public JsonResult <ApiBaseResponse> LoginByEmail([FromUri] string email) { var result = new ApiBaseResponse(); try { var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByEmail(email)); if (user == null) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; } else { var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, email); var token = UserManager.GenerateUserToken(purpose, user.Id); UserManager.SendEmail(email, "Security Code", token); } } catch (Exception ex) { result.Status = Core.Enums.ApiStatusCode.SystemError; result.Error = ex.Message; } return(Json(result)); }
public JsonResult <ApiBaseResponse> ChangeEmail([FromUri] Guid userId, string email, string code) { var result = new ApiBaseResponse(); try { var user = UserManager.FindById(userId); var validCode = UserManager.VerifyUserToken(userId, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, email), code); if (!validCode || user == null) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; return(Json(result)); } user.Email = email; if (!UserManager.Update(user).Succeeded) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; } } catch (Exception ex) { result.Status = Core.Enums.ApiStatusCode.SystemError; result.Error = ex.Message; } return(Json(result)); }
public JsonResult <ApiBaseResponse> SendCodeBySms(Guid userId, string phoneNumber) { var result = new ApiBaseResponse(); try { var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindById(userId)); if (user == null) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; } else { var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, phoneNumber); var token = UserManager.GenerateUserToken(purpose, user.Id); ServicesHost.GetService <ISmsService>().SendSmsMessage(phoneNumber, token); } } catch (Exception ex) { result.Status = Core.Enums.ApiStatusCode.SystemError; result.Error = ex.Message; } return(Json(result)); }
public JsonResult <ApiBaseResponse> LoginByPhone([FromUri] string phoneNumber) { var result = new ApiBaseResponse(); try { var user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByPhoneNumber(phoneNumber)); if (user == null) { var userEntity = new OntextUser(); var phone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(phoneNumber) ?? new ApiPhone { Number = phoneNumber }; userEntity.UserName = Guid.NewGuid().ToString(); userEntity.TwoFactorEnabled = true; var userPassword = OntextSettings.UserDefaultPassword; var r = UserManager.Create(userEntity, userPassword); if (!r.Succeeded) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; return(Json(result)); } phone.UserId = userEntity.Id; ServicesHost.GetService <IPhonesProvider>().Save(phone); user = Mapper.Map <OntextUser, ApiUser>(UserManager.FindByPhoneNumber(phoneNumber)); } var purpose = IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, phoneNumber); var token = UserManager.GenerateUserToken(purpose, user.Id); #if DEBUG UserManager.SendEmail(ConfigurationManager.AppSettings["Email"], "Security Code", token); #else UserManager.SendSms(phoneNumber, token); #endif } catch (Exception ex) { result.Status = Core.Enums.ApiStatusCode.SystemError; result.Error = ex.Message; } return(Json(result)); }
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin") ?? "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var userManager = context.OwinContext.GetUserManager <OntextUserManager>(); var username = context.UserName; var otp = context.Password; var emailValidator = new EmailAddressAttribute(); var user = emailValidator.IsValid(username) ? userManager.FindByEmail(username) : userManager.FindByPhoneNumber(username); if (user == null || !userManager.VerifyUserToken(user.Id, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Loging, username), otp)) { context.SetError("invalid_grant", "The phone number or code is incorrect."); return(Task.FromResult <object>(null)); } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); var props = new AuthenticationProperties(new Dictionary <string, string> { { "as:client_id", context.ClientId ?? string.Empty }, { "userName", context.UserName }, { "userId", user.Id.ToString() } }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); return(Task.FromResult <object>(null)); }
public JsonResult <ApiBaseResponse> ChangePhoneNumber([FromUri] Guid userId, string oldPhoneNumber, string newPhoneNumber, string code) { var result = new ApiBaseResponse(); try { var user = UserManager.FindById(userId); var oldPhone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(oldPhoneNumber); var newPhone = ServicesHost.GetService <IPhonesProvider>().GetByPhoneNumber(newPhoneNumber); var validCode = UserManager.VerifyUserToken(userId, IdentityUserTokenHelper.GenerateTokenPurpose(IdentityUserTokenHelper.TokenPurpose.Editing, newPhoneNumber), code); if (!validCode || user == null || (oldPhone == null || oldPhone.UserId != userId) || (newPhone != null && newPhone.UserId.HasValue && newPhone.UserId != Guid.Empty)) { result.Status = Core.Enums.ApiStatusCode.WrongArgumentsOrData; return(Json(result)); } if (newPhone == null) { newPhone = new ApiPhone { Number = newPhoneNumber, UserId = user.Id }; ServicesHost.GetService <IPhonesProvider>().Save(newPhone); } else { newPhone.UserId = user.Id; ServicesHost.GetService <IPhonesProvider>().Save(newPhone); } oldPhone.UserId = null; ServicesHost.GetService <IPhonesProvider>().Save(oldPhone); } catch (Exception ex) { result.Status = Core.Enums.ApiStatusCode.SystemError; result.Error = ex.Message; } return(Json(result)); }