgotten))
{
user.WasPasswordChanged = false;
_context.Users.Update(user);
await _context.SaveChangesAsync();
var token = _jwtService.GenerateAuthenticationJWT(user);
var authenticateResponseDto = new AuthenticateResponseDto(user, token);
return(authenticateResponseDto != null
? authenticateResponseDto
: throw new AuthenticationException("Username or password is incorrect"));
}
throw new AuthenticationException("Username or password is incorrect");
}
public async Task <ActionResult <AuthenticateResponseDto> > Register(User model)
{
try
{
AuthenticateResponseDto user = await _authenticationService.RegisterUser(model);
_logger.LogDebug("Registering new account: {0}", user.User.UserId);
return(user);
}
catch (LaprTrackrException ex)
{
_logger.LogDebug(ex.Message);
return(ex.GetActionResult());
}
catch (Exception ex)
{
const string message = "Failed to register new user";
_logger.LogError(ex, message);
return(new LaprTrackrException(LaprTrackrStatusCodes.ServiceUnavailable, message).GetActionResult());
}
}
public async Task <AuthenticateResponseDto> RegisterUser(User model)
{
if (_context.Users.Any(x => x.Email.ToUpperInvariant() == model.Email.ToUpperInvariant()))
{
throw new LaprTrackrException(LaprTrackrStatusCodes.AlreadyExists, "Email already used.");
}
await _context.Users.AddAsync(model);
await _context.SaveChangesAsync();
var(token, refreshToken) = GenerateJSONWebToken(model);
var authenticateResponseDto = new AuthenticateResponseDto
{
Token = token,
RefreshToken = refreshToken,
User = model
};
await SaveRefreshToken(model, token, refreshToken);
return(authenticateResponseDto);
}
