public async Task <IActionResult> GenerateToken([FromBody] GenerateTokenModel model) { #region Validate Model var userInputValidated = _generateTokenModelValidator.Validate(model); if (!userInputValidated.IsValid) { _infos.Add(_badRequest.ShowError(int.Parse(userInputValidated.Errors[0].ErrorMessage)).Message); return(BadRequest(new CustomResponse <string> { Message = _infos })); } #endregion #region Supply User Agent values model.UserAgent = UserAgent; model.AppVersion = Version; #endregion var generatedToken = await _myAuthentication.GenerateToken(model); return(Ok(generatedToken)); }
public HttpResponseMessage SetDefaultOrganisation(int id) { var token = TokenBase.ReadToken(HttpContext.Current); if (_validation.IsTokenValid(token)) { if (!_validation.VolunteerHasAccessToThisOrg(id, token.Email)) { return(Messages.ReturnUnauthorized()); } var generateTokenModel = new GenerateTokenModel { VolunterId = token.VolunteerId, Email = token.Email, OrganisationId = id, Audience = ConfigurationManager.AppSettings["Audience"], Issuer = ConfigurationManager.AppSettings["Issuer"], Key = ConfigurationManager.AppSettings["Key"] }; var jwtSecurityToken = _tokenManager.GenerateToken(generateTokenModel); _tokenManager.MakeTokenInvalid(token.TokenId); return(Messages.ReturnOk(new { token = jwtSecurityToken })); } return(Messages.ReturnUnauthorized()); }
public string LoginToken(GenerateTokenModel model) { var token = new JwtSecurityToken( issuer: _jwtAuthentication.Value.ValidIssuer, audience: _jwtAuthentication.Value.ValidAudience, claims: new[] { new Claim(JwtRegisteredClaimNames.Sub, model.Username), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }, expires: DateTime.UtcNow.AddDays(30), notBefore: DateTime.UtcNow, signingCredentials: _jwtAuthentication.Value.SigningCredentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task <IActionResult> GenerateToken([FromBody] GenerateTokenModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await _userRepository.LoadByEmailAsync(model.Email); if (user == null) { return(BadRequest("Email or password is invalid")); } var result = _passwordHasher.VerifyHashedPassword(user.Password, model.Password); if (result == PasswordVerificationResult.Failed) { return(BadRequest("Email or password is invalid")); } if (result == PasswordVerificationResult.SuccessRehashNeeded) { user.Password = _passwordHasher.HashPassword(model.Password); await _userRepository.SaveAsync(user); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, model.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var jwtAuthentication = _jwtAuthentication.Value; var token = new JwtSecurityToken( issuer: jwtAuthentication.ValidIssuer, audience: jwtAuthentication.ValidAudience, claims: claims, expires: DateTime.UtcNow.AddDays(30), notBefore: DateTime.UtcNow, signingCredentials: jwtAuthentication.SigningCredentials); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); }
public HttpResponseMessage Login([FromBody] LoginViewModel model) { if (!ModelState.IsValid) { var errors = ModelState.Values .SelectMany(v => v.Errors) .Select(e => e.ErrorMessage).ToList(); return(Messages.ReturnBadRequestWithLabelErrors(errors)); } try { if (!_validation.IsVolunteerLoginDataValid(model.Email, model.Password)) { return(Messages.ReturnUnauthorized()); } var volunteer = _volunteerManager.GetVolunteerByEmail(model.Email); var generateTokenModel = new GenerateTokenModel { VolunterId = volunteer.Volunteer_ID, Email = volunteer.Email_VC, OrganisationId = null, Audience = ConfigurationManager.AppSettings["Audience"], Issuer = ConfigurationManager.AppSettings["Issuer"], Key = ConfigurationManager.AppSettings["Key"] }; var jwtSecurityToken = _tokenManager.GenerateToken(generateTokenModel); return(Messages.ReturnOk(new { token = jwtSecurityToken })); } catch (Exception ex) { //_logger.LogError($"Error while creating token: {ex}"); return(Messages.ReturnInternalServerError()); } }
