Ejemplos de SafeAccountsAPI.Controllers HelperMethods.GenerateLoginResponse en C# (CSharp)

Ejemplo n.º 1

Archivo: RefreshController.cs Proyecto: shaybra/SafeAccountsAPI

        public string Refresh()
        {
            // attempt getting user from claims
            User user = HelperMethods.GetUserFromAccessToken(Request.Cookies["AccessTokenSameSite"] ?? Request.Cookies["AccessToken"], _context, _configuration.GetValue <string>("JwtTokenKey"));

            ValidateRefreshToken(user, Request.Cookies["RefreshTokenSameSite"] ?? Request.Cookies["RefreshToken"]); // make sure this is a valid token for the user
            string       newTokenStr = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("JwtTokenKey"));
            RefreshToken newRefToken = HelperMethods.GenerateRefreshToken(user, _context);
            string       ret         = HelperMethods.GenerateLoginResponse(newTokenStr, newRefToken, user.ID);

            _context.SaveChanges(); // save refresh token just before returning string to be safe

            // append cookies after refresh
            HelperMethods.SetCookies(Response, newTokenStr, newRefToken);
            return(ret);
        }

Ejemplo n.º 2

        [HttpPost("login"), AllowAnonymous]         //working
        public string User_Login([FromBody] string credentials)
        {
            JObject json = null;

            try { json = JObject.Parse(credentials); } catch (Exception ex) {
                Response.StatusCode = 400;
                ErrorMessage error = new ErrorMessage("Invalid Json", credentials, ex.Message);
                return(JObject.FromObject(error).ToString());
            }

            try {
                // get users saved password hash and salt
                User user = _context.Users.Single(a => a.Email == json["email"].ToString());

                // successful login.. compare user hash to the hash generated from the inputted password and salt
                if (ValidatePassword(json["password"].ToString(), user.Password))
                {
                    string       tokenString = HelperMethods.GenerateJWTAccessToken(user.Role, user.Email, _configuration.GetValue <string>("JwtTokenKey"));
                    RefreshToken refToken    = HelperMethods.GenerateRefreshToken(user, _context);
                    string       ret         = HelperMethods.GenerateLoginResponse(tokenString, refToken, user.ID);
                    _context.SaveChanges();                     // always last on db to make sure nothing breaks and db has new info

                    // append cookies to response after login
                    HelperMethods.SetCookies(Response, tokenString, refToken);
                    return(ret);
                }
                else
                {
                    Response.StatusCode = 401;
                    ErrorMessage error = new ErrorMessage("Invalid Credentials", credentials, Unauthorized().ToString());
                    return(JObject.FromObject(error).ToString());
                }
            } catch (Exception ex) {
                Response.StatusCode = 500;                 // later we will add logic to see if the error comes from users not giving all json arguments
                ErrorMessage error = new ErrorMessage("Error validating credentials", credentials, ex.Message);
                return(JObject.FromObject(error).ToString());
            }
        }