public JsonResult <ApiBaseResponse> LoginByEmail([FromUri] string email)
{
var result = new ApiBaseResponse();
try
{
var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByEmail(email));
if (user == null)
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
}
else
{
var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, email);
var token = UserManager.GenerateUserToken(purpose, user.Id);
UserManager.SendEmail(email, "Security Code", token);
}
}
catch (Exception ex)
{
result.Status = Core.Enums.ApiStatusCode.SystemError;
result.Error = ex.Message;
}
return(Json(result));
}
public JsonResult <ApiBaseResponse> ChangeEmail([FromUri] Guid userId, string email, string code)
{
var result = new ApiBaseResponse();
try
{
var user = UserManager.FindById(userId);
var validCode = UserManager.VerifyUserToken(userId, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, email), code);
if (!validCode || user == null)
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
return(Json(result));
}
user.Email = email;
if (!UserManager.Update(user).Succeeded)
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
}
}
catch (Exception ex)
{
result.Status = Core.Enums.ApiStatusCode.SystemError;
result.Error = ex.Message;
}
return(Json(result));
}
public JsonResult <ApiBaseResponse> SendCodeBySms(Guid userId, string phoneNumber)
{
var result = new ApiBaseResponse();
try
{
var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindById(userId));
if (user == null)
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
}
else
{
var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, phoneNumber);
var token = UserManager.GenerateUserToken(purpose, user.Id);
ServicesHost.GetService <ISmsService>().SendSmsMessage(phoneNumber, token);
}
}
catch (Exception ex)
{
result.Status = Core.Enums.ApiStatusCode.SystemError;
result.Error = ex.Message;
}
return(Json(result));
}
public JsonResult <ApiBaseResponse> LoginByPhone([FromUri] string phoneNumber)
{
var result = new ApiBaseResponse();
try
{
var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByPhoneNumber(phoneNumber));
if (user == null)
{
var userEntity = new OntextUser();
var phone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(phoneNumber) ?? new ApiPhone
{
Number = phoneNumber
};
userEntity.UserName = Guid.NewGuid().ToString();
userEntity.TwoFactorEnabled = true;
var userPassword = OntextSettings.UserDefaultPassword;
var r = UserManager.Create(userEntity, userPassword);
if (!r.Succeeded)
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
return(Json(result));
}
phone.UserId = userEntity.Id;
ServicesHost.GetService <IPhonesProvider>().Save(phone);
user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByPhoneNumber(phoneNumber));
}
var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, phoneNumber);
var token = UserManager.GenerateUserToken(purpose, user.Id);
#if DEBUG
UserManager.SendEmail(ConfigurationManager.AppSettings["Email"], "Security Code", token);
#else
UserManager.SendSms(phoneNumber, token);
#endif
}
catch (Exception ex)
{
result.Status = Core.Enums.ApiStatusCode.SystemError;
result.Error = ex.Message;
}
return(Json(result));
}
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin") ?? "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager <OntextUserManager>();
var username = context.UserName;
var otp = context.Password;
var emailValidator = new EmailAddressAttribute();
var user = emailValidator.IsValid(username)
? userManager.FindByEmail(username)
: userManager.FindByPhoneNumber(username);
if (user == null || !userManager.VerifyUserToken(user.Id, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, username), otp))
{
context.SetError("invalid_grant", "The phone number or code is incorrect.");
return(Task.FromResult <object>(null));
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"as:client_id", context.ClientId ?? string.Empty
},
{
"userName", context.UserName
},
{
"userId", user.Id.ToString()
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
return(Task.FromResult <object>(null));
}
public JsonResult <ApiBaseResponse> ChangePhoneNumber([FromUri] Guid userId, string oldPhoneNumber, string newPhoneNumber, string code)
{
var result = new ApiBaseResponse();
try
{
var user = UserManager.FindById(userId);
var oldPhone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(oldPhoneNumber);
var newPhone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(newPhoneNumber);
var validCode = UserManager.VerifyUserToken(userId, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, newPhoneNumber), code);
if (!validCode || user == null || (oldPhone == null || oldPhone.UserId != userId) ||
(newPhone != null && newPhone.UserId.HasValue && newPhone.UserId != Guid.Empty))
{
result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData;
return(Json(result));
}
if (newPhone == null)
{
newPhone = new ApiPhone {
Number = newPhoneNumber, UserId = user.Id
};
ServicesHost.GetService <IPhonesProvider>().Save(newPhone);
}
else
{
newPhone.UserId = user.Id;
ServicesHost.GetService <IPhonesProvider>().Save(newPhone);
}
oldPhone.UserId = null;
ServicesHost.GetService <IPhonesProvider>().Save(oldPhone);
}
catch (Exception ex)
{
result.Status = Core.Enums.ApiStatusCode.SystemError;
result.Error = ex.Message;
}
return(Json(result));
}
