public async Task <IActionResult> Login([FromBody] LoginUserResource credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//check credentials
var user = await userManager.FindByNameAsync(credentials.UserName);
if (user == null)
{
ModelState.AddModelError("login_failure", "Invalid credentials");
return(BadRequest(ModelState));
}
if (!await userManager.CheckPasswordAsync(user, credentials.Password))
{
ModelState.AddModelError("login_failure", "Invalid credentials");
return(BadRequest(ModelState));
}
var jwt = await jwtFactory.GenerateJwtAsync(user.Id, credentials.UserName,
credentials.Password, new JsonSerializerSettings { Formatting = Formatting.Indented });
return(Ok(jwt));
}
public async Task <ServiceResponse <UserLoginDetails> > LoginAsync(LoginUserResource loginUserResource)
{
try
{
var user = await _userRepository.LoginAsync(loginUserResource);
if (user != null)
{
var userDetails = _mapper.Map <User, UserLoginDetails>(user);
var token = Guid.NewGuid().ToString();
await _userRepository.CreateSession(user.Id, token);
await _unitOfWork.CompleteAsync();
userDetails.Token = token;
return(new ServiceResponse <UserLoginDetails>(userDetails));
}
else
{
return(new ServiceResponse <UserLoginDetails>("Invalid Email or Password"));
}
}
catch (Exception ex)
{
return(new ServiceResponse <UserLoginDetails>($"Internal Service Error: {ex.Message}"));
}
}
public IActionResult Login([FromBody] LoginUserResource loginUserResource)
{
var user = mapper.Map <LoginUserResource, User>(loginUserResource);
var userEmail = unitOfWork.Accounts.FindUserByEmail(user.Email);
if (userEmail == null)
{
return(NotFound(new ApiResponse(404, "User not found")));
}
var hashedPassword = userEmail.Password;
if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword))
{
return(Unauthorized(new ApiResponse(401, "Username or password don't match")));
}
var token = unitOfWork.Accounts.Login(user, _auth);
return(new ObjectResult(new
{
access_token = token.AccessToken,
expires_in = token.ExpiresIn,
token_type = token.TokenType,
creation_Time = token.ValidFrom,
expiration_Time = token.ValidTo,
user_Id = userEmail.Id,
user_name = userEmail.Name,
user_image = userEmail.ImageUrl
}));
}
public async Task <LoginUserResponse> Login(LoginUserResource loginUserResource)
{
try
{
var userFromRepository = await _authRepository.Login(loginUserResource.Email.ToLower(), loginUserResource.Password);
if (userFromRepository != null)
{
//generate token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:Token").Value);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.NameIdentifier, userFromRepository.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepository.Email)
}),
Expires = DateTime.Now.AddHours(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
return(new LoginUserResponse(userFromRepository, tokenString));
}
return(new LoginUserResponse("Unauthorized"));
}
catch (Exception ex)
{
return(new LoginUserResponse($"An error occurred when loging the user: {ex.Message}"));
}
}
public async Task <User> LoginAsync(LoginUserResource loginUserResource)
{
loginUserResource.Password = loginUserResource.Password.GetHashed();
var user = await _context.User
.FirstOrDefaultAsync(user => user.Email == loginUserResource.Email && user.Password == loginUserResource.Password && user.UserRole == loginUserResource.UserRole);
return(user);
}
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource)
{
if (ModelState.IsValid)
{
var user = await this.userManager.FindByEmailAsync(loginUserResource.Email);
if (user == null || !await this.userManager.CheckPasswordAsync(user, loginUserResource.Password))
{
ModelState.AddModelError("", "Email and password does not match");
return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState)));
}
else if (!user.EmailConfirmed && await this.userManager.CheckPasswordAsync(user, loginUserResource.Password))
{
ModelState.AddModelError("", "Email not confirmed yet");
return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState)));
}
else if (!user.IsActive)
{
ModelState.AddModelError("Auth", "User has disactivated");
return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState)));
}
var result = await this.signInManager.CheckPasswordSignInAsync(user, loginUserResource.Password, false);
if (!result.Succeeded)
{
ModelState.AddModelError("", "Email and password does not match");
return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState)));
}
else
{
var newRefreshToken = new RefreshToken
{
UserId = user.Id,
AccessToken = await GenerateAccessTokenAsync(user),
Token = Guid.NewGuid().ToString(),
CreatedAt = DateTime.Now
};
this.refreshTokenRepository.Add(newRefreshToken);
await this.unitOfWork.CompleteAsync();
var response = new TokenResource()
{
AccessToken = newRefreshToken.AccessToken,
RefreshToken = newRefreshToken.Token
};
return(new OkObjectResult(response));
}
}
return(new BadRequestObjectResult(new BadRequestResource(ModelState)));
}
