public async Task <IActionResult> GenerateToken([FromBody] GenerateTokenModel model)
{
#region Validate Model
var userInputValidated = _generateTokenModelValidator.Validate(model);
if (!userInputValidated.IsValid)
{
_infos.Add(_badRequest.ShowError(int.Parse(userInputValidated.Errors[0].ErrorMessage)).Message);
return(BadRequest(new CustomResponse <string> {
Message = _infos
}));
}
#endregion
#region Supply User Agent values
model.UserAgent = UserAgent;
model.AppVersion = Version;
#endregion
var generatedToken = await _myAuthentication.GenerateToken(model);
return(Ok(generatedToken));
}
public HttpResponseMessage SetDefaultOrganisation(int id)
{
var token = TokenBase.ReadToken(HttpContext.Current);
if (_validation.IsTokenValid(token))
{
if (!_validation.VolunteerHasAccessToThisOrg(id, token.Email))
{
return(Messages.ReturnUnauthorized());
}
var generateTokenModel = new GenerateTokenModel
{
VolunterId = token.VolunteerId,
Email = token.Email,
OrganisationId = id,
Audience = ConfigurationManager.AppSettings["Audience"],
Issuer = ConfigurationManager.AppSettings["Issuer"],
Key = ConfigurationManager.AppSettings["Key"]
};
var jwtSecurityToken = _tokenManager.GenerateToken(generateTokenModel);
_tokenManager.MakeTokenInvalid(token.TokenId);
return(Messages.ReturnOk(new
{
token = jwtSecurityToken
}));
}
return(Messages.ReturnUnauthorized());
}
public string LoginToken(GenerateTokenModel model)
{
var token = new JwtSecurityToken(
issuer: _jwtAuthentication.Value.ValidIssuer,
audience: _jwtAuthentication.Value.ValidAudience,
claims: new[] {
new Claim(JwtRegisteredClaimNames.Sub, model.Username),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
},
expires: DateTime.UtcNow.AddDays(30),
notBefore: DateTime.UtcNow,
signingCredentials: _jwtAuthentication.Value.SigningCredentials
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public async Task <IActionResult> GenerateToken([FromBody] GenerateTokenModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userRepository.LoadByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest("Email or password is invalid"));
}
var result = _passwordHasher.VerifyHashedPassword(user.Password, model.Password);
if (result == PasswordVerificationResult.Failed)
{
return(BadRequest("Email or password is invalid"));
}
if (result == PasswordVerificationResult.SuccessRehashNeeded)
{
user.Password = _passwordHasher.HashPassword(model.Password);
await _userRepository.SaveAsync(user);
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, model.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var jwtAuthentication = _jwtAuthentication.Value;
var token = new JwtSecurityToken(
issuer: jwtAuthentication.ValidIssuer,
audience: jwtAuthentication.ValidAudience,
claims: claims,
expires: DateTime.UtcNow.AddDays(30),
notBefore: DateTime.UtcNow,
signingCredentials: jwtAuthentication.SigningCredentials);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
public HttpResponseMessage Login([FromBody] LoginViewModel model)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values
.SelectMany(v => v.Errors)
.Select(e => e.ErrorMessage).ToList();
return(Messages.ReturnBadRequestWithLabelErrors(errors));
}
try
{
if (!_validation.IsVolunteerLoginDataValid(model.Email, model.Password))
{
return(Messages.ReturnUnauthorized());
}
var volunteer = _volunteerManager.GetVolunteerByEmail(model.Email);
var generateTokenModel = new GenerateTokenModel
{
VolunterId = volunteer.Volunteer_ID,
Email = volunteer.Email_VC,
OrganisationId = null,
Audience = ConfigurationManager.AppSettings["Audience"],
Issuer = ConfigurationManager.AppSettings["Issuer"],
Key = ConfigurationManager.AppSettings["Key"]
};
var jwtSecurityToken = _tokenManager.GenerateToken(generateTokenModel);
return(Messages.ReturnOk(new
{
token = jwtSecurityToken
}));
}
catch (Exception ex)
{
//_logger.LogError($"Error while creating token: {ex}");
return(Messages.ReturnInternalServerError());
}
}
