private string UserLogin(User user, bool isRememberMe)
{
var token = new Entities.UserLoginToken()
{
Id = 0,
UserId = user.Id
};
token.LastLoginDated = DateTimeHelper.GetDateTimeNow();
token.ExpiredDated = token.LastLoginDated.AddDays(isRememberMe ? 14 : 1);
token.Token = System.Guid.NewGuid().ToString().Replace("-", "");
BaseDBRepository.UserLoginTokenRepository.Save(token);
BaseDBRepository.Commit();
// Delete user's expired tokens
var expiredTokens = BaseDBRepository.UserLoginTokenRepository.GetAll()
.Where(t => t.UserId == user.Id &&
t.ExpiredDated < DateTimeHelper.GetDateTimeNow()).ToList();
BaseDBRepository.UserLoginTokenRepository.Delete(expiredTokens);
BaseDBRepository.Commit();
// @TODO : Merge anonymous data to logged in user and delete current anonymous user & its tokens
var tokenString = JwtHelper.CreateJwtToken(token.Token, token.ExpiredDated);
if (!string.IsNullOrEmpty(tokenString))
{
this.Response.Cookies.Delete("auth");
this.Response.Cookies.Append("auth", tokenString, new Microsoft.AspNetCore.Http.CookieOptions()
{
Path = "/",
Expires = new DateTimeOffset(DateTimeHelper.GetDateTimeNow().AddYears(2))
});
}
return(tokenString);
}
public Task HandleAsync(AuthorizationHandlerContext context)
{
var mvcContext = context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext;
if (mvcContext == null)
{
return(Task.CompletedTask);
}
string jwt = mvcContext.HttpContext.Request.Cookies["auth"];
if (string.IsNullOrEmpty(jwt) || jwt == "null")
{
return(Task.CompletedTask);
}
var payloadString = JwtHelper.Decode(jwt);
if (string.IsNullOrEmpty(payloadString))
{
return(Task.CompletedTask);
}
var payLoad = JsonConvert.DeserializeObject <Dictionary <string, string> >(payloadString);
var token = payLoad["token"];
if (string.IsNullOrEmpty(token))
{
return(Task.CompletedTask);
}
var loginSession = BaseDBRepository.UserLoginTokenRepository.GetAll()
.Include(x => x.User)
.FirstOrDefault(x => x.Token == token);
if (loginSession == null)
{
return(Task.CompletedTask);
}
//Check if user was banned
if (loginSession?.User?.UserStatusId == UserStatusEnums.Deactive)
{
return(Task.CompletedTask);
}
if (loginSession.ExpiredDated < DateTimeHelper.GetDateTimeNow())
{
return(Task.CompletedTask);
}
loginSession.LastLoginDated = DateTimeHelper.GetDateTimeNow();
loginSession.ExpiredDated = DateTimeHelper.GetDateTimeNow().AddDays(loginSession.IsRememberMe.GetValueOrDefault() ? 14 : 1);
BaseDBRepository.UserLoginTokenRepository.Save(loginSession);
BaseDBRepository.Commit();
var requireClaim = GetRequireClaimFromControllerAndActionName(mvcContext.RouteData.Values["controller"] + "", mvcContext.RouteData.Values["action"] + "");
if (!CheckClaimExistsInDatabase(requireClaim))
{
this.CreateNewClaim(requireClaim);
}
if (!CheckClaims(requireClaim, loginSession.UserId))
{
#if DEBUG
var userRole = BaseDBRepository.UserRoleRepository.GetAll().Where(x => x.UserId.HasValue && x.UserId.Value == loginSession.UserId).Select(x => x.Role).OrderByDescending(x => x.RoleType).FirstOrDefault();
var link = "/api/role/grant-access?c=" + requireClaim + "&r=" + (int)userRole.RoleType;
Debugger.Break();
#endif
return(Task.CompletedTask);
}
foreach (var requirement in context.Requirements)
{
context.Succeed(requirement);
}
return(Task.CompletedTask);
}