public override void OnActionExecuting(HttpActionContext filterContext)
{
TokenServices tokenService = new TokenServices();
if (filterContext.Request.Headers.Contains(Token) && filterContext.Request.Headers.Contains(UserID))
{
var tokenValue = filterContext.Request.Headers.GetValues(Token).First();
var userId = filterContext.Request.Headers.GetValues(UserID).First();
// Validate Token
if (tokenService.ValidateToken(tokenValue, userId))
{
if (string.IsNullOrEmpty(ParameterName) == false)
{
var actionArgs = (int)filterContext.ActionArguments[this.ParameterName];
if (string.Equals(ParameterName, "siteid", System.StringComparison.CurrentCultureIgnoreCase))
{
SiteID = actionArgs;
}
else if (string.Equals(ParameterName, "tracercustomid", System.StringComparison.CurrentCultureIgnoreCase) ||
string.Equals(ParameterName, "tracerid", System.StringComparison.CurrentCultureIgnoreCase))
{
TracerCustomID = actionArgs;
}
}
var isValid = SiteID == 0 && TracerCustomID == 0;
var userID = 0;
int.TryParse(userId, out userID);
//Valid Stuff
if (SiteID > 0)
{
isValid = tokenService.ValidateUserSiteAccess(userID, SiteID);
}
else if (TracerCustomID > 0)
{
isValid = tokenService.ValidateUserTracerAccess(userID, TracerCustomID);
}
if (isValid == false)
{
filterContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
else
{
filterContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
}
else
{
filterContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(HttpActionContext filterContext)
{
ITokenServices provider = new TokenServices();
//var provider = filterContext.ControllerContext.Configuration
// .DependencyResolver.GetService(typeof(ITokenServices)) as ITokenServices;
if (filterContext.Request.Headers.Contains(Token))
{
var tokenValue = filterContext.Request.Headers.GetValues(Token).First();
// Validate Token
if (provider != null && !provider.ValidateToken(tokenValue))
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid Request"
};
filterContext.Response = responseMessage;
}
}
else
{
filterContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
base.OnActionExecuting(filterContext);
}
//Autenticação, login
public async Task <ActionResult <dynamic> > Authenticate(
[FromBody] User model,
[FromServices] DataContext context
)
{
var user = await context
.Users
.AsNoTracking()
.Where(x =>
x.Username == model.Username &&
x.Password == model.Password)
.FirstOrDefaultAsync();
if (user == null)
{
return(NotFound(new { Erro = "Usuário ou senha inválidos!" }));
}
var token = TokenServices.GenerateToken(user);
user.Password = "";
return(new
{
user = user,
token = token
});
}
public ActionResult <dynamic> Authenticate(UsuarioRequest request)
{
StringValues usuarioId;
var md5 = new CriadorMD5();
if (!Request.Headers.TryGetValue("UserId", out usuarioId))
{
return(Unauthorized());
}
var usuarioObtido = usuarioServices.ObterUsuario(Guid.Parse(usuarioId));
if (usuarioObtido.Name != request.Nome || !md5.ComparaMD5(request.Senha, usuarioObtido.Senha))
{
return(Unauthorized());
}
if (usuarioObtido == null)
{
return(Unauthorized());
}
var token = TokenServices.GerarToken(usuarioObtido);
return(new
{
usuario = usuarioObtido,
token = token
});
}
public async Task <ActionResult <dynamic> > GetLogin(User user)
{
try
{
var _user = _contextoUser.GetAll();
var filter = (from u in _user
where u.Nome.Contains(user.Nome) &&
u.Senha.Contains(user.Senha)
select u).First();
if (filter == null)
{
return(NotFound(new { message = "Usuario ou senha invalido" }));
}
var token = TokenServices.GeranateToken(filter);
filter.Senha = "";
return(new
{
user = filter,
token = token
});
}
catch (Exception ex)
{
return(NotFound(ex.InnerException.Message));
}
}
public override void OnActionExecuting(HttpActionContext filterContext)
{