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource)
{
if (ModelState.IsValid)
{
var signedInUser = await _userService.CheckPasswordSignInAsync(loginUserResource.UserName, loginUserResource.Password);
var accessToken = await GenerateAccessTokenAsync(signedInUser);
var refreshTokenDto = await _refreshTokenService.GetNew(signedInUser.Id, accessToken);
return(new OkObjectResult(_mapper.Map <RefreshTokenDto, TokenResource>(refreshTokenDto)));
}
return(new BadRequestObjectResult(new { message = "Failed to register" }));
}
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource)
{
var result = await _authService.Login(loginUserResource);
if (result.User == null)
{
return(Unauthorized(new ErrorResource(result.Message)));
}
if (!result.Success)
{
return(BadRequest(new ErrorResource(result.Message)));
}
return(Ok(result.Token));
}
public async Task <IActionResult> LoginAsync([FromBody] LoginUserResource loginUserResource)
{
try
{
var result = await _userService.LoginAsync(loginUserResource);
if (!result.Success)
{
return(BadRequest(new FailureResponse(result.Message)));
}
var userDeails = result.Resource;
return(Ok(new CResponse <UserLoginDetails>(result.Success, userDeails)));
}
catch (Exception ex)
{
return(StatusCode(StatusCodes.Status500InternalServerError, new FailureResponse($"Internal Server Error: {ex.Message}")));
}
}
public async Task <IActionResult> Login([FromBody] LoginUserResource user)
{
// 1. Get user to login from database.
var loggedInUser = await _userRepo.Login(user.Username, user.Password);
// 2. If user not exists notify error.
if (loggedInUser == null)
{
return(Unauthorized());
}
// 3. Specify cliams which stores in token. Claims should be as minimum as possible.
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, loggedInUser.Id.ToString()),
new Claim(ClaimTypes.Name,
string.IsNullOrEmpty(loggedInUser.Username) ? loggedInUser.Email : loggedInUser.Username)
};
// 4. Generate token using Json Web Token (JWT)
var tokenHandler = new JwtSecurityTokenHandler();
// 5. Get secret key from setting file.
var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Secret").Value);
// 6. Create token descriptor
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha512Signature)
};
// 7. Create token.
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
var returnUser = _mapper.Map <User>(loggedInUser);
// 8. Return token string and user resource object containing necessary user info.
return(Ok(new
{
token = tokenString,
user = returnUser
}));
}
public async Task <ActionResult <User> > Login(LoginUserResource loginInfo)
{
var user = await UnitOfWork.Users.SingleOrDefault(u => u.Email == loginInfo.Email);
if (user == null)
{
throw new RestError(HttpStatusCode.BadRequest, new { Email = "Email or password is wrong" });
}
if (!Hasher <User> .Verify(user, user.Password, loginInfo.Password))
{
throw new RestError(HttpStatusCode.BadRequest, new { Email = "Email or password is wrong" });
}
var response = Mapper.Map <User, ReadUserResource>(user);
response.Token = jwtGenerator.CreateToken(user);
return(Ok(response));
}
public async Task <ActionResult> Login([FromBody] LoginUserResource loginUser)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.GetErrorMessages()));
}
var result = await _signInManager.PasswordSignInAsync(loginUser.Email, loginUser.Password, false, false); //primeiro false = guardar resultado. segundo false = trava depois de 5 tentativas
if (result.Succeeded)
{
return(Ok(await GerarJwt(loginUser.Email)));
}
if (result.IsLockedOut)
{
return(BadRequest(loginUser));
}
return(BadRequest(loginUser));
}
public async Task <IActionResult> Login(LoginUserResource userForLogin)
{
var user = _mapper.Map <LoginUserResource, User>(userForLogin);
var userFromRepo = await _repo.Login(user, userForLogin.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token)
}));
}
public async Task <IActionResult> ResendConfirmationEmail([FromBody] LoginUserResource loginUserResource)
{
if (ModelState.IsValid)
{
var user = await this.userManager.FindByEmailAsync(loginUserResource.Email);
if (user == null || !await this.userManager.CheckPasswordAsync(user, loginUserResource.Password))
{
ModelState.AddModelError("", "Email and password does not match");
return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState)));
}
else if (!user.EmailConfirmed)
{
var token = await this.userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Action(
"ConfirmEmail",
"Auth",
values: new EmailConfirmationResource {
UserId = user.Id, Token = token
},
protocol: Request.Scheme);
return(new OkObjectResult(new { callbackUrl = callbackUrl }));
}
else
{
ModelState.AddModelError("", "Email is already confirmed");
return(new BadRequestObjectResult(new BadRequestResource(ModelState)));
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "Failed to resend confirmation email");
return(new BadRequestObjectResult(new BadRequestResource(ModelState)));
}
