// this is used to validate your user account with provided grant at /connect/token
        public async Task ValidateAsync(ResourceOwnerPasswordValidationContext input)
        {
            try {
                // get your user model from db (by username - in my case its email)
                var repoUser = await _repoUser.GetOne(input.UserName);

                if (repoUser != null)
                {
                    // check if password match - remember to hash password if stored as hash in db
                    if (_utlPasswordHasher.ValidatePassword(input.Password, repoUser.password))
                    {
                        // set the result
                        input.Result = new GrantValidationResult(
                            subject: repoUser.username.ToString(),
                            authenticationMethod: "custom",
                            claims: GetUserClaims(repoUser.user_detail));

                        return;
                    }

                    input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Incorrect password");
                    return;
                }
                input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "User does not exist.");
                return;
            }
            catch (Exception ex) {
                input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Invalid username or password");
                Log.Error($"Err: {ex.Message}");
            }
        }
Example #2
0
        public async Task <ResBase> ChangePassword(string username, IMUser.ChangePassword input)
        {
            // get user
            var tbuUser = await _repoUser.GetOne(username);

            if (tbuUser == null)
            {
                return(new ResBase($"user {username} not found"));
            }

            // validate user's old password
            if (!_utlPasswordHasher.ValidatePassword(input.oldPassword, tbuUser.password))
            {
                return(new ResBase($"old password is incorrect"));
            }

            // edit header
            tbuUser.password    = _utlPasswordHasher.HashPassword(input.newPassword);
            tbuUser.md_password = now;

            try {
                // update user
                _repoUser.Update(tbuUser);

                // commit
                await _unitOfWork.Commit();

                return(new ResBase());
            }
            catch (Exception ex) {
                return(new ResBase($"Server errror: {ex.Message}"));
            }
        }
Example #3
0
        // Get user profile date in terms of claims when calling /connect/userinfo
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            try {
                // depending on the scope accessing the user data.
                if (!string.IsNullOrEmpty(context.Subject.Identity.Name))
                {
                    // get user from db (in my case this is by email)
                    var repoUser = await _repoUser.GetOne(context.Subject.Identity.Name);

                    if (repoUser != null)
                    {
                        var claims = ResourceOwnerPasswordValidator.GetUserClaims(repoUser.user_detail);

                        // set issued claims to return
                        context.IssuedClaims = claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)).ToList();
                    }
                }
                else
                {
                    // get subject from context (this was set ResourceOwnerPasswordValidator.ValidateAsync),
                    // where and subject was set to my user id.
                    var username = context.Subject.Claims.FirstOrDefault(x => x.Type == "sub");

                    if (username.Value.HasValue())
                    {
                        // get user from db (find user by user id)
                        var repoUser = await _repoUser.GetOne(username.Value);

                        // issue the claims for the user
                        if (repoUser != null)
                        {
                            var claims = ResourceOwnerPasswordValidator.GetUserClaims(repoUser.user_detail);

                            context.IssuedClaims = claims.ToList();
                            // context.IssuedClaims = claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)).ToList();
                        }
                    }
                }
            }
            catch (Exception ex) {
                Log.Error($"Err: {ex.Message}");
            }
        }