// Get API key provider
var provider = new TokenServices();
if (filterContext.Request.Headers.Contains(Token))
{
var tokenValue = filterContext.Request.Headers.GetValues(Token).First();
// Validate Token
if (provider != null && !provider.ValidateToken(tokenValue))
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid Request"
};
filterContext.Response = responseMessage;
}
}
else
{
filterContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
}
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
IEnumerable <string> AuthTokenValues;
if (actionContext.Request.Headers.TryGetValues(Token, out AuthTokenValues))
{
// To do - Use dependency injection
TokenServices tokenService = new TokenServices();
// Validate Token
if (!tokenService.ValidateToken(AuthTokenValues.FirstOrDefault()))
{
var responseMessage = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid Request"
};
Debug.Write("Request rejected since the token cookie is invalid!");
actionContext.Response = responseMessage;
}
}
else
{
Debug.Write("Request rejected since the token cookie is missing!");
actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
}
base.OnActionExecuting(actionContext);
}
//dynamic porque haverão varios tipos de retorno
public async Task <ActionResult <dynamic> > Autenticar([FromBody] User model)
{
// Recupera o usuário
var user = UserRepository.GetLogin(model.Username, model.Password);
//var user = new Models.User {Id = 1, Username ="******", Password="******", Role="employee" };
// Verifica se o usuário existe
if (user == null)
{
return(NotFound(new { message = "Usuário ou senha inválidos" }));
}
// Gera o Token
var token = TokenServices.GerarToken(user);
// Oculta a senha
user.Password = "";
// Retorna os dados
return(new
{
user = user,
token = token
});
}
protected override bool OnAuthorizeUser(string name, string password, HttpActionContext actionContext)
{
var provider = new TokenServices();
if (provider != null)
{
Debug.WriteLine("Authenticating credentials - {0} {1}", name, password);
ResponseWithToken token = provider.AuthenticateAsync(name, password).Result;
Debug.WriteLine("Token - " + token);
if (token != null)
{
var basicAuthenticationIdentity = Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
if (basicAuthenticationIdentity != null)
{
basicAuthenticationIdentity.UserName = name;
}
return(true);
}
}
return(false);
}
private Task <IPrincipal> AuthenticateAsync(string token)
{
try
{
return(TokenServices.AuthenticateJwtToken(token));
} catch
{
return(null);
}
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.ConfigureApiBehaviorOptions(option =>
{
option.SuppressInferBindingSourcesForParameters = true;
});
TokenServices.AddAuthenticationService(services, _configuration);
}
private HttpResponseMessage GetAuthToken(int userId)
{
TokenServices service = new TokenServices();
var token = service.GenerateToken(userId);
var response = Request.CreateResponse(HttpStatusCode.OK, "Authorized");
response.Headers.Add(MobileCommon.WebToken, token.AuthToken.ToString());
response.Headers.Add("TokenExpiry", ConfigurationManager.AppSettings["AuthTokenExpiry"]);
response.Headers.Add("Access-Control-Expose-Headers", "Token,TokenExpiry");
return(response);
}
private void TokenReceived()
{
using (var trs = new TransactionScope())
{
DateTime now = DateTime.Now; // Time of request
ADOLinkRequest alr = new ADOLinkRequest();
LinkRequest lr = alr.Insert(
new LinkRequest()
{
RequestedOn = DateTime.Now,
Token = TextBox3.Text
});
// Get a link for the token.
ADOToken at = new ADOToken();
IToken token = at.FindUnexpired(lr.Token);
if (token == null)
{
Response.Redirect("TokenNotFound.aspx");
return;
}
ADOTokenType att = new ADOTokenType();
TokenType tt = att.ById(token.TokenTypeId);
//Now get Token request for this token.
