public async Task <IActionResult> Login(LoginModel.InputModel input, string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
if (input != null && !string.IsNullOrWhiteSpace(input.Email))
{
var userIdentity = await _userManager.FindByEmailAsync(input.Email);
if (userIdentity != null)
{
var resultLogin = await _signInManager.PasswordSignInAsync(userIdentity, input.Password, false, false);
if (resultLogin.Succeeded)
{
return(LocalRedirect(returnUrl));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View());
}
}
}
}
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View());
}
public async Task <IActionResult> OnPostAsync([FromBody] LoginModel.InputModel input)
{
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(input.Email.ToUpper(), input.Password, input.RememberMe, lockoutOnFailure : true);
if (result.Succeeded)
{
var UserManager = _serviceProvider.GetRequiredService <UserManager <ApplicationUser> >();
var user = await UserManager.FindByEmailAsync(input.Email);
if (user != null)
{
var tokenString = GenerateJSONWebToken(user);
return(Ok(new { token = tokenString, status = 200, detail = "OK." }));
}
}
else if (result.IsLockedOut)
{
return(BadRequest(new { status = 400, detail = "Account has been locked out due to too many attempts." }));
}
}
return(BadRequest(new { status = 400, detail = "Invalid login information." }));
}
//public async Task<IActionResult> Login([FromBody] LoginViewModel model)
public async Task <IActionResult> Login([FromBody] LoginModel.InputModel model)
{
try
{
if (ModelState.IsValid)
{
var user = await _UserManager.FindByNameAsync(model.Email);
if (user == null)
{
return(BadRequest(ApiResponse.GetError("UserName is incorrect")));
}
else if (_PasswordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password) == PasswordVerificationResult.Success)
{
return(await GetToken(user));
}
else
{
return(BadRequest(ApiResponse.GetError("Password is incorrect!")));
}
}
else
{
return(BadRequest(ApiResponse.GetError(ModelState)));
}
}
catch (Exception ex)
{
_Logger.LogError($"error while creating token: {ex}");
return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token"));
}
}
public async Task <AuthorizeResponse> Authorize([FromBody] LoginModel.InputModel model)
{
if (!ModelState.IsValid)
{
throw new StatusCodeException(SituationCenter.Shared.Exceptions.StatusCode.ArgumentsIncorrect);
}
var user = await repository.FindUserByEmailAsync(model.Email);
if (user == null || !await repository.CheckUserPasswordAsync(user, model.Password))
{
throw new StatusCodeException(SituationCenter.Shared.Exceptions.StatusCode.AuthorizeError);
}
var claims = new Claim[]
{
new Claim(ClaimsIdentity.DefaultNameClaimType, user.Email),
new Claim(ClaimsIdentity.DefaultRoleClaimType, "user"),
new Claim(ClaimTypes.NameIdentifier, user.Id)
};
var identity = new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
var now = DateTime.UtcNow;
var jwt = new JwtSecurityToken(
issuer: MockAuthOptions.ISSUER,
audience: MockAuthOptions.AUDIENCE,
notBefore: now,
claims: identity.Claims,
expires: now.Add(TimeSpan.FromMinutes(MockAuthOptions.LIFETIME)),
signingCredentials: new SigningCredentials(MockAuthOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
logger.LogDebug($"Send token for {user.Email}");
return(AuthorizeResponse.Create(encodedJwt));
}
public async Task <IActionResult> Login([FromBody] LoginModel.InputModel model)
{
if (model == null || String.IsNullOrEmpty(model.Password) || String.IsNullOrEmpty(model.Email))
{
return(BadRequest());
}
var identityUser = await _signInManager.UserManager.FindByNameAsync(model.Email);
if (identityUser == null)
{
return(Json(new {
IsError = true,
Error = "Пользователь с данной электронной почтой не зарегистрирован"
}));
}
var signInResult = await _signInManager.PasswordSignInAsync(identityUser, model.Password, model.RememberMe, true);
if (signInResult.Succeeded)
{
return(Json(new {
IsError = false,
HashedPassword = StringEncryptor.EncryptString(model.Password, "TOMSK2018")
}));
}
return(Json(new {
IsError = true,
Error = "Введён неверный пароль"
}));
}
public async Task <IActionResult> GenerateToken(/*[FromForm]*/ [FromBody] LoginModel.InputModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user != null)
{
var result = await _userManager.CheckPasswordAsync(user, model.Password);
if (result == true)
{
var now = DateTime.UtcNow;
// Specifically add the jti (random nonce), iat (issued timestamp), and sub (subject/user) claims.
