// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.Run(async(context) =>
{
string authHeader = context.Request.Headers["Authorization"];
string[] parts = authHeader.Split(" ");
string token = parts[1];
context.Response.ContentType = "application/json";
JwtAuthManager jwtAuthManager = new JwtAuthManager();
bool isValid = jwtAuthManager.ValidateToken(token);
if (isValid)
{
await context.Response.WriteAsync("{\"Hello\": \"World\"}");
}
else
{
string newToken = jwtAuthManager.GenerateJWTToken();
Console.WriteLine(newToken);
await context.Response.WriteAsync("{\"Hello\": \"Error\"}");
}
});
}
public HttpResponseMessage Authentication(AuthenticationDTO authentication)
{
try
{
AuthenticationValidation(authentication);
IAuthentication blAuthentication = ApplicationInstance.ucApplication.Resolve <IAuthentication>();
UserBE objUserBE = blAuthentication.Login(authentication.username, authentication.password);
if (objUserBE != null)
{
// crear token
string strToken = JwtAuthManager.GenerateJWTToken(Convert.ToString(objUserBE.Id));
// establecer la cache de la session, permisos, roles, tiempo de session
new ApplicationController().SetPrincipal(objUserBE.Id.Value, strToken);
return(Request.CreateResponse(HttpStatusCode.OK, new { token = strToken, user = new { id = objUserBE.Id.ToString(), name = objUserBE.Name } }));
}
else
{
throw new ArgumentException(messageLoginError);
}
}
catch (Exception ex)
{
ExceptionHandler.HandleException(ex, PolicyType.Api);
return(Request.CreateResponse(HttpStatusCode.Unauthorized, ex.Message));
}
}
public IHttpActionResult GetToken([FromBody] string[] credentials)
{
string username = credentials[0];
string password = credentials[1];
LoginService loginService = new LoginService();
ILoginToken loginToken;
try
{
loginToken = loginService.TryLoginAllUsers(username, password);
}
catch (WrongPasswordException ex)
{
ex.GetType();
return(Unauthorized());
}
if (loginToken != null)
{
return(Ok(JwtAuthManager.GenerateJWTToken(loginToken)));
}
else
{
return(Unauthorized());
}
}
public HttpResponseMessage PostRequestToken(UserDTO userDto)
{
if (CheckCredentials(userDto.Email, userDto.Password))
{
DateTime expiration = DateTime.UtcNow.AddHours(1);
string token = JwtAuthManager.GenerateJWTToken(userDto.Email, expiration, db);
User user = db.Users.Where(u => u.Email.Equals(userDto.Email)).FirstOrDefault();
user.FavouritesIds = user.Favorites.Select(f => f.Id).ToList();
long expirationMillis = Convert.ToInt64(
expiration
.Subtract(new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc))
.TotalMilliseconds
);
var resp = new SuccessfulSignInDTO
{
Token = token,
Expiration = expirationMillis,
User = user
};
return(Request.CreateResponse(HttpStatusCode.OK, resp));
}
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Внесената email адреса или лозинка е погрешна"));
}
public static clsKeyValue GetKeys()
{
DP_TPEntities db = new DP_TPEntities();
JwtAuthManager jwt = new JwtAuthManager();
string Key = db.AppKeys.Where(x => x.vKey == "key").FirstOrDefault().vvalue;
string XIBMClientId = db.AppKeys.Where(x => x.vKey == "XIBMClientId").FirstOrDefault().vvalue;
string easebuzzsalt = db.AppKeys.Where(x => x.vKey == "easebuzzsalt").FirstOrDefault().vvalue;
string easebuzzkey = db.AppKeys.Where(x => x.vKey == "easebuzzkey").FirstOrDefault().vvalue;
string easebuzzenv = db.AppKeys.Where(x => x.vKey == "easebuzzenv").FirstOrDefault().vvalue;
string payUsalt = db.AppKeys.Where(x => x.vKey == "payUsalt").FirstOrDefault().vvalue;
