public async Task <AuthenticatedDto> Handle(AuthenticateCommand request, CancellationToken cancellationToken)
{
var user = userManager.Users.SingleOrDefault(u => u.UserName == request.Email);
if (user is null)
{
throw new ApiException("Incorrect Email and/or password.");
}
var userSigninResult = await userManager.CheckPasswordAsync(user, request.Password);
if (userSigninResult)
{
var token = await tokenClaimsService.GetTokenAsync(user, jwtSettings.Secret);
return(new AuthenticatedDto
{
Token = token,
UserId = user.Id,
UserEmail = user.Email
});
}
throw new ApiException("Incorrect Email and/or password.");
}
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync(AuthenticateRequest request)
{
var response = new AuthenticateResponse(request.CorrelationId());
var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true);
response.Result = result.Succeeded;
response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
return(response);
}
public async Task <IActionResult> Login(AuthenticateRequest request)
{
string response = string.Empty;
// Sign user using the ASP.NET Identity platform.
Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true);
if (result.Succeeded)
{
response = await _tokenClaimsService.GetTokenAsync(request.Username);
}
return(Ok(response));
}
public async Task <ActionResult <UserToken> > CreateUser([FromBody] UserInfo model)
{
var user = new ApplicationUser {
UserName = model.Email, Email = model.Email
};
var result = await _userManager.CreateAsync(user, model.Password);
string token;
if (result.Succeeded)
{
token = await _tokenClaimsService.GetTokenAsync(model.Email);
return(new UserToken()
{
Token = token
});
}
else
{
return(BadRequest(result.Errors));
}
}
public async Task <string> LoginAsync(LoginCommand command)
{
var user = await _userManager.FindByNameAsync(command.Username);
var result = await _signInManager.CheckPasswordSignInAsync(user, command.Password, false);
if (result.Succeeded)
{
var token = await _tokenClaimsService.GetTokenAsync(command.Username);
return(token);
}
return(null);
}
private async Task <UserInfo> CreateUserInfo(ClaimsPrincipal claimsPrincipal)
{
if (!claimsPrincipal.Identity.IsAuthenticated)
{
return(UserInfo.Anonymous);
}
var userInfo = new UserInfo
{
IsAuthenticated = true
};
if (claimsPrincipal.Identity is ClaimsIdentity claimsIdentity)
{
userInfo.NameClaimType = claimsIdentity.NameClaimType;
userInfo.RoleClaimType = claimsIdentity.RoleClaimType;
}
else
{
userInfo.NameClaimType = "name";
userInfo.RoleClaimType = "role";
}
if (claimsPrincipal.Claims.Any())
{
var claims = new List <ClaimValue>();
var nameClaims = claimsPrincipal.FindAll(userInfo.NameClaimType);
foreach (var claim in nameClaims)
{
claims.Add(new ClaimValue(userInfo.NameClaimType, claim.Value));
}
foreach (var claim in claimsPrincipal.Claims.Except(nameClaims))
{
claims.Add(new ClaimValue(claim.Type, claim.Value));
}
userInfo.Claims = claims;
}
var token = await _tokenClaimsService.GetTokenAsync(claimsPrincipal.Identity.Name);
userInfo.Token = token;
return(userInfo);
}
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync(AuthenticateRequest request)
{
var response = new AuthenticateResponse(request.CorrelationId());
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
//var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true);
response.Result = result.Succeeded;
response.IsLockedOut = result.IsLockedOut;
response.IsNotAllowed = result.IsNotAllowed;
response.RequiresTwoFactor = result.RequiresTwoFactor;
response.Username = request.Username;
response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
return(response);
}
public override async Task <ActionResult <AuthenticateResponse> > HandleAsync([FromForm] AuthenticateRequest request)
{
var response = new AuthenticateResponse();
var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, true);
if (!result.Succeeded)
{
return(Unauthorized());
}
response.Result = result.Succeeded;
response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
response.Username = request.Username;
return(response);
}
public override async Task <ActionResult <AuthResponse> > HandleAsync(AuthRequest request, CancellationToken cancellationToken = default)
{
var response = new AuthResponse(request.CorrelationId());
var result = await _signInManager.PasswordSignInAsync(request.Username, request.Password, false, false);
response.Result = result.Succeeded;
response.IsLockedOut = result.IsLockedOut;
response.IsNotAllowed = result.IsNotAllowed;
response.RequiresTwoFactor = result.RequiresTwoFactor;
response.Username = request.Username;
if (result.Succeeded)
{
response.Token = await _tokenClaimsService.GetTokenAsync(request.Username);
}
return(response);
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
//var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, false, true);
if (result.Succeeded)
{
var token = await _tokenClaimsService.GetTokenAsync(Input.Email);
CreateAuthCookie(Input.Email, token, Startup.InDocker);
_logger.LogInformation("User logged in.");
await TransferAnonymousBasketToUserAsync(Input.Email);
return(LocalRedirect(returnUrl));
}
if (result.RequiresTwoFactor)
{
return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(RedirectToPage("./Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(Page());
}
}
// If we got this far, something failed, redisplay form
return(Page());
}