ADOTokenRequest atr = new ADOTokenRequest();
TokenRequest tr = atr.FindFor(token);
bool expiredNow = token.SingleUse || tr.RequestedOn.AddSeconds(token.ValidForSeconds) <= now;
if (expiredNow)
{
token = at.Expire(token);
}
if (token.IsExpired)
{
//Get token service
TokenService ts = new TokenServices().GetTokenService(tt);
//Make token available again
ts.ReturnToken(token);
}
trs.Complete();
Response.Redirect(
String.Format("Transfer.aspx?url2={0}", Server.UrlEncode(tr.LinkHref)));
return;
}
}
/// <summary>
/// Executed when link is received. Generates a token request, gets a token.
/// </summary>
private void LinkReceived()
{
//Uri validator must be passed to pass
if (!Page.IsValid)
{
return;
}
IToken token = null;
using (var trs = new TransactionScope())
{
//Save request.
TokenRequest tokenRequest = new TokenRequest()
{
LinkHref = TextBox1.Text
, RequestedOn = DateTime.Now
, TokenTypeId = Convert.ToInt32(RadioButtonList1.SelectedValue)
, TokenTypeText = RadioButtonList1.SelectedItem.Text
, SingleUse = CheckBox1.Checked
};
ADOTokenRequest atr = new ADOTokenRequest();
tokenRequest = atr.Insert(tokenRequest);
//Use token generator
TokenService ts = new TokenServices().GetTokenService(tokenRequest);
token = new TokenGenerator().GetTokenForStoring(ts, tokenRequest);
token.SingleUse = tokenRequest.SingleUse;
//Save a link.
ADOLink atl = new ADOLink();
atl.Insert(new Link()
{
LinkHref = tokenRequest.LinkHref, TokenId = token.TokenId
});
//Now save this token to the tokens list.
ADOToken at = new ADOToken();
token = at.Insert(token);
//Next assign a token to this request.
tokenRequest.TokenId = token.TokenId;
atr.UpdateTokenId(tokenRequest);
trs.Complete();
}
//Set up the view
TextBox2.Text = token.TokenText;
TextBox2.Focus();
SetupClipBoard();
}
/// <summary>
/// Returns auth token for the validated user.
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
private HttpResponseMessage GetAuthToken(BasicAuthenticationIdentity basicAuthenticationIdentity)
{
var userId = basicAuthenticationIdentity.UserId;
TokenServices tokenService = new TokenServices();
var token = tokenService.GenerateToken(userId);
var response = Request.CreateResponse(HttpStatusCode.OK, "Authorized");
response.Headers.Add("Token", token.AuthToken);
response.Headers.Add("UserId", userId.ToString());
response.Headers.Add("TokenExpiry", ConfigurationManager.AppSettings["AuthTokenExpiry"]);
response.Headers.Add("Access-Control-Expose-Headers", "Token,TokenExpiry");
return(response);
}
public async Task <FileResult> GetImage(int userID, int siteID, int programID, int tracerID, string fileName, bool actualImage = false)
{
try
{
TokenServices tokenService = new TokenServices();
if (tokenService.CheckUserToken(userID))
{
//Azure settings
var accountName = ConfigurationManager.AppSettings["storage:account:name"];
var accountKey = ConfigurationManager.AppSettings["storage:account:key"];
var storageAccount = new CloudStorageAccount(new StorageCredentials(accountName, accountKey), true);
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
var folderName = actualImage ? "Actual/" : "Thumb/";
var uri = ConfigurationManager.AppSettings["azure:filepath"] + folderName + siteID + "/" + programID + "/" + tracerID + "/" + fileName;
var Blob = await blobClient.GetBlobReferenceFromServerAsync(new Uri(uri));
var isExist = await Blob.ExistsAsync();
if (!isExist)
{
// "file not found"
return(null);
}
else
{
Stream blobStream = await Blob.OpenReadAsync();
byte[] streamdata = new BinaryReader(blobStream).ReadBytes((int)Blob.Properties.Length);
var contentType = Blob.Properties.ContentType.ToString();
contentType = contentType.Contains("octet") ? MimeMapping.GetMimeMapping(fileName) : contentType;
return(File(streamdata, contentType, fileName));
}
}
else
{
return(null);
}
}
catch (Exception ex)
{
var Content = new StringContent(ex.Message);
return(null);
}
}
public IActionResult Login(LoginViewModel loginViewModel)
{