string payUkey = db.AppKeys.Where(x => x.vKey == "payUkey").FirstOrDefault().vvalue;
string payUzenv = db.AppKeys.Where(x => x.vKey == "payUenv").FirstOrDefault().vvalue;
string XIBMClientSecret = db.AppKeys.Where(x => x.vKey == "XIBMClientSecret").FirstOrDefault().vvalue;
string SessionKey = DateTime.Now.ToString("yyyyMMddHHmmssfffffff");
string AxisSetuAPIURL = db.AppKeys.Where(x => x.vKey == "AxisSetuAPIURL").FirstOrDefault().vvalue;
string JWT = "Bearer " + jwt.GenerateJWTToken();
return(new clsKeyValue()
{
Key = Key, XIBMClientId = XIBMClientId,
XIBMClientSecret = XIBMClientSecret, SessionID = SessionKey, JWT = JWT,
easebuzzenv = easebuzzenv,
easebuzzkey = easebuzzkey,
easebuzzsalt = easebuzzsalt,
AxisSetuAPIURL = AxisSetuAPIURL,
payUsalt = payUsalt,
payUkey = payUkey,
payUenv = payUzenv
});
}
public HttpResponseMessage Get(string username, string password)
{
if (CheckUser(username, password))
{
return(Request.CreateResponse(HttpStatusCode.OK,
JwtAuthManager.GenerateJWTToken(username)));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
"Invalid Request"));
}
}
public HttpResponseMessage Post(Users user)
{
if (CheckUser(user))
{
return(Request.CreateResponse(HttpStatusCode.OK,
JwtAuthManager.GenerateJWTToken(user.username)));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
"Invalid Request"));
}
}
public HttpResponseMessage PostLogin(User user)
{
var message = new HttpResponseMessage(HttpStatusCode.NotAcceptable);
if (!ModelState.IsValid)
{
message.Content = new StringContent("Invalid Model");
return(message);
}
if (repository.ValidateRegisteredUser(user))
{
var mId = repository.GetLoggedUserID(user);
User mUser = db.User.Find(mId);
mUser.Token = JwtAuthManager.GenerateJWTToken(mId + "");
if (mUser != null)
{
db.Entry(mUser).State = EntityState.Modified;
try
{
db.SaveChanges();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, mUser);
return(response);
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(mId))
{
message.Content = new StringContent("User not exist");
return(message);
}
else
{
throw;
}
}
}
else
{
message.Content = new StringContent("User not exist");
return(message);
}
}
else
{
message.Content = new StringContent("Wrong user name or password");
return(message);
}
}
public HttpResponseMessage CreateToken([FromBody] UserDTO userDTO)
{
string username = null, password = null, clientId = null;
username = userDTO.UserName;
password = userDTO.UserPassword;
clientId = userDTO.ClientID;
if (CheckUser(username, password))
{
return(Request.CreateResponse(HttpStatusCode.OK, JwtAuthManager.GenerateJWTToken(username)));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid Request"));
}
}
public async Task <ActionResult> Login(LoginDTO loginDto)
{
var user = _context.TblUser.FirstOrDefault(x => x.Email == loginDto.Email);
if (user == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized));
}
if (!VerifyPasswordHash(loginDto.Password, user.Password, user.Salt))
{
return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized));
}
return(new HttpStatusCodeResult(HttpStatusCode.OK,
JwtAuthManager.GenerateJWTToken(loginDto.Email)));
// return Ok(new { token = tokenHandler.WriteToken(token), email = userFromRepo.Email, fullname = userFromRepo.FullName });
}
public HttpResponseMessage Validate(string email, string password)
{
loggerService.Logger().Info("Calling with parameter as : email and password: "******" and " + password);
UserDTO user = _userService.ValidateUser(email, password);
if (user == null)
{
var errorPayload = new
