public IActionResult Authenticate([FromBody] AuthenticateDTO model) { var user = _userService.Authenticate(model.Username, model.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic user info and authentication token return(Ok(new { Id = user.Id, Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Token = tokenString })); }
public IActionResult Authenticate([FromBody] AuthenticateDTO usuarioDTO) { var usuarioModel = _mapper.Map <AuthenticateModel>(usuarioDTO); var usuario = _userService.Authenticate(usuarioModel.Username, usuarioModel.Password); if (usuario == null) { return(BadRequest(new { message = "Usuario y/o contraseña incorectos" })); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, usuario.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // Se retorna la informacion del usuario y su token return(Ok(new { Id = usuario.Id, Username = usuario.Username, Token = tokenString })); }
public AuthenticateTokenDTO AuthenticateUser(AuthenticateDTO authenticateDTO) { if (string.IsNullOrWhiteSpace(authenticateDTO.EmailId) || string.IsNullOrWhiteSpace(authenticateDTO.Password)) { throw new Exception("Invalid user name or password."); } var result = UnitOfWork.UserRepository.AuthenticateUser(authenticateDTO.EmailId, authenticateDTO.Password); if (result == null) { return(null); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, result.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); AuthenticateTokenDTO authenticateTokenDTO = new AuthenticateTokenDTO { UserName = result.FirstName + " " + result.LastName, Token = tokenHandler.WriteToken(token) }; return(authenticateTokenDTO); }
private async Task <TokenViewModel> GetToken(AuthenticateDTO authenticateDTO) { var token = new TokenViewModel(); using (var httpClient = new HttpClient()) { var url = _authSettings.ClientsConnections.RunInDocker ? _authSettings.ClientsConnections.UrlApi1Docker : _authSettings.ClientsConnections.UrlApi1; using (var request = new HttpRequestMessage(new HttpMethod("POST"), $"{url}/api/Authenticate")) { request.Headers.TryAddWithoutValidation("accept", "application/json"); request.Content = new StringContent(JsonConvert.SerializeObject(authenticateDTO)); request.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json"); var response = await httpClient.SendAsync(request); if (response.IsSuccessStatusCode) { token = JsonConvert.DeserializeObject <TokenViewModel>(response.Content.ReadAsStringAsync().Result); } } } return(token); }
public async Task <TokenViewModel> AuthenticateAsync(AuthenticateDTO authDTO) { var authValidator = new AuthenticateValidator(_authSettings); await authValidator.ValidateAndThrowAsync(authDTO); return(_tokenService.GenerateTokenAuthentication()); }
public async Task <IActionResult> Authenticate([FromBody] AuthenticateDTO model) { var user = await _userService.Authenticate(model.UserName, model.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } return(Ok(true)); }
public IActionResult Authenticate([FromBody] AuthenticateDTO model) { var user = _userRepository.Authenticate(model.Email, model.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect!" })); } return(Ok(user)); }
public async Task <IActionResult> Login([FromBody] AuthenticateDTO data) { return(await TryCatchLogAsync(async() => { var modelErrors = GetModelErrorsOrNull(); if (modelErrors.IsNotNull()) { Logger.WriteLog(LogLevel.Warning, GetUser().CreateContainer(data, GetRequestId()), null, (o, e) => $"AuthenticateDTO не валидна.\n {o.Object.JsonSerialize()}", "AuthenticationController.Login"); return GetBadResult(modelErrors); } var claims = new List <Claim> { new Claim(ClaimsIdentity.DefaultNameClaimType, data.Name), new Claim(AuthenticationHelper.FingerPrintClaimType, data.FingerPrint) }; ClaimsIdentity id = new ClaimsIdentity(claims, "ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(id)); var userContext = await Builder.GetUserStateActions.GetAsync(data.Name, data.FingerPrint); if (userContext.IsNotNull()) { userContext.LoginTime = DateTime.Now; await DBContext.SaveChangesAsync(); } else { await Builder.GetUserStateActions.AddAsync(new UserState() { Ip = GetUser().Ip, FingerPrint = data.FingerPrint, Name = data.Name, LoginTime = DateTime.Now }); } Logger.WriteLog(LogLevel.Information, GetUser().CreateContainer(data, GetRequestId()), null, (o, e) => $"Успешная аутентификация.\n {o.Object.JsonSerialize()}", "AuthenticationController.Login"); return Ok(); })); }