public string GenerateToken(GenerateTokenModel model)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)),
new Claim("vId", SecurityBase.Encrypt(model.VolunterId.ToString())),
new Claim("oId", SecurityBase.Encrypt(model.OrganisationId.ToString())),
new Claim(JwtRegisteredClaimNames.Email, SecurityBase.Encrypt(model.Email))
};
var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(model.Key));
var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature, "http://www.w3.org/2001/04/xmlenc#sha256");
var jwtSecurityToken = new JwtSecurityToken(
issuer: model.Issuer,
audience: model.Audience,
claims: claims,
//expires: DateTime.UtcNow,//DateTime.UtcNow.AddDays(1),
signingCredentials: signingCredentials
);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
var tokenId = claims.First(claim => claim.Type == JwtRegisteredClaimNames.Jti).Value;
var volunteerToken = new VolunteerToken
{
Id = new Guid(tokenId),
Volunteer_ID = model.VolunterId,
Token_VC = jwtSecurityTokenHandler,
Active_BT = true
};
_volunteerTokenRepository.SaveToken(volunteerToken);
return(jwtSecurityTokenHandler);
}
public async Task <GenerateTokenModel> GenerateTokenString(User user)
{
try
{
var model = new GenerateTokenModel();
var accessTokinMin = 240;
var expire = DateTime.UtcNow.AddMinutes(accessTokinMin);
model.TokenExpireOn = expire;
var userName = user.Username;
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, userName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Role, user.RoleName)
}),
Expires = expire,
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
model.Token = tokenString;
return(model);
}
catch (Exception ex)
{
return(null);
}
}
public async Task <CustomResponse <TokenResource> > GenerateToken(GenerateTokenModel model)
{
var infos = new List <string>();
var user = await _userManager.FindByEmailAsync(model.UserName);
#region Validate User
if (user == null)
{
infos.Add("Username/email not exist.");
return(new CustomResponse <TokenResource> {
Message = infos
});
}
#endregion
var userToken = _context.AspNetUserSessions.FirstOrDefault(t => t.UserId == user.Id && t.DeviceName == model.UserAgent);
#region Validate Token if Registered
if (userToken == null)
{
infos.Add("The account never Signed In.");
return(new CustomResponse <TokenResource> {
Message = infos
});
}
#endregion
#region Validate Token Type
if (model.TokenResource.Type != "refresh" && model.TokenResource.Type != "session")
{
infos.Add("The Token Type is invalid.");
}
#endregion
#region Check Refresh Token Validity
if (userToken.Token != model.TokenResource.Token)
{
infos.Add("The Refresh Token is wrong.");
}
if (!(userToken.Validity ?? true))
{
infos.Add("The Refresh Token is invalid.");
}
if (userToken.TokenExpiredAt < DateTime.UtcNow && model.TokenResource.Type == "session")
{
infos.Add("The Refresh Token is expired.");
}
if (infos.Count > 0)
{
return(new CustomResponse <TokenResource> {
Message = infos
});
}
#endregion
var refreshedToken = RefreshToken(model.TokenResource);
return(refreshedToken);
#region Local Methods
CustomResponse <TokenResource> RefreshToken(GenerateTokenResourceModel tokenResourceModel)
{
if (tokenResourceModel.Type == "session")
{
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.Value.Key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(_options.Value.Issuer,
_options.Value.Issuer,
claims,
expires: DateTime.Now.AddDays(_options.Value.AccessTokenExpiryMins),
signingCredentials: creds);
return(new CustomResponse <TokenResource> {
Succeed = true,
Data = new TokenResource {
Token = new JwtSecurityTokenHandler().WriteToken(token),
ExpiredAt = token.ValidTo
}
});
}
var refreshToken = _refreshToken.GenerateRefreshToken(new RefreshTokenGetModel {
UserId = user.Id,
UserAgent = model.UserAgent,
AppVersion = model.AppVersion,
ApiVersion = "1.0"
});
return(new CustomResponse <TokenResource> {
Succeed = refreshToken.Result.Succeed,
Data = refreshToken.Result.Data,
Message = refreshToken.Result.Message
});
}
#endregion
}