{
code = HttpStatusCode.Forbidden,
message = "Invalid username or password",
type = "ERROR"
};
return(Request.CreateResponse(HttpStatusCode.Unauthorized, errorPayload, Configuration.Formatters.JsonFormatter));
}
var tokenPayload = new
{
access_token = JwtAuthManager.GenerateJWTToken(user)
};
return(Request.CreateResponse(HttpStatusCode.OK, tokenPayload, Configuration.Formatters.JsonFormatter));
}
public HttpResponseMessage Post([FromBody] AuthUser user)
{
if (user == null)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest,
"Invalid Request"));
}
if (CheckUser(user.Email, user.Password))
{
return(Request.CreateResponse(HttpStatusCode.OK, JObject.Parse("{'token':'" + JwtAuthManager.GenerateJWTToken(user.Email) + "'}")
, JsonMediaTypeFormatter.DefaultMediaType));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
"Unauthorized"));
}
}
public async Task <ResultObject> Login([FromBody] AuthParam authParam)
{
var branch = await branchAppService.GetBranchByBranchCodeAsync(authParam.BranchCode);
ResultObject resultObject = new ResultObject();
if (branch == null)
{
resultObject.Result = null;
resultObject.ServerErrors.Add(new ServerErr()
{
Hint = ErrorMessages.NotFoundBranch, Type = ConstErrorTypes.BussinessError
});
return(resultObject);
}
var userDto = await userAppService.FindUser(authParam.UserName, authParam.Password, branch.ID);
if (userDto == null)
{
resultObject.Result = userDto;
resultObject.ServerErrors.Add(new ServerErr()
{
Hint = ErrorMessages.NotuserFound
});
return(resultObject);
}
AttachmentFilterDto filter = new AttachmentFilterDto()
{
UserID = userDto.ID,
CategoryID = ConstAttachmentTypeCategory.User,
pageNumber = 1
};
var userAttachments = await uploadAppService.GetAllAttachmentsAsync(filter);
userDto.PicturePath = ((IEnumerable <AttachmentDto>)(userAttachments.Results))?.FirstOrDefault()?.Path;
if (userDto.IsActive == false)
{
resultObject.Result = userDto;
resultObject.ServerErrors.Add(new ServerErr()
{
Hint = ErrorMessages.UserNotEnable
});
return(resultObject);
}
else if (userDto.UserBranch == null)
{
resultObject.Result = null;
resultObject.ServerErrors.Add(new ServerErr()
{
Hint = ErrorMessages.NotAccessbranch, Type = ConstErrorTypes.BussinessError
});
return(resultObject);
}
else if (!userDto.UserBranch.Branch.IsActive)
{
resultObject.Result = null;
resultObject.ServerErrors.Add(new ServerErr()
{
Hint = "شعبه فعال نمی باشد.", Type = ConstErrorTypes.BussinessError
});
return(resultObject);
}
if (userDto != null)
{
userDto.Token = JwtAuthManager.GenerateJWTToken(username: authParam.UserName, userID: userDto.ID);
if (userDto.IsRequireChangePass)
{
var changePassActivity = new ActivityDto()
{
Id = ConstActivities.changePassword,
ParentId = 2,
Name = "changePassword",
Title = "تغییر رمز",
Path = "/mp/changePassword",
IsMenu = true,
IsActive = true,
IconClass = "key",
Description = "شما ملزم به تغییر رمز عبور می باشید. لطفا رمز عبور را تغییر داده و دوباره به سیستم وارد شوید."
};
userDto.ActivityDtos.Add(changePassActivity);
}
else
{
userDto.ActivityDtos = await accessControl.GetActivitiesAsync(userDto.ID, userDto.UserBranch.BranchId, userDto.IsRequireChangePass);
}
}
//notificationAppService.SendMessage($"کاربر {userDto.UserName} {Environment.NewLine} ورود شما در تاریخ {DateConvertor.Instance.ConvertGregorianToPersianDate(DateTime.Now)} در سامانه صندوق های خرد محلی {userDto.UserBranch.BranchName} ثبت گردید ",
// userDto.PhoneNumber);
return(new ResultObject {
Result = userDto, ServerErrors = null
});
}