var user = UserRepository.Get(loginViewModel.UserName, loginViewModel.Password);
if (user == null)
{
return(BadRequest("Not Found"));
}
var token = TokenServices.GeneratorToken(user);
user.Password = "";
return(new OkObjectResult(new { user, token }));
}
public IActionResult Authenticate([FromBody] User model)
{
var user = UserRepository.Get(model.Username, model.Password);
if (user == null)
{
return(NotFound(new { message = "Usuário ou senha inválidos." }));
}
var token = TokenServices.GenerateToken(user);
user.Password = "";
return(Ok(new { user, token }));
}
public IHttpActionResult Login(UsuarioSenhaDTO usuario)
{
if (usuario == null || usuario.Login == null || usuario.Senha == null)
{
return(BadRequest());
}
Usuario user;
try
{
Modelo db = new Modelo();
user = db.Usuarios.Find(usuario.Login);
if (user == null)
{
return(BadRequest("Usuário não encontrado!"));
}
string senhaCrypt = CryptoGraph.Encrypt(usuario.Senha);
if (user.Senha != senhaCrypt)
{
return(BadRequest("Senha incorreta!"));
}
string token = TokenServices.GenerateToken(user.Login, roles: user.Perfil);
var userObj = new
{
Token = token,
Usuario = user.Nome,
usuario.Login,
user.FuncionarioId,
user.Funcionario?.MatriculaFuncionario,
user.Funcionario?.CodigoEmpresa,
user.Perfil
};
db.Dispose();
return(Ok(userObj));
}
catch (Exception ex)
{
return(Content(HttpStatusCode.InternalServerError, ex));
}
}
public async Task <ActionResult <dynamic> > Signup([FromBody] Usuario user)
{
var User = interfac.Newuser(user);
if (User == null)
{
return(NotFound(new { message = "Usuario ou senha incorreta" }));
}
var token = TokenServices.GenerateToken(User);
user.Password = criptografia.ComputerHash(user.Password, new SHA256CryptoServiceProvider());
return(new
{
User = User,
token = token
});
}
public async Task <ActionResult <dynamic> > Authenticate([FromBody] User model)
{
var user = Repositories.GetByEmail(model.email);
if (user == null)
{
return(NotFound(new { message = "Usuario ou senha invalidos" }));
}
var token = TokenServices.GenerateToken(user);
user.senha = "";
return(new
{
user = user,
token = token
});
}
public async Task <ActionResult <dynamic> > Authenticate([FromServices] DataContext context, [FromBody] Usuario model)
{
var Usuario = UsuarioRepository.Get(model.Nome, model.Senha, context);
if (Usuario == null)
{
return(NotFound(new { message = "Usuário ou senha inválidos" }));
}
var token = TokenServices.GenerateToken(Usuario);
Usuario.Senha = "";
return(new
{
Usuario = Usuario,
token = token
});
}
public IActionResult Login([FromBody] Usuario usuario)
{
var _usuario = _repo.Login(usuario);
if (_usuario == null)
{
return(NotFound());
}
TokenServices tokenService = new TokenServices(_config);
var token = tokenService.RequestToken(_usuario);
_usuario.Senha = "";
return(Ok(new
{
usuario = _usuario,
token = token,
}));
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
ITokenServices tokenServices = new TokenServices();
if (actionContext.Request.Headers.Contains(Token))
{
var tokenValue = actionContext.Request.Headers.GetValues(Token).First();
if (!tokenServices.ValidateToken(tokenValue))
{
var responseMessage =
new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid Request"
};
actionContext.Response = responseMessage;
}
base.OnActionExecuting(actionContext);
}
}
public override void OnActionExecuting(HttpActionContext filterContext)
{
// Get API key provider
TokenServices provider = new TokenServices();
//filterContext.ControllerContext.Configuration
//.DependencyResolver.GetService(typeof(ITokenServices)) as ITokenServices;
if (filterContext.Request.Headers.Contains(Token))
{
var tokenValue = filterContext.Request.Headers.GetValues(Token).First();
TokenId = tokenValue;
if (tokenValue == string.Empty)
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid Token"
};
filterContext.Response = responseMessage;
}
// Validate Token
else if (!provider.ValidateToken(tokenValue))
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid request/token expired."
