public IActionResult VerifyVerificationCodeSms(MobileVerificationDto dto) { var mobileNumber = CryptographyHelper.Decrypt(dto.EncryptedMobileNumber); var user = UnitOfWork.UserRepository.Find(u => u.MobileNumber == mobileNumber).FirstOrDefault(); if (user == null) { return(NotFound()); } bool result = UserManager.VerifyVerificationCodeSms(user, dto.Code); if (result) { var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.Mobile); if (nextStep == AuthenticationSteps.Done.ToString()) { return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId))); } else { return(Ok(new { NextRoute = nextStep })); } } else { return(StatusCode(400, new { Error = "کد ارسالی مورد تأیید نمی باشد" })); } }
public IActionResult Authenticate(IbTokenAuthenticate dto) { try { //UserAccount obj = DatabaseManagement.UserAccountManagement.ReadByUserName(userName); var user = UnitOfWork.UserRepository.Find(u => u.UserName == dto.UserName).FirstOrDefault(); if (user == null) { return(NotFound(new { Error = "چنین کاربری در سیستم وجود ندارد" })); } byte[] serialNumber = Encoding.ASCII.GetBytes("12346578");; int[] randomKeys = dto.RandomKeys; if (true)//TokenUtility.CheckAlgorithm(randomKeys, serialNumber, dto.TokenResult)) { var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.HardwareToken); if (nextStep == AuthenticationSteps.Done.ToString()) { return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId))); } else { return(Ok(new { NextRoute = nextStep })); } } else { return(BadRequest()); } } catch (Exception ex) { return(BadRequest()); } }
public IActionResult RefreshToken(RefreshTokenDto dto) { if (User?.Identity?.Name == null) { return(Unauthorized()); } return(new ObjectResult(JwtHandler.Create(User.Identity.Name, SecurityLevel, dto.ApplicationId, 0))); }
public IActionResult Login(UserCredentialsDto dto) { try { var captchaValidated = CaptchaHelper.ValidateCaptcha(dto.CaptchaKey, dto.UserCaptchaInput); if (captchaValidated == true) { var setting = UnitOfWork.SettingRepository.GetAll().FirstOrDefault(); if (setting == null) { return(StatusCode(500, new { Error = "تنظیمات سیستم تعریف نشده است" })); } var user = UnitOfWork.UserRepository.Find(u => u.UserName == dto.UserName).FirstOrDefault(); if (user == null) { return(Unauthorized(new { Error = "نام کاربری یا کلمه عبور اشتباه است" })); } if (UserManager.IsUserLocked(user)) { return(Unauthorized(new { Error = "حساب کاربری شما به علت وارد کردن رمز عبور اشتباه بیش از حد مجاز برای دقایقی مسدود شده است." })); } var result = UserManager.VerifyPassword(dto.UserName, dto.Password); if (result == "Failed") { UserManager.IncreaseUserFailedPasswordCount(user); if (UserManager.HasUserPassedMaxFailedPasswordCount(user, setting)) { UserManager.LockUser(user, setting); UnitOfWork.Complete(); return(Unauthorized(new { Error = "حساب کاربری شما به علت وارد کردن رمز عبور اشتباه بیش از حد مجاز برای دقایقی مسدود شده است." })); } UnitOfWork.Complete(); return(Unauthorized(new { Error = "نام کاربری یا کلمه عبور اشتباه است" })); } UserManager.UnlockUser(user); var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.Login); if (nextStep == AuthenticationSteps.Done.ToString()) { return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId))); } else { return(Ok(new { NextRoute = nextStep })); } } else { return(StatusCode(400, new { Error = "کلید تصویر امنیتی معتبر نمی باشد" })); } } catch (Exception ex) { return(StatusCode(500, ex)); } }
public void Generate() { var token = _jwtHandler.Create(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, "hamèd"), new Claim(ClaimTypes.Name, "User") })); var claims = _jwtHandler.Validate(token); }
public void ShouldCreateValidTokenWhenKeysAreValid() { var jwtSettingsMock = new Mock <IOptions <JwtSettings> >(); var jwtSettings = new JwtSettings(); jwtSettings.Issuer = "http://localhost:5000"; jwtSettings.PrivateKeyXML = "private-key.xml"; jwtSettings.PublicKeyXML = "public-key.xml"; jwtSettingsMock.Setup(j => j.Value).Returns(jwtSettings); var jwtHandler = new JwtHandler(jwtSettingsMock.Object); var token = jwtHandler.Create(Guid.NewGuid().ToString()); var tokenHandler = new JwtSecurityTokenHandler(); var exception = Record.Exception(() => tokenHandler.ValidateToken(token.Token, jwtHandler.Parameters, out _)); Assert.Null(exception); }
public void Token_Service_Generate_Tokens() { var secret = Guid.NewGuid().ToString(); var options = Options.Create <JwtOptions>(new JwtOptions { ExpiryMinutes = 2, Issuer = "JuntoSeguros", SecretKey = secret }); var jwtProvider = new JwtHandler(options); var token = jwtProvider.Create("my_login", "my_name"); Assert.NotNull(token); Assert.IsNotEmpty(token.Token); var decodedToken = jwtProvider.Decode(token.Token); Assert.NotNull(decodedToken); Assert.AreEqual(decodedToken.Login, "my_login"); Assert.AreEqual(decodedToken.Name, "my_name"); }