public string GenerateToken(GenerateTokenModel model) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)), new Claim("vId", SecurityBase.Encrypt(model.VolunterId.ToString())), new Claim("oId", SecurityBase.Encrypt(model.OrganisationId.ToString())), new Claim(JwtRegisteredClaimNames.Email, SecurityBase.Encrypt(model.Email)) }; var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(model.Key)); var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature, "http://www.w3.org/2001/04/xmlenc#sha256"); var jwtSecurityToken = new JwtSecurityToken( issuer: model.Issuer, audience: model.Audience, claims: claims, //expires: DateTime.UtcNow,//DateTime.UtcNow.AddDays(1), signingCredentials: signingCredentials ); var jwtSecurityTokenHandler = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); var tokenId = claims.First(claim => claim.Type == JwtRegisteredClaimNames.Jti).Value; var volunteerToken = new VolunteerToken { Id = new Guid(tokenId), Volunteer_ID = model.VolunterId, Token_VC = jwtSecurityTokenHandler, Active_BT = true }; _volunteerTokenRepository.SaveToken(volunteerToken); return(jwtSecurityTokenHandler); }
public async Task <GenerateTokenModel> GenerateTokenString(User user) { try { var model = new GenerateTokenModel(); var accessTokinMin = 240; var expire = DateTime.UtcNow.AddMinutes(accessTokinMin); model.TokenExpireOn = expire; var userName = user.Username; var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, userName), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Role, user.RoleName) }), Expires = expire, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); model.Token = tokenString; return(model); } catch (Exception ex) { return(null); } }
public async Task <CustomResponse <TokenResource> > GenerateToken(GenerateTokenModel model) { var infos = new List <string>(); var user = await _userManager.FindByEmailAsync(model.UserName); #region Validate User if (user == null) { infos.Add("Username/email not exist."); return(new CustomResponse <TokenResource> { Message = infos }); } #endregion var userToken = _context.AspNetUserSessions.FirstOrDefault(t => t.UserId == user.Id && t.DeviceName == model.UserAgent); #region Validate Token if Registered if (userToken == null) { infos.Add("The account never Signed In."); return(new CustomResponse <TokenResource> { Message = infos }); } #endregion #region Validate Token Type if (model.TokenResource.Type != "refresh" && model.TokenResource.Type != "session") { infos.Add("The Token Type is invalid."); } #endregion #region Check Refresh Token Validity if (userToken.Token != model.TokenResource.Token) { infos.Add("The Refresh Token is wrong."); } if (!(userToken.Validity ?? true)) { infos.Add("The Refresh Token is invalid."); } if (userToken.TokenExpiredAt < DateTime.UtcNow && model.TokenResource.Type == "session") { infos.Add("The Refresh Token is expired."); } if (infos.Count > 0) { return(new CustomResponse <TokenResource> { Message = infos }); } #endregion var refreshedToken = RefreshToken(model.TokenResource); return(refreshedToken); #region Local Methods CustomResponse <TokenResource> RefreshToken(GenerateTokenResourceModel tokenResourceModel) { if (tokenResourceModel.Type == "session") { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_options.Value.Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(_options.Value.Issuer, _options.Value.Issuer, claims, expires: DateTime.Now.AddDays(_options.Value.AccessTokenExpiryMins), signingCredentials: creds); return(new CustomResponse <TokenResource> { Succeed = true, Data = new TokenResource { Token = new JwtSecurityTokenHandler().WriteToken(token), ExpiredAt = token.ValidTo } }); } var refreshToken = _refreshToken.GenerateRefreshToken(new RefreshTokenGetModel { UserId = user.Id, UserAgent = model.UserAgent, AppVersion = model.AppVersion, ApiVersion = "1.0" }); return(new CustomResponse <TokenResource> { Succeed = refreshToken.Result.Succeed, Data = refreshToken.Result.Data, Message = refreshToken.Result.Message }); } #endregion }