public async Task <ActionResult <TokenDTO> > Authenticate([FromBody] AuthenticateDTO userParam) { (DetailedUserDTO userDTO, string token) = await _userRepository.Authenticate(userParam.Email, userParam.Password); if (token == null || userDTO == null) { return(BadRequest("Username or password is incorrect")); } return(new TokenDTO { Token = token, UserDTO = userDTO }); }
public IActionResult AuthenticateUser(AuthenticateDTO authenticateDTO) { try { var result = user.AuthenticateUser(authenticateDTO); if (result == null) { return(BadRequest("User login or password is incorrect.")); } return(Ok(result)); } catch (Exception ex) { return(NotFound(ex.Message)); } }
public async Task <IActionResult> Authenticate([FromBody] AuthenticateDTO authDTO) { try { var result = await _authenticationService.AuthenticateAsync(authDTO); return(Ok(result)); } catch (ValidationException ex) { _logger.LogError(ex, "ValidationException"); return(BadRequest(_validationErrorService.FormatError(ex))); } catch (Exception ex) { _logger.LogError(ex, "Exception"); return(Problem(ex.Message)); } }
public async Task Authenticate_given_wrong_Password_match_Returns_BadRequest_and_error_message() { var token = "verysecrettoken"; var id = 1; var user = new User { Email = "test@Test", Password = "******", }; var dto = new AuthenticateDTO { Email = user.Email, Password = "******", }; var userDTO = new DetailedUserDTO { UserId = id, Email = dto.Email, UserRole = UserRoleEnum.Receiver.ToString(), FirstName = "test", SurName = "test" }; var responseText = "Username or password is incorrect"; var repository = new Mock <IUserRepository>(); repository.Setup(s => s.Authenticate(user.Email, user.Password)).ReturnsAsync((userDTO, token)); var logger = new Mock <ILogger <UsersController> >(); var controller = new UsersController(repository.Object, logger.Object); var authenticate = await controller.Authenticate(dto); var result = authenticate.Result as BadRequestObjectResult; Assert.IsType <BadRequestObjectResult>(authenticate.Result); Assert.Equal(responseText, result.Value); }
public ObjectResult Login([FromBody] LoginDTO dto) { try { AuthenticateDTO authenticate = _service.Authenticate(dto); return(Ok(authenticate)); } catch (InvalidUserException ex) { return(BadRequest(ex.ValidationResult)); } catch (UserNotFoundException ex) { return(NotFound(ex.Message)); } catch (Exception ex) { return(StatusCode(500, $"Ocorreu um erro inesperado: {ex.Message}")); } }
public async void Authenticate_ShouldReturnAuthenticatedToken() { //Arrange var auth = new AuthenticateDTO() { User = "******", Password = "******" }; _tokenService.GenerateTokenAuthentication() .Returns(new TokenViewModel { Token = "Valid.Bearer.Token", Authenticated = true, Expiration = DateTime.Now.AddHours(3) }); // Act var token = await _sut.AuthenticateAsync(auth); //Assert Assert.NotNull(token); Assert.True(token.Authenticated); }
public async void Authenticate_ShouldReturnAuthenticationException_WhenCredentialsAreInvalids() { //Arrange var auth = new AuthenticateDTO() { User = "******", Password = "******" }; // Act and Assert var result = await Assert.ThrowsAsync <ValidationException>(async() => await _sut.AuthenticateAsync(auth)); var details = result.Errors .Select(s => new Detail() { Code = s.ErrorCode, Message = $"{s.PropertyName} {s.ErrorMessage}", }); var total = details.Count(); Assert.Equal(1, total); Assert.Equal("INVALID_CREDENCIALS", details.First().Code); }
