Ejemplo n.º 1
0
        public override SimpleAuthResult VerifyToken(string accessToken)
        {
            try
            {
                UserToken record;
                using (var context = new SimpleUserDbContext())
                {
                    record = context.UserToken.FirstOrDefault(x => accessToken == x.AccessToken);

                    string error = "";
                    if (record == null)
                    {
                        error = string.Format("AccessToken '{0}' not found", accessToken);
                        return(SimpleAuthResult.Fail(error));
                    }

                    if (record.ExpireAt < DateTime.Now)
                    {
                        error = string.Format("Token '{0}' has been expired.", accessToken);
                        return(SimpleAuthResult.Fail(error));
                    }

                    return(SimpleAuthResult.Success());
                }
            }
            catch (Exception ex)
            {
                var error = string.Format("unknown error .{0}", ex.Message);
                return(SimpleAuthResult.Fail(error));
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// If it is single sign on , need to remove the existing token
        /// </summary>
        /// <param name="userId"></param>
        /// <returns></returns>
        public override SimpleAuthResult RemoveTokenFor(long userId)
        {
            try
            {
                using (var context = new SimpleUserDbContext())
                {
                    var userTokens = context.UserToken.Where(x => x.UserId == userId).ToList();
                    if (userTokens.Count > 0)
                    {
                        foreach (var userToken in userTokens)
                        {
                            context.UserToken.Remove(userToken);
                            context.SaveChanges();
                        }
                    }

                    return(SimpleAuthResult.Success());
                }
            }
            catch (Exception ex)
            {
                var error = string.Format("remove token failed for user '{0}'", userId);
                return(SimpleAuthResult.Fail(error));
            }
        }
Ejemplo n.º 3
0
        /// <summary>
        /// user registration
        /// </summary>
        /// <param name="newUser"></param>
        /// <returns></returns>
        public SimpleAuthResult TryCreateUser(SimpleAuthUser newUser)
        {
            var hashedPassword = HashPassword(newUser.OriginPassword);

            using (var context = new SimpleUserDbContext())
            {
                var userWithUserName = context.LoginUser.FirstOrDefault(x => x.UserName == newUser.UserName);
                if (userWithUserName != null)
                {
                    return(SimpleAuthResult.Fail(string.Format("user with name '{0}' already exists", newUser)));
                }


                var loginUser = new LoginUser()
                {
                    UserName     = newUser.UserName,
                    PasswordHash = hashedPassword,
                    Email        = newUser.Email,
                    Phone        = newUser.Phone
                };

                context.LoginUser.Add(loginUser);
                context.SaveChanges();

                return(SimpleAuthResult.Success());
            }
        }
Ejemplo n.º 4
0
        public SimpleAuthResult <TokenEntity> UserCrendentialLogin(string username, string password)
        {
            using (var context = new SimpleUserDbContext())
            {
                var tryFindUser = context.LoginUser.FirstOrDefault(x => x.UserName == username);
                if (tryFindUser == null)
                {
                    return(SimpleAuthResult <TokenEntity> .Fail(string.Format("user name with '{0}' is not found .", username)));
                }

                var hashedPassword = HashPassword(password);
                if (tryFindUser.PasswordHash != hashedPassword)
                {
                    return(SimpleAuthResult <TokenEntity> .Fail("user password is not correct"));
                }


                if (_isSso)
                {
                    _provider.RemoveTokenFor(tryFindUser.Id);
                }

                ////issue a new token for password login
                var newToken = _provider.CreateNew(tryFindUser.Id);

                return(SimpleAuthResult <TokenEntity> .Success(newToken));
            }
        }
Ejemplo n.º 5
0
        public override TokenEntity CreateNew(long userId)
        {
            var newToken = base.CreateNew(userId);

            using (var dbContext = new SimpleUserDbContext())
            {
                var obj = MapperEx.CreateFrom <TokenEntity, UserToken>(newToken);
                dbContext.UserToken.Add(obj);
                dbContext.SaveChanges();
            }

            return(newToken);
        }
Ejemplo n.º 6
0
        public SimpleAuthResult ChangePassword(long userId, string oldpassword, string password, string confirmPassword)
        {
            if (string.IsNullOrWhiteSpace(oldpassword) ||
                string.IsNullOrWhiteSpace(password) ||
                string.IsNullOrWhiteSpace(confirmPassword))
            {
                return(SimpleAuthResult.Fail("password field can not be empty"));
            }

            using (var context = new SimpleUserDbContext())
            {
                var user = context.LoginUser.FirstOrDefault(x => x.Id == userId);
                if (user == null)
                {
                    return(SimpleAuthResult.Fail(string.Format("user with id '{0}' not found", userId)));
                }

                var hashedOldPassword = HashPassword(oldpassword);
                if (hashedOldPassword != user.PasswordHash)
                {
                    return(SimpleAuthResult.Fail("current password is incorrect."));
                }

                if (password != confirmPassword)
                {
                    return(SimpleAuthResult.Fail("password does not match confirm password."));
                }

                //// apply more rules here
                //// ...
                var hashedPassword = HashPassword(password);
                if (hashedPassword == user.PasswordHash)
                {
                    return(SimpleAuthResult.Fail("password can not be same with current password."));
                }
                user.PasswordHash = hashedPassword;

                context.SaveChanges();

                return(SimpleAuthResult.Success());
            }
        }
Ejemplo n.º 7
0
        public override RefreshTokenResult UpdateRefresh(string refreshToken)
        {
            try
            {
                UserToken record;
                using (var context = new SimpleUserDbContext())
                {
                    record = context.UserToken.FirstOrDefault(x => refreshToken == x.RefreshToken);

                    string error = "";
                    if (record == null)
                    {
                        error = string.Format("RefreshToken '{0}' not found", refreshToken);
                        return(new RefreshTokenResult(false, error, TokenEntity.Default()));
                    }

                    if (record.ExpireAt < DateTime.Now)
                    {
                        error = string.Format("Token '{0}' has been expired.", refreshToken);
                        return(new RefreshTokenResult(false, error, TokenEntity.Default()));
                    }

                    ////create new one
                    var newToken = CreateRefresh();
                    newToken.UserId = record.UserId;

                    record.AccessToken  = newToken.AccessToken;
                    record.RefreshToken = newToken.RefreshToken;
                    record.ExpireAt     = DateTime.Parse(newToken.ExpireAt);
                    context.SaveChanges();

                    return(new RefreshTokenResult(true, "", newToken));
                }
            }
            catch (Exception ex)
            {
                var error = string.Format("unknown error .{0}", ex.Message);
                return(new RefreshTokenResult(false, error, TokenEntity.Default()));
            }
        }