// You can add other claims here, if you want:
//var claims = new List<Claim>
//{
// new Claim(JwtRegisteredClaimNames.Sub, username),
// new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
// new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64)
//};
var userClaims = await _userManager.GetRolesAsync(user);
List <Claim> claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64));
//claims.AddRange(user.Claims.ToArray());
foreach (var x in userClaims)
{
claims.Add(new Claim(ClaimTypes.Role, x));
}
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("TokenAuthentication:SecretKey").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expries = TimeSpan.FromMinutes(3600);
var jwt = new JwtSecurityToken(
issuer: _config.GetSection("TokenAuthentication:Issuer").Value,
audience: _config.GetSection("TokenAuthentication:Audience").Value,
claims: claims,
notBefore: now,
expires: now.Add(expries),
signingCredentials: creds);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
access_token = encodedJwt,
expires_in = (int)expries.TotalSeconds,
expires = now.Add(expries),
};
return(Ok(response));
}
}
return(BadRequest("Could not create token"));
}
public CompanyDbContext CreateCompanyDbContext(LoginModel.InputModel model)
{
var connectionString = ConnectionString.Replace("{database}", model.CompanyCode).Replace("{user id}", model.Email).Replace("{password}", model.Password);
var dbContext = new CompanyDbContext(connectionString);
return(dbContext);
}
public async Task TestLoginAccount(string email, string password)
{
using (var db = new AppDbContext(Utilities.Utilities.TestAppDbContext()))
{
var signInManagerMock = new Mock <FakeSignInManager>();
signInManagerMock.Setup(fsim => fsim.PasswordSignInAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>()))
.ReturnsAsync(Microsoft.AspNetCore.Identity.SignInResult.Success);
// Arrange
//---* FOR USAGE OF User.Identity *---//
//Create test user
var fakeIdentity = new GenericIdentity("*****@*****.**");
var principal = new ClaimsPrincipal(fakeIdentity);
var httpContext = new DefaultHttpContext()
{
User = principal
};
//need these as well for the page context
var modelState = new ModelStateDictionary();
var actionContext = new ActionContext(httpContext, new RouteData(), new PageActionDescriptor(), modelState);
var modelMetadataProvider = new EmptyModelMetadataProvider();
var viewData = new ViewDataDictionary(modelMetadataProvider, modelState);
// need page context for the page model
var pageContext = new PageContext(actionContext)
{
ViewData = viewData
};
LoginModel loginModel = new LoginModel(
signInManagerMock.Object
)
{
PageContext = pageContext
};
var inputModel = new LoginModel.InputModel();
inputModel.Email = email;
inputModel.Password = password;
loginModel.Input = inputModel;
// Act
await loginModel.OnPostAsync("Index");
var um = new FakeSignInManager();
var loginResult = um.IsSignedIn(loginModel.User);
// Assert
Assert.True(
loginResult
);
}
}
public async Task <QueryResult <string> > LoginAsync(LoginModel.InputModel model)
{
try
{
var user = await _userManager.FindByNameAsync(model.Login);
if (user.Status)
{
var result = await _signInManager.PasswordSignInAsync(model.Login, model.Password, model.RememberMe, lockoutOnFailure : false);
if (result.Succeeded)
{
return(new QueryResult <string>
{
Succeeded = true
});
}
else
{
return(new QueryResult <string>
{
Succeeded = false,
Message = "Erro, login ou senha invalio!"
});
}
}
else
{
return(new QueryResult <string>
{
Succeeded = false,
Message = "Erro, usuario inativo!"
});
}
}
catch (Exception)
{
return(new QueryResult <string>
{
Succeeded = false,
Message = "Erro, tente novamente!"
});
}
}
public async Task <IActionResult> Post([FromBody] LoginModel.InputModel request)
{
if (ModelState.IsValid)
{
//get user from request
var user = await _userManager.FindByEmailAsync(request.Email);
var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (!result.Succeeded)
{
return(BadRequest());
}
var claims = new[]
{
new Claim(ClaimTypes.Name, request.Email)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: Configuration["JWTissuer"],
audience: Configuration["JWTaudience"],
claims: claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds
);
return(Ok(new
{
id = user.Id,
username = user.UserName,
firstname = "",
lastname = "",
token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
return(BadRequest());
}
public async Task <IActionResult> Authenticate([FromBody] LoginModel.InputModel loginModel)
{
var result = await _signInManager.PasswordSignInAsync(loginModel.Email, loginModel.Password, loginModel.RememberMe, lockoutOnFailure : true);
// return null if user not found
if (result.Succeeded)
{
// authentication successful so generate jwt token
AuthServerUser usr = await _userManager.FindByNameAsync(loginModel.Email);
dynamic userDetail = await GetUserInfo(usr.Id.ToString());
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
byte[] key = System.Text.Encoding.ASCII.GetBytes("thisisrandomstring");
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, usr.Id.ToString()),
new Claim(ClaimTypes.GivenName, userDetail.employee.FirstName),
new Claim(ClaimTypes.Role, userDetail.employee.Role),
new Claim(ClaimTypes.PrimarySid, usr.carrierID + ""),
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok("{ \"token\": \"" + tokenHandler.WriteToken(token).ToString() + "\"}"));
}
if (result.IsLockedOut)
{
return(Ok("{ \"Error\": \"higher the number of attempts\"}"));
}
else
{
return(Ok("{ \"Error\": \"unable to login\"}"));
}
}
public async Task <IActionResult> OnPostAsync([FromBody] LoginModel.InputModel input)
{
var result = await _signInManager.PasswordSignInAsync(input.Email.ToLower(), input.Password, isPersistent : false, lockoutOnFailure : true);
if (result.Succeeded)
{
var UserManager = _serviceProvider.GetRequiredService <UserManager <ApplicationUser> >();
var user = await UserManager.FindByEmailAsync(input.Email);
if (user != null)
{
var tokenString = GenerateJSONWebToken(user);
return(Ok(new { token = tokenString, status = 200, title = "Logged in successfully." }));
}
}
if (result.IsLockedOut)
{
return(BadRequest(new { status = 400, errors = "Account has been locked out due to too many attempts." }));
}
return(Unauthorized(new { status = 401, errors = "Invalid login information." }));
}