};
filterContext.Response = responseMessage;
}
}
else
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
ReasonPhrase = "Invalid key."
};
filterContext.Response = responseMessage;
}
base.OnActionExecuting(filterContext);
}
public IActionResult Authenticate1([FromBody] User model)
{
var user = UserRepository.GetUser(model.UserName, model.Password);
if (user == null)
{
return(NotFound());
}
var token = TokenServices.GenerateToken(user);
user.Password = null;
return(Ok(new
{
user = user,
token = token
}));
}
public async Task <ActionResult <dynamic> > Authenticate([FromBody] User model)
{
var response = _userManager.FindByEmailAsync(model.UserName);
if (response != null)
{
var usuario = (IdentityUser)response.Result;
var token = TokenServices.GenerarateToken(usuario);
return(new
{
user = usuario,
token = token,
});
}
return(null);
}
public async Task <IActionResult> Login(LoginRequest userloginrequest)
{
UserLoginResponse usersReponse = new UserLoginResponse();
usersReponse.jwt = new JwtToken();
try
{
var checkEmail = _context.Users.Any(x => x.Email == userloginrequest.email);
if (checkEmail == false)
{
usersReponse.status_code = 404;
usersReponse.error = "User not found";
return(NotFound(new Response <UserLoginResponse>(usersReponse)));
}
string hashedPassword = PasswordHasher.HashPassword(userloginrequest.password);
Users _user = await _context.Users.Where(h => h.Email == userloginrequest.email && h.Password == hashedPassword).SingleOrDefaultAsync();
if (_user == null)
{
usersReponse.status_code = 400;
usersReponse.error = "email or password is incorrect";
return(BadRequest(new Response <UserLoginResponse>(usersReponse)));
}
usersReponse.status_code = 200;
usersReponse.jwt = await TokenServices.GenerateTokenAsync(_user.Email, _user.Id.ToString());
var user = _mapper.Map <UsersViewModel>(_user);
return(Ok(new Response <UserLoginResponse>(usersReponse)));
}
catch (Exception ex)
{
usersReponse.error = ex.Message;
usersReponse.status_code = 400;
return(BadRequest(new Response <UserLoginResponse>(usersReponse)));
}
}
public async Task <ActionResult <dynamic> > Autenticacao([FromBody] Usuario model)
{
try
{
var user = UsuarioRepository.Get(model.Nome, model.Senha);
if (user == null)
{
return(BadRequest(new { message = "Usuário ou senha inválidos" }));
}
var token = TokenServices.GenerateToken(user);
user.Senha = "";
return(new
{
user = user,
token = token
});
}
catch (System.Exception erro)
{
return(BadRequest(erro.Message.ToString()));
}
}
public IActionResult GetToken([FromBody] AuthenticationViewModel authentication)
{
if (!ModelState.IsValid)
{
return(BadRequest("Invalid credentials."));
}
if (authentication.User != "joe" || authentication.Password != "blow")
{
return(NotFound("Invalid credentials."));
}
var user = new User()
{
Id = 1, Role = "Administrator"
};
return(Ok(new
{
token_type = "bearer",
access_token = TokenServices.CreateToken(ClaimTypes.CreateClaims(user)),
expiration_date = DateTime.UtcNow.AddMinutes(TokenServices._expirationInMinute),
}));
}