public async void Authenticate_ShouldReturnValidationException_WhenPasswordIsEmpty() { // Arrange var auth = new AuthenticateDTO() { User = "******", Password = string.Empty }; // Act and Assert var result = await Assert.ThrowsAsync <ValidationException>(async() => await _sut.AuthenticateAsync(auth)); var details = result.Errors .Select(s => new Detail() { Code = s.ErrorCode, Message = $"{s.PropertyName} {s.ErrorMessage}", }); var total = details.Count(); Assert.Equal(1, total); Assert.Equal("EMPTY_PASSWORD", details.First().Code); }
public AuthenticateDTO Authenticate(LoginDTO dto) { if (!_validator.IsValidLoginDTO(dto)) { throw new InvalidUserException(_validator.ValidationResult); } User user = _repository.FindByEmailAndPassword(dto.email, MD5Cryptography.GetHash(dto.password)); if (user == null) { throw new UserNotFoundException("Email e/ou senha inválidos!"); } AuthenticateDTO authenticate = _mapper.Map <AuthenticateDTO>(user); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(Settings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Email, authenticate.email), new Claim(ClaimTypes.Role, authenticate.role) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); authenticate.token = tokenHandler.WriteToken(token); authenticate.expiresAt = tokenDescriptor.Expires; return(authenticate); }
public async Task Authenticate_given_valid_Email_and_Password_match_returns_authenticated_tuple() { var token = "verysecrettoken"; var id = 1; var dto = new AuthenticateDTO { Email = "test@Test", Password = "******", }; var userDTO = new DetailedUserDTO { UserId = id, Email = dto.Email, UserRole = UserRoleEnum.Receiver.ToString(), FirstName = "test", SurName = "test" }; var repository = new Mock <IUserRepository>(); repository.Setup(s => s.Authenticate(dto.Email, dto.Password)).ReturnsAsync((userDTO, token)); var logger = new Mock <ILogger <UsersController> >(); var controller = new UsersController(repository.Object, logger.Object); var result = await controller.Authenticate(dto); Assert.Equal("verysecrettoken", result.Value.Token); Assert.Equal(userDTO.UserId, result.Value.UserDTO.UserId); Assert.Equal(userDTO.Email, result.Value.UserDTO.Email); Assert.Equal(userDTO.UserRole, result.Value.UserDTO.UserRole); Assert.Equal(userDTO.FirstName, result.Value.UserDTO.FirstName); Assert.Equal(userDTO.SurName, result.Value.UserDTO.SurName); }
public HttpResponseMessage Authenticate(AuthenticateDTO auth) { setContentType(); var loginStatus = UserLoginStatus.LOGIN_FAILURE; objUser = UserController.ValidateUser(auth.portalId, auth.username, auth.password, "DNN", string.Empty, PortalSettings.PortalName, AuthenticationLoginBase.GetIPAddress(), ref loginStatus); if(loginStatus == UserLoginStatus.LOGIN_SUCCESS) { UserController.UserLogin(auth.portalId, objUser, PortalSettings.PortalName, AuthenticationLoginBase.GetIPAddress(), true); FormsAuthenticationTicket authenticationTicket = new FormsAuthenticationTicket(1, objUser.Username, DateTime.Now, DateTime.Now.AddMinutes(30), true, objUser.Username, FormsAuthentication.FormsCookiePath); var encryptedAuthTicket = FormsAuthentication.Encrypt(authenticationTicket); var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedAuthTicket) { Expires = authenticationTicket.Expiration, Domain = PortalSecurity.GetCookieDomain(objUser.PortalID), Path = FormsAuthentication.FormsCookiePath, Secure = FormsAuthentication.RequireSSL }; return Request.CreateResponse(HttpStatusCode.OK, authCookie.Value, new MediaTypeHeaderValue(outputType)); } return Request.CreateResponse(HttpStatusCode.OK, "success", new MediaTypeHeaderValue(outputType)); }
public IActionResult Authenticate(AuthenticateDTO model) { var result = _authorizationService.Authenticate(model.CommonServerName, model.Username, model.Password); return(new OkObjectResult